myaccount.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGihf7vCJkYmzbXuzgzdbFlbCT3bzfnAi2AKvAXFk5wHCPGqO8TMn6lKzdDnrnF...
Effective URL:
https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=1040...
Submission: On March 23 via api (March 23rd 2021, 8:01:36 pm UTC) from US

Summary HTTP 79 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 19 domains to perform 79 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is myaccount.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time myaccount.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.223.233.247 162.223.233.247	15334 (RESPONSYS) (RESPONSYS)
17	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2013	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:5a00:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:19a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:710... 2a02:26f0:7100:1a1::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:10c... 2a02:26f0:10c:58e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	92.123.14.137 92.123.14.137	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
4	184.30.24.193 184.30.24.193	16625 (AKAMAI-AS) (AKAMAI-AS)
2	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
2	52.200.208.53 52.200.208.53	14618 (AMAZON-AES) (AMAZON-AES)
2	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
3	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
79	26

1 162.223.233.247 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: e.newyorktimes.com

e.newyorktimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:5a00:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:19a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1a1::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:58e::25ea (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.14.137 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-14-137.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.200.208.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-208-53.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nytimes.com myaccount.nytimes.com a.nytimes.com a.et.nytimes.com dd.nytimes.com	826 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	519 KB
9	google.com www.google.com	74 KB
9	nyt.com g1.nyt.com a1.nyt.com typeface.nyt.com	251 KB
5	liveperson.net lptag.liveperson.net va.v.liveperson.net	102 KB
4	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	35 KB
4	pinterest.com ct.pinterest.com	1 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	88 KB
2	pinimg.com s.pinimg.com	18 KB
1	bluekai.com stags.bluekai.com	1 KB
1	google.de www.google.de	108 B
1	doubleclick.net googleads.g.doubleclick.net	1 KB
1	bkrtx.com tags.bkrtx.com	16 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	95 KB
1	newyorktimes.com 1 redirects e.newyorktimes.com	903 B
79	19

	Domain	Requested by
9	www.gstatic.com	www.google.com www.gstatic.com
9	www.google.com	myaccount.nytimes.com www.gstatic.com www.google.com
8	myaccount.nytimes.com	myaccount.nytimes.com
6	a.et.nytimes.com	myaccount.nytimes.com
5	fonts.gstatic.com	www.google.com
5	g1.nyt.com	myaccount.nytimes.com
4	ct.pinterest.com	s.pinimg.com myaccount.nytimes.com
3	va.v.liveperson.net	lptag.liveperson.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	lpcdn.lpsnmedia.net	lptag.liveperson.net
2	errors.client.optimizely.com	cdn.optimizely.com
2	accdn.lpsnmedia.net	lptag.liveperson.net
2	px.ads.linkedin.com	1 redirects myaccount.nytimes.com
2	lptag.liveperson.net	myaccount.nytimes.com
2	s.pinimg.com	a1.nyt.com s.pinimg.com
2	typeface.nyt.com	myaccount.nytimes.com
2	dd.nytimes.com	myaccount.nytimes.com dd.nytimes.com
2	a.nytimes.com	a1.nyt.com myaccount.nytimes.com
2	a1.nyt.com	myaccount.nytimes.com a1.nyt.com
1	stags.bluekai.com	tags.bkrtx.com
1	www.google.de	myaccount.nytimes.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.linkedin.com	1 redirects
1	tags.bkrtx.com	a1.nyt.com
1	snap.licdn.com	a1.nyt.com
1	cdn.optimizely.com	a1.nyt.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	a1.nyt.com
1	e.newyorktimes.com	1 redirects
79	29

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
a.et.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-11-16`	2 years	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.bkrtx.com DigiCert SHA2 Secure Server CA	`2020-02-28` - `2021-05-29`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2021-02-21` - `2022-02-21`	a year	crt.sh
errors.client.optimizely.com Amazon	`2020-09-02` - `2021-10-02`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Frame ID: 97E46CA96FC8F21C4BF6171285C1D2DC
Requests: 47 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Frame ID: D7DDAB0D2DCA0901A8BC5FE1178A998B
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=none&cb=bcgs3vcse773
Frame ID: 54F73C44241909AA7DFEE50D19FD82DD
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv
Frame ID: 8D6B7C946080A6FC7F34ADF87B55F322
Requests: 12 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3Dfalse&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&phint=section&phint=subsection&phint=pagetype&phint=payflowbundletype%3Dunknown&phint=payflowiscooking%3Dtrue&phint=payflowiscrossword%3Dfalse&phint=payflowisdonation%3Dtrue&phint=payflowisedu%3Dtrue&phint=payflowregion%3Dint&phint=payflowisdigigift%3Dfalse&phint=payflowishdgift%3Dfalse&phint=payflowishd%3Dfalse&phint=payflowstep%3DAUTH&phint=sourceapp%3DSEG&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype&limit=10&r=58363976
Frame ID: 6A195635CA04DA9178419880758AB073
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&env=prod
Frame ID: EAFC33A051006CCECA1C2D45B247A876
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGihf7vCJkYmzbXuzgzdbFlbCT3bzfnAi2AKvAXFk5w... HTTP 302
https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid... Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

79
Requests

100 %
HTTPS

59 %
IPv6

19
Domains

29
Subdomains

26
IPs

4
Countries

2063 kB
Transfer

4136 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/?ad-keywords=acsm
Title: The New York Times

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGihf7vCJkYmzbXuzgzdbFlbCT3bzfnAi2AKvAXFk5wHCPGqO8TMn6lKzdDnrnFJi5qXsXOOVXtpKX%3DTRTWRAY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnE0uyKAIDzk_1EUyJ75YPNizPyTRkxDFPfKjr_ivGCnTHHuUuxqyvXJphZmVHdm0saJTOCGkWmCSzhT6Pnc5WrOBqPoo9VYDei0K2sllBzQRc.&_di_=s99r7ld5ffje54gunotl4650d7mlc5ni5udf2vschvib85kp0710 HTTP 302
https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1616529677817&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D40524%26time%3D1616529677817%26url%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fauth%253FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1616529677817&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&liSync=true

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request auth Show response
myaccount.nytimes.com/get-started/
Redirect Chain

https://e.newyorktimes.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGihf7vCJkYmzbXuzgzdbFlbCT3bzfnAi2AKvAXFk5wHCPGqO8TMn6lKzdDnrnFJi5qXsXOOVXtpKX%3DTRTWRAY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnE0uyKAIDzk_1EUyJ75YP...
https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

2 KB
2 KB

759ms
412ms

Document
text/html

151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

f531e78ab97a8130df1cc8dd7e184c0859e175772deaadf13a9d48f6df8ef14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
server: Apache
x-frame-options: SAMEORIGIN DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-datadome-timer: (null),VE378
accept-ranges: bytes
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
x-served-by: cache-fra19134-FRA
x-cache: MISS
x-cache-hits: 0
x-api-version: F-X
content-length: 2143

Redirect headers

Date: Tue, 23 Mar 2021 20:01:16 GMT
Server: Apache
P3P: policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Cache-Control: no-store, no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie: 6.interact5.Tr6.....N.N...=_ri_=X0Gzc2X%3DAQpglLjHJlYQGihf7vCJkYmzbXuzgzdbFlbCT3bzfnAi2AKvAXFk5wHCPGqO8TMn6lKzdDnrnFJi5qXsXOOVXtpKX%3DTRTWRAY&_ei_=Eq2tf9zs59idfPO1Sc_9BbnE0uyKAIDzk_1EUyJ75YPNizPyTRkxDFPfKjr_ivGCnTHHuUuxqyvXJphZmVHdm0saJTOCGkWmCSzhT6Pnc5WrOBqPoo9VYDei0K2sllBzQRc; expires=Thu, 23-Mar-2023 20:01:16 GMT; Domain=.newyorktimes.com; Path=/pub; SameSite=None;Secure; HttpOnly
Location: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Connection: close
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8

GET
H2 200 vendor.bundle.11a48298b6a85a4e4e5f.js Show response
myaccount.nytimes.com/get-started/js/dest/ 154 KB
154 KB 65ms
65ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/vendor.bundle.11a48298b6a85a4e4e5f.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

5607e52d880bd690d3d5d835d7542217a590d6ac3445c32a814741ac2b9d8b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 114
x-cache: HIT
content-length: 157314
x-xss-protection: 1; mode=block
x-served-by: cache-fra19134-FRA
last-modified: Fri, 12 Mar 2021 18:32:10 GMT
server: Apache
date: Tue, 23 Mar 2021 20:01:17 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Tue, 23 Mar 2021 19:39:49 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE380
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 checkout.bundle.11a48298b6a85a4e4e5f.js Show response
myaccount.nytimes.com/get-started/js/dest/ 261 KB
261 KB 33ms
33ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/get-started/js/dest/checkout.bundle.11a48298b6a85a4e4e5f.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

b156f3ba6934f9826ef79f074c99e34084bcebb81e96a9e39ceefb521319021b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 560
x-cache: HIT
content-length: 267279
x-xss-protection: 1; mode=block
x-served-by: cache-fra19134-FRA
last-modified: Fri, 12 Mar 2021 18:32:10 GMT
server: Apache
date: Tue, 23 Mar 2021 20:01:17 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript
expires: Tue, 23 Mar 2021 19:56:57 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE370
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 standalone.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 46 KB
19 KB 60ms
60ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/unified_lire/js/standalone.bundle.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/js/dest/checkout.bundle.11a48298b6a85a4e4e5f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 727c1da8e55057e62c0610eec2a7736b7cca0cbc83b82940ed9ac8d448173fb3

Request headers

Referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-api-version: F-X
age: 559
x-cache: HIT
x-cache-hits: 1
content-length: 18799
x-served-by: cache-fra19134-FRA
server: Google Frontend
etag: "pjm4Aw"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 540a59d37eb791a6e9a5720cf6b4c993
cache-control: public, max-age=600
x-datadome-timer: (null),VE131
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 23 Mar 2021 08:43:33 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08cd18445c6b36281295051959279ea330bb23dc4ca2e3b359549e02ea5916fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 Books-Image.jpg
myaccount.nytimes.com/get-started/images/ 225 KB
225 KB 768ms
768ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://myaccount.nytimes.com/get-started/images/Books-Image.jpg

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

c01c6c339b91168fe5772cc47eaa6003c6b046de65e344e9aed9fc8cac820f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-tags: pflow-cf-cache
strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
age: 0
x-cache: MISS
content-length: 230211
x-xss-protection: 1; mode=block
x-served-by: cache-fra19134-FRA
last-modified: Fri, 12 Mar 2021 18:32:10 GMT
server: Apache
date: Tue, 23 Mar 2021 20:01:17 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
expires: Tue, 23 Mar 2021 20:06:17 GMT
cache-control: max-age=300, max-age=300
x-datadome-timer: (null),VE357
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 franklin-normal-500.woff
g1.nyt.com/fonts/family/franklin/ 27 KB
27 KB 100ms
28ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 44ce733e1c9cedefd832ff0b571555695fb7f8dbff7a066d3de45c446e44bb45

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tEQkCg==, md5=QUdY3gmNxkS2iK+gMdNfmw==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 2906564
x-guploader-uploadid: ABg5-Ux3wqzPJfLjEYwrn-ofjCjKKRpci-0WBPlvFhOsB7wi0gz8qyW0c5u4XK5f8UKttbEbNN1p6jT5A25r2nypOT9lm4qrdQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27196
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Fri, 18 Feb 2022 04:38:33 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1616529677.329486,VS0,VE0
etag: "414758de098dc644b688afa031d35f9b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607548806
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 27196
x-nyt-pagetype: web-font
content-type: font/woff
x-cache-hits: 6474

GET
H2 200 franklin-italic-600.woff
g1.nyt.com/fonts/family/franklin/ 28 KB
28 KB 134ms
63ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-italic-600.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 81bbd72fd89a648606e310631ac244511224b04109669bdd8e32025e1e31bce3

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=LPGmIA==, md5=fGqTxoRxTgP8aghesGEQog==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 2299173
x-guploader-uploadid: ABg5-UwT6OfHPYg3eTXRFLmjE7F4jy1fj2SISY_-mWgZi0zGjSSoAYeBfLAtn3vg81O_4RJ5Y5aFGMWNwi4LkFxObXo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28504
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Fri, 25 Feb 2022 05:21:44 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1616529677.329612,VS0,VE1
etag: "7c6a93c684714e03fc6a085eb06110a2"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607359204
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28504
x-nyt-pagetype: web-font
content-type: font/woff
x-cache-hits: 1

GET
H2 200 franklin-normal-600.woff
g1.nyt.com/fonts/family/franklin/ 27 KB
27 KB 116ms
45ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fc6adb58ed6e469f9d51d84ba52b4133c5e227a292828693058ebb880b9ba0ca

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i3YxGA==, md5=ioaZivmm9Uh3WNeP71SSDQ==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 1703631
x-guploader-uploadid: ABg5-Uz8g_tBFuccPJJqF45xF_cn-n3vlTKnJRqsNSv8PI-YLFZnc-DWbzMuXBL1YckeI2Cxrr04p59iKh9JARfRkuhetR8NCQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27696
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:47:26 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1616529677.329597,VS0,VE0
etag: "8a86998af9a6f5487758d78fef54920d"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607598881
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 27696
x-nyt-pagetype: web-font
content-type: font/woff
x-cache-hits: 3

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ 27 KB
28 KB 126ms
56ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=44i2vg==, md5=oZLbMQk12KiCgy4syD8hGQ==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 3525602
x-guploader-uploadid: ABg5-UzkZTEVKs0UZeC98wsL9KL0H4ZBIyL76uakWGOPzzjs5-_0I22dXRPX9LOzUH5PmzuXMkbyZoPdlXV812N-HNJCoeCQxA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27688
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Fri, 11 Feb 2022 00:41:14 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1616529677.329714,VS0,VE0
etag: "a192db310935d8a882832e2cc83f2119"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607615150
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 27688
x-nyt-pagetype: web-font
content-type: font/woff
x-cache-hits: 1887

GET
H2 200 json-kidd.min.js Show response
a1.nyt.com/analytics/ 178 KB
44 KB 36ms
29ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/json-kidd.min.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c37b8f12ac71dad4f488ceaaf46d11f9319bc0b2c8ddda3970e6974936587056

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=7T8KVw==, md5=jRcAPpBidNzVVOzFxaudQQ==
date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
age: 63135
x-guploader-uploadid: ABg5-UxLLM6fXMYHLM_4Ngn_Sxrl3gS3pxMygehciJN0Hr-ZPcdjVxMtTny3gHzQ22epx0GLVYjysBb9K1PnOXpB4SY
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 44066
via: 1.1 varnish
x-served-by: cache-fra19134-FRA
accept-ranges: bytes
expires: Fri, 05 Mar 2021 02:05:00 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1616529677.342569,VS0,VE0
etag: "8d17003e906274dcd554ecc5c5ab9d41"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975877156
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 182122
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 56

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame D7DD 11 KB
6 KB 163ms
163ms Document
text/html 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

0506751c62dd60774d5dc1164d6e8c17832bd622f18037e07856fac3b65914af

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 6925093791568988008
x-datadog-parent-id: 6925093791568988008
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: 0
resp-details: [[it:lui]]
x-nyt-backend: lire-ui
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests
etag: W/"2bdb-QHTFSmTdrXbGFQ1PYHW50IWI734"
content-encoding: gzip
x-cloud-trace-context: 8da334a7ca97d200f7219757126359b1
server: Google Frontend
x-datadome-timer: (null),VE133
accept-ranges: bytes
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
x-served-by: cache-fra19134-FRA
x-cache: MISS
x-cache-hits: 0
vary: Accept-Encoding
x-api-version: F-X

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
672 B 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7b49b6bd775f9f5744e22046847b7f0da1021ddfc41a7a6ff030ac253506f6d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 580
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 20:01:17 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ 331 KB
130 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4126
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 18:52:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
95 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5FQC2Q6&gtm_auth=DyMl56JJEuAAdIQqYEzq1w&gtm_preview=env-6&gtm_cookies_win=x

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

017d4d6331dcc9c3543aa1698d1fd9db9124ce562b34217e6c7800017e2eae9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97527
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1005 B
1 KB 314ms
287ms XHR
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&jkcb=1616529677379
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c2f23413596117a39779d945c82e8fe0b026c03683a5b484810a820bcb15182b

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 6276e06313334e861fc3e8b3d61ccb95
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 523
expires: Tue, 23 Mar 2021 20:01:17 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame D7DD 394 KB
133 KB 30ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=2a7435c
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 3ac6ff36295250e5b2cba8a34fce13d1908742646881833d2a4c26e04cc60408

Request headers

Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-api-version: F-X
age: 586
x-cache: HIT
x-cache-hits: 4
content-length: 135881
x-served-by: cache-fra19134-FRA
server: Google Frontend
etag: "pjm4Aw"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 01857014154afd0641b118f4532dec49
cache-control: public, max-age=600
x-datadome-timer: (null),VE158
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Wed, 17 Mar 2021 15:01:54 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame D7DD 0
0 134ms
104ms Other
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame D7DD 137 KB
23 KB 43ms
6ms Script
text/javascript 2600:9000:2057:5a00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:5a00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ee5576bf20dd9564319f7a878379061f3ca9275b50467576475fea06e64b1b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 19:44:08 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1029
x-cache: Hit from cloudfront
content-length: 22602
access-control-allow-origin: *
last-modified: Mon, 01 Mar 2021 14:31:53 GMT
server: Apache
etag: "224d5-5bc7a7aafac8d-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: TG850QOJwQ2dfWngwz3iNoCekWnr7FZgMH4sNrIE-Dgd8ywHVIgdXQ==
expires: Tue, 23 Mar 2021 20:44:08 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame D7DD 0
0 105ms
105ms Other
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame D7DD 1012 B
1 KB 253ms
234ms Fetch
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dpur.flow.bus%26redirect_uri%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%252Fget-started%252Fpayment%253FOC%25253D20000216880%252526campaignId%25253D9LUJ9%252526mcid%25253DNYT%252526mc%25253DEInternal%252526subid%25253DUSGM%252526launch_id%25253D10404125%26display%3Ddefault%26application%3Dpayflow%26preloaded%3Dfalse%23lire-ui-761984
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=2a7435c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 73830e8932f2ce25df7c93dd321d28919b7af5e022a06a212c2a1f6f167df47e

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: 5089e30e5d50d74885de44c0513159b1
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 528
expires: Tue, 23 Mar 2021 20:01:17 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Other
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame D7DD 29 KB
29 KB 38ms
31ms Font
application/font-woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 85825
x-guploader-uploadid: AEnB2UrN5FY4-7SAwoJ5hZcTi8oCWzQOBNhFAC8R9C8gNEyeV2uvjBbyjOsaGz-TNyPpB7UAgId3yBiA04v7OuTKuchFOb5WfA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Sat, 23 Mar 2019 20:10:33 GMT
last-modified: Thu, 15 Mar 2018 18:06:30 GMT
server: UploadServer
x-timer: S1616529678.664910,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1521137190240390
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: application/font-woff
x-cache-hits: 308

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame D7DD 29 KB
29 KB 31ms
28ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 1609328
x-guploader-uploadid: ABg5-UwDEN_iE0Lnvl1IsW3ftjcu12EspxC8-YgwNopbD3N-DR4s1XURKw6xzo7RSVfKWaCQfHQ5aZ0_byeeYdYElPk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Sat, 05 Mar 2022 04:59:08 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1616529678.664837,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717322939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 751

GET
H3-Q050 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 54F7 19 KB
11 KB 25ms
24ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=none&cb=bcgs3vcse773

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9921591b1fe5dd0dae12723d688e0871b780411cdd47a01dba4de420a7878faa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vjldEa8pLWcM8FhAFqwUNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=none&cb=bcgs3vcse773
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 20:01:17 GMT
content-security-policy: script-src 'report-sample' 'nonce-vjldEa8pLWcM8FhAFqwUNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10634
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cheltenham-normal-400.woff
g1.nyt.com/fonts/family/cheltenham/ 36 KB
37 KB 29ms
29ms Font
font/woff 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4793e23b5bee0b1e4cbd0c56d606ee75789976edf8991db62445259d7fb6c202

Request headers

Origin: https://myaccount.nytimes.com
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=1QABtA==, md5=I71OXAwnJZsGSqmubXh5gA==
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 varnish
age: 2303466
x-guploader-uploadid: ABg5-UzTH4t1ZT55qph41rWkBi3IaZLhQlwYYIRpCvOg0bzIJPPz_u8h0nHAJpAq8Ysdz2ekEeN-B_1ipqLsObAVxyA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37080
x-served-by: cache-fra19146-FRA
accept-ranges: bytes
expires: Fri, 25 Feb 2022 04:10:11 GMT
last-modified: Thu, 21 Jan 2021 15:56:45 GMT
server: UploadServer
x-timer: S1616529678.699565,VS0,VE1
etag: "23bd4e5c0c27259b064aa9ae6d787980"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244605521484
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 37080
x-nyt-pagetype: web-font
content-type: font/woff
x-cache-hits: 1

POST
H2 200 track
a.et.nytimes.com/ Frame D7DD 0
0 115ms
114ms Other
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 35 KB
14 KB 33ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FQC2Q6&gtm_auth=DyMl56JJEuAAdIQqYEzq1w&gtm_preview=env-6&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4389b6324bc268e491e848bda6ed79bced0dfd27eed8a3bba5064ce8dc31607c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13767
x-xss-protection: 0
server: cafe
etag: 4700590750665290582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 20:01:17 GMT

GET
H2 200 my_account_prod.js Show response
cdn.optimizely.com/public/3013110282/s/ 295 KB
88 KB 117ms
103ms Script
text/javascript 2a02:26f0:7100:19a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/3013110282/s/my_account_prod.js

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:19a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a4346f1ca1df87066eb4c7ab7457e7b923676b70227379586e2a12e2d62e36c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: OnZSfAH7ISUpN9KZvXpJ_oB_IXj2VHHZ
content-encoding: gzip
etag: "3ad0ceecdfca064a7415251a7050b2e8"
x-amz-request-id: 8V1XBY0JCVDMEP2M
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 55582
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:7100:19a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 89061
x-amz-id-2: qygu71XBQ/NmlRgg0tQLkMTbb4+0MsmYRuYxuMfEXPFqDyMNZ0tyFBry0xTFnCkrXsGCaI7rDyY=
last-modified: Mon, 04 Jan 2021 16:02:31 GMT
server: AmazonS3
date: Tue, 23 Mar 2021 20:01:17 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=0
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ab-config Show response
myaccount.nytimes.com/svc/get-started/api/v1/ 39 B
224 B 415ms
415ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/svc/get-started/api/v1/ab-config

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

245f2469539df8f69cba0b7b03d529912e744e8543adf80116a67a77c5cc7670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 varnish
x-content-type-options: nosniff
x-api-version: F-X
x-cache: MISS
content-length: 39
x-xss-protection: 1; mode=block
x-served-by: cache-fra19134-FRA
pragma: no-cache
server: Apache
date: Tue, 23 Mar 2021 20:01:18 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-datadome-timer: (null),VE387
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 119ms
119ms Other
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5FQC2Q6&gtm_auth=DyMl56JJEuAAdIQqYEzq1w&gtm_preview=env-6&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1972
date: Tue, 23 Mar 2021 19:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 21:28:25 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
826 B 118ms
104ms Script
application/javascript 2a02:26f0:7100:1a1::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1a1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "c6fbf499a6a1afdef9597a0d274bdd3f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: a6ef44-104.126.36.133
accept-ranges: bytes
content-length: 578
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:10c:58e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:58e::25ea Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 20:01:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=12714
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame D7DD 231 B
562 B 22ms
9ms XHR
application/json 2600:9000:2057:5a00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5a00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: df8ebfd98599dea093fbfd09326577357878bf423cbb344fecd582e3db603581

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:17 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: UgEALgEscACz9-iVRI1aEl-hxVrTzG1WuXvea39nxlUEs-swuTNaWg==
expires: 0

GET
H/1.1 200
OK bk-coretag.js Show response
tags.bkrtx.com/js/ 51 KB
16 KB 134ms
51ms Script
application/javascript 92.123.14.137
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.123.14.137 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-14-137.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2021 19:39:43 GMT
Server: nginx/1.15.8
ETag: W/"601858ff-cae3"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 23 Mar 2021 20:01:17 GMT
Connection: keep-alive
Content-Length: 16039
Expires: Tue, 30 Mar 2021 20:01:17 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 142ms
72ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=17743901
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
69 B 14ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=271089701&t=pageview&_s=1&dl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth&dr=&dp=%2Fget-started%2Fsignup%3Fproduct%3Dsubscription%26mode%3Ddigi%26rate%3Dregular&ul=en-us&de=UTF-8&dt=New%20York%20Times%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=USGM&cs=NYT&cm=EInternal&ck=&cc=&_u=YEBAAEABAAAAAC~&jid=916850481&gjid=653244672&cid=941481428.1616529678&tid=UA-58630905-1&_gid=984614030.1616529678&_r=1&gtm=2wg3h05FQC2Q6&cd1=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth&cd2=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&cd3=%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&cd4=Digital%20Subscription&cd9=&cd10=NYT&cd14=&cd15=paid&cd16=marketing_campaign&cd26=&cd27=&cd28=&cd29=&cd37=0&cd42=SEG&cd48=&cd49=blurb_under_100&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd98=0&cd114=0&cd117=0&z=675298493

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://myaccount.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1616529677817&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3D...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D40524%26time%3D1616529677817%26url%3Dhttps%253A%252F%252Fmyaccount.nytimes.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1616529677817&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3D...

0
63 B

219ms
218ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1616529677817&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&liSync=true
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: Z9NcgC0RbxYgftfccSsAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: FvRbcy0RbxbQTaIWVisAAA==
pragma: no-cache
x-li-pop: afd-prod-ltx1
x-msedge-ref: Ref A: 5B5B25285CD84528B2A994F5D1A27AC6 Ref B: FRAEDGE0817 Ref C: 2021-03-23T20:01:18Z
date: Tue, 23 Mar 2021 20:01:17 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=40524&time=1616529677817&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 54F7 50 KB
25 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=none&cb=bcgs3vcse773

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 15:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 17486
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Wed, 23 Mar 2022 15:09:51 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 54F7 331 KB
130 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4126
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 18:52:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/ 2 KB
1 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?random=1616529677823&cv=9&fst=1616529677823&num=1&label=9sgRCN2pgmgQyL734AM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&data=wat%3D&frm=0&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&tiba=New%20York%20Times%20Checkout&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

110ad41075c204ecf99c89eb093420d85d1734205ee72f24baf46cc43defda47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1148
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 BArdHoEJJ9tx22JYqA1E80_aKpvw-uSXDEzT08yaGuo.js Show response
www.google.com/js/bg/ Frame 54F7 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/BArdHoEJJ9tx22JYqA1E80_aKpvw-uSXDEzT08yaGuo.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

040add1e810927db71db6258a80d44f34fda2a9bf0fae4970c4cd3d3cc9a1aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=none&cb=bcgs3vcse773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 98873
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 54F7 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 518926
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Wed, 24 Mar 2021 19:52:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54F7 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 433192
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 54F7 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 519664
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:40:13 GMT

GET
H3-Q050 200 webworker.js
www.google.com/recaptcha/api2/ Frame 54F7 102 B
240 B 37ms
37ms Other
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&co=aHR0cHM6Ly9teWFjY291bnQubnl0aW1lcy5jb206NDQz&hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&size=invisible&badge=none&cb=bcgs3vcse773
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 20:01:17 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1008590664/ 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1008590664/?random=1616529677823&cv=9&fst=1616529600000&num=1&label=9sgRCN2pgmgQyL734AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&data=wat%3D&frm=0&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&tiba=New%20York%20Times%20Checkout&async=1&fmt=3&is_vtc=1&random=214203656&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1008590664/ 42 B
108 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008590664/?random=1616529677823&cv=9&fst=1616529600000&num=1&label=9sgRCN2pgmgQyL734AM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&data=wat%3D&frm=0&url=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&tiba=New%20York%20Times%20Checkout&async=1&fmt=3&is_vtc=1&random=214203656&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.dec9de31.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 104ms
104ms Script
application/javascript 2a02:26f0:7100:1a1::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.dec9de31.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1a1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "534cdacf4ffd94bf57ac75057dd94604"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: a6f07a-104.126.36.133
accept-ranges: bytes
content-length: 17139
access-control-expose-headers: X-CDN

POST
H2 200 track
a.et.nytimes.com/ Frame D7DD 0
0 108ms
108ms Other
application/json 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=pur.flow.bus&redirect_uri=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fpayment%3FOC%253D20000216880%2526campaignId%253D9LUJ9%2526mcid%253DNYT%2526mc%253DEInternal%2526subid%253DUSGM%2526launch_id%253D10404125&display=default&application=payflow&preloaded=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 8D6B 7 KB
1 KB 18ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea49e01ffbdadfbf090a72390d61f08ee9c698175dcc29bf11f7cbf7a2aaec7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UkQ2A9xgJJvCw8w8Cv4iIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 20:01:18 GMT
content-security-policy: script-src 'report-sample' 'nonce-UkQ2A9xgJJvCw8w8Cv4iIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1112
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK Cookie set 50134 Show response
stags.bluekai.com/site/ Frame 6A19 71 B
1 KB 211ms
165ms Document
text/html 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stags.bluekai.com/site/50134?ret=html&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3Dfalse&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&phint=section&phint=subsection&phint=pagetype&phint=payflowbundletype%3Dunknown&phint=payflowiscooking%3Dtrue&phint=payflowiscrossword%3Dfalse&phint=payflowisdonation%3Dtrue&phint=payflowisedu%3Dtrue&phint=payflowregion%3Dint&phint=payflowisdigigift%3Dfalse&phint=payflowishdgift%3Dfalse&phint=payflowishd%3Dfalse&phint=payflowstep%3DAUTH&phint=sourceapp%3DSEG&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype&limit=10&r=58363976
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Host: stags.bluekai.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://myaccount.nytimes.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

Content-Type: text/html
Content-Length: 71
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server: 5c93
Date: Tue, 23 Mar 2021 20:01:18 GMT
Connection: keep-alive
Set-Cookie: bkdc=phx; expires=Sun, 19-Sep-2021 20:01:18 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bkpa=KJh2P1+0tp91dOg7NAuuclDm7ATZE5J6IMQAwFEDGDkRToQWBuHRNl24DJRMuT3g6DczJRQaa2OB69xlX004pM88GaPaNkpPkDjShxYKeMP1ooXamMheMu+nDO3jtxGEGvVAXheiCQYMENc71nZbM2EKVEzTxswoCRxOVrG+KjYbNG96EakoGpM7JUTEDHk/Ijxr5SKQy0LNHwdr7HIO6gA50hFYMigyjtYhRxtSpn9svdymi92yBRlrqKrXO5dKlgLz3ciJ3+uRRumEe/zCc5gJx2Qc96EQxyK01l+O9U3NOR6x9Qgq2fWVSZmzl9N2Y0hyQnsdBuOlNIc/MKOsVTLvu4Gwvca/rFnE7UWP4Yrh1UDzeMJPm1JEhTTlz8m4I+zqw3Ti3M7UlSHT8BzKCsyuUKmO+/PynjNkF9EbWWCT9LDgWSZSEO2dl7BXA4aE8/Fk1oLDY0kLnUuJpbk+qgI+F2T0SvPm0hIdUoLa4pTX/NKWyMe9oMU6IrUom0IBiYiglytDjfBLkC4pP7YdD/TqPY8R8P7BTg9Nq7dLp7jb/IfxfqsdxTKrozkcsncKC5OmxLdU6yqkDYx5aIvwgGXjeIDhincHAE0MS5GFoSpDd27lZDYxdMNlb2zFo6+66DLx5RJ4co8mUK28qdv7S4gfi72xqb1VWza6dzHX2MRPJkGX7hJMMQRBoy4EDejVsV6Ng4nL03dZ0IkiKF+hXxXPryo/; expires=Sun, 19-Sep-2021 20:01:18 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure bku=NL19998JVZYD2ZyG; expires=Sun, 19-Sep-2021 20:01:18 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/ 252 KB
91 KB 38ms
38ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 16a8a9fd53199f67d77717177245f6ec4ab0dbbcf9d6cc2bc60be4e7c089f553

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
content-encoding: gzip
server: ws
x-cache-status: MISS
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 abra.min.js Show response
a1.nyt.com/analytics/abra/v1.0.9/ 2 KB
2 KB 30ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/abra/v1.0.9/abra.min.js
Requested by: Host: a1.nyt.com
URL: https://a1.nyt.com/analytics/json-kidd.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f73c1255ccc1f100b5f3f4789babd6e7de579918a2605bd591a31f07147d082b

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=KplWvA==, md5=ZRdImeSrwMi6ngwOYVkLBA==
date: Tue, 23 Mar 2021 20:01:18 GMT
content-encoding: gzip
age: 6853
x-guploader-uploadid: ABg5-UxS6V-DiLQPudHXFani4-byRdwxqUROFGfa-YQ5DTvNbW_zNfB-chlMwPMKD_5d9dGpnWgkZPWAqaZa-_ydSA7en67YCA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1069
via: 1.1 varnish
x-served-by: cache-fra19134-FRA
accept-ranges: bytes
expires: Thu, 11 Mar 2021 13:24:07 GMT
last-modified: Fri, 01 Mar 2019 22:51:51 GMT
server: UploadServer
x-timer: S1616529678.302673,VS0,VE1
etag: "65174899e4abc0c8ba9e0c0e61590b04"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1551480711411415
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
x-goog-stored-content-length: 1820
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 / Show response
ct.pinterest.com/user/ 56 B
528 B 92ms
47ms XHR
application/json 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612709798038&cb=1616529678294

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.dec9de31.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

14f5d14ed9f63885229a32f4fe5002e735823237db155fb09ae572fe91f83b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
access-control-allow-origin: https://myaccount.nytimes.com
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1766525449766462
pin-unauth: dWlkPU5qZzBPVFJrTkRVdFl6TTRNQzAwT1dSakxXSXdZekl0TXpWak1XUTBPREZrWXpVMg
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 74
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
300 B 98ms
54ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612709798038&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22dec9de31%22%7D&cb=1616529678295

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:18 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1261708410981288
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
301 B 93ms
49ms Image
image/gif 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614963538652&ov=%7B%22page_name%22%3A%22%22%2C%22page_category%22%3A%22%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22dec9de31%22%7D&cb=1616529678296

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:18 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1117958243391955
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 8D6B 50 KB
25 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 15:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
age: 17487
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25479
x-xss-protection: 0
expires: Wed, 23 Mar 2022 15:09:51 GMT

GET
H3-Q050 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/ Frame 8D6B 331 KB
130 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4127
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132685
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 04:05:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 18:52:31 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/ 5 KB
1 KB 109ms
27ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/setting/accountproperties/?cb=lpCb79835x38579
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 9f01c2698951a6861edc0f371c6b0b01e004af3d1f13ffe9aafaf0aa4cd2147a

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 822
expires: Tue, 23 Mar 2021 20:01:40 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/ 13 KB
2 KB 114ms
38ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/17743901/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-accdn.lpsnmedia.net
Software: ws /
Resource Hash: 61132df5cda0b6743e54df07ff74d1857966b758ae74c7ba544f08aa2816cb93

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
x-envoy-upstream-service-time: 828
expires: Tue, 23 Mar 2021 20:01:40 GMT

POST
H3-Q050 200 reload Show response
www.google.com/recaptcha/api2/ Frame 8D6B 16 KB
12 KB 38ms
38ms XHR
application/json 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

21888ab4bb3907e5e251db4a63371309ecf53c31a557beba1daf62e837d2b901

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11774
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 20:01:18 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 97ms
56ms XHR
text/plain 184.30.24.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.dec9de31.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-193.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 20:01:18 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 2514746823904219
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8D6B 600 B
677 B 7ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:11:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 93013
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Mon, 29 Mar 2021 18:11:05 GMT

GET
H3-Q050 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8D6B 530 B
609 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:33:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 494860
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Thu, 25 Mar 2021 02:33:38 GMT

GET
H3-Q050 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 8D6B 665 B
744 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:51:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 292198
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Sat, 27 Mar 2021 10:51:20 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D6B 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 433193
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D6B 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
age: 519665
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:40:13 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8D6B 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:40:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 519665
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:40:13 GMT

GET
H3-Q050 200 BArdHoEJJ9tx22JYqA1E80_aKpvw-uSXDEzT08yaGuo.js Show response
www.google.com/js/bg/ Frame 8D6B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/BArdHoEJJ9tx22JYqA1E80_aKpvw-uSXDEzT08yaGuo.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6g5J7UfDQ9mLrweZHj04ekSP/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

040add1e810927db71db6258a80d44f34fda2a9bf0fae4970c4cd3d3cc9a1aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 16:33:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 98874
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
expires: Tue, 22 Mar 2022 16:33:24 GMT

GET
H3-Q050 200 payload
www.google.com/recaptcha/api2/ Frame 8D6B 38 KB
38 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AGdBq25tPDbPe-y0L7zkWP0chD_ebvyaK_Y6DeoNpkzMIQ3ZFXYJuAjhZIHTL_NjSnLVypyWe2KB8s4afQHAIMRcgdqZThRsrPtmNFWEKepFid_Su20G9gFo2252MChFvXtup_CHulXV9DnQt2Znm23d1Xt-SQqN0yhiOBzfUdKI0fIz8XFCDIkI_sT_YUuQFpKLkrZ_IqUNpo3MpRVYtYv6NqaqbYguTA&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/get-started/auth?OC=20000216880&campaignId=9LUJ9&mcid=NYT&mc=EInternal&subid=USGM&launch_id=10404125

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0262e4f2487b99b600ac734da7bea561084ff2ea999eb00909de658e2d648a9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=6g5J7UfDQ9mLrweZHj04ekSP&k=6Ld2YVIUAAAAAC7yEp9y1m_Cu2PkbZY_lx9pv99F&cb=2xh474o7m2zv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:18 GMT
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38774
x-xss-protection: 1; mode=block
expires: Tue, 23 Mar 2021 20:01:18 GMT

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 421ms
106ms Preflight
text/plain 52.200.208.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Server: 52.200.208.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-208-53.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://myaccount.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://myaccount.nytimes.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Content-Type: text/plain
Date: Tue, 23 Mar 2021 20:01:18 GMT
Content-Length: 13
Connection: keep-alive

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
247 B 106ms
105ms XHR
text/plain 52.200.208.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/3013110282/s/my_account_prod.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.208.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-208-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://myaccount.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Tue, 23 Mar 2021 20:01:18 GMT
Content-Type: text/plain

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 7ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=271089701&t=timing&_s=2&dl=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth&dr=&dp=%2Fget-started%2Fsignup%3Fproduct%3Dsubscription%26mode%3Ddigi%26rate%3Dregular&ul=en-us&de=UTF-8&dt=New%20York%20Times%20Checkout&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=USGM&cs=NYT&cm=EInternal&ck=&cc=&plt=3174&pdt=1&dns=2&rrt=984&srt=412&tcp=345&dit=1902&clt=1902&_gst=2404&_gbt=2462&_cst=2040&_cbt=2113&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=941481428.1616529678&tid=UA-58630905-1&_gid=984614030.1616529678&gtm=2wg3h05FQC2Q6&cd1=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth&cd2=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&cd3=%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&cd4=Digital%20Subscription&cd9=&cd10=NYT&cd14=&cd15=paid&cd16=marketing_campaign&cd26=&cd27=&cd28=&cd29=&cd37=0&cd42=SEG&cd48=&cd49=blurb_under_100&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd98=0&cd114=0&cd117=0&z=1993040272

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 21:00:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82829
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ Frame EAFC 39 KB
16 KB 106ms
25ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://myaccount.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://myaccount.nytimes.com/

Response headers

date: Tue, 23 Mar 2021 20:01:20 GMT
content-type: text/html
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Tue, 23 Mar 2021 20:11:20 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ 38 KB
15 KB 37ms
36ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%3A%2F%2Fmyaccount.nytimes.com&site=17743901&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Tue, 23 Mar 2021 20:11:20 GMT

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 237 B
1 KB 458ms
178ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?&cb=lpCb41500x26017&t=sp&ts=1616529678323&pid=6514445687&tid=5765398877&pt=New%20York%20Times%20Checkout&u=https%3A%2F%2Fmyaccount.nytimes.com%2Fget-started%2Fauth%3FOC%3D20000216880%26campaignId%3D9LUJ9%26mcid%3DNYT%26mc%3DEInternal%26subid%3DUSGM%26launch_id%3D10404125&df=0&os=0&sdes=%5B%7B%22type%22%3A%22prodView%22%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22unknown%22%2C%22category%22%3A%22Digital%20Subscription%22%7D%7D%5D%7D%2C%7B%22type%22%3A%22cart%22%2C%22total%22%3A%22unknown%22%2C%22numItems%22%3A1%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22unknown%22%2C%22category%22%3A%22Digital%20Subscription%22%2C%22sku%22%3A%22unknown%22%2C%22price%22%3A%22unknown%22%7D%2C%22quantity%22%3A1%7D%5D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 3e71e6079b362ae288e6bcb9d67947a46b5395842793488bc89022b54510cdcd

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:20 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 105ms
105ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=jX8LcWO4S7GETDJUgs_PDQ&cb=lpCb57677x95133&t=pl&ts=1616529680497&pid=6514445687&tid=5765398877&vid=I2MmRlMzJjYzBlMDlmZWZk
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 8d1cda6421e10e2e5f9719e47df69d50f1962a146ec5b2fd6cf20377e6885be7

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:21 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 17743901 Show response
va.v.liveperson.net/api/js/ 72 B
822 B 180ms
180ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/17743901?sid=jX8LcWO4S7GETDJUgs_PDQ&cb=lpCb14653x3579&t=ip&ts=1616529691066&pid=6514445687&tid=5765398877&vid=I2MmRlMzJjYzBlMDlmZWZk
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/17743901/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 477832fbba1e757d56a5ce845ae878a2f39083402c0288f4c7bf4ed85456c846

Request headers

Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 20:01:31 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bluekai.com/	1970-01-19 21:21:21	Name: bku Value: NL19998JVZYD2ZyG
.bluekai.com/	1970-01-19 21:21:21	Name: bkdc Value: phx
.google.com/recaptcha	1970-01-19 21:21:21	Name: _GRECAPTCHA Value: 09AL0vNlN99rKZngQaABMB6vKxVu1SJQuYzuroQ6kvMFWXkBxmxnuYTl06GMQfiAZBrErhIBDM2GBufV-N9Pik1UM
.nytimes.com/	1970-01-20 01:47:45	Name: datadome Value: fBQ9xyz1j-a-f7gztG1gH7ojUVGpft~trecHnrqCdDitKiON-aBq~Kb~RSJPiJ3zcn1qJSWzYA4z2OATK3RcvkacCPXWuIRDJ9Ua~f.zXLlDIK2gVhRd~nguWJNkG9-
.nytimes.com/	1970-01-20 10:33:21	Name: walley Value: GA1.2.941481428.1616529678
.nytimes.com/	1970-01-19 17:02:09	Name: _gat_UA-58630905-1 Value: 1
.nytimes.com/	1970-01-19 19:11:45	Name: _gcl_au Value: 1.1.630190972.1616529677
.myaccount.nytimes.com/	1970-01-20 01:47:45	Name: _pin_unauth Value: dWlkPU5qZzBPVFJrTkRVdFl6TTRNQzAwT1dSakxXSXdZekl0TXpWak1XUTBPREZrWXpVMg
.nytimes.com/	1970-01-20 01:47:45	Name: nyt-a Value: _ORt8dfee4BB5Rf2vBaGN3EQ
.nytimes.com/	1970-01-19 17:03:36	Name: walley_gid Value: GA1.2.984614030.1616529678
.nytimes.com/	1970-01-20 01:47:45	Name: nyt-jkidd Value: uid=0&lastRequest=1616529677526&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 17:02:23	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.bluekai.com/	1970-01-19 21:21:21	Name: bkpa Value: KJh2P1+0tp91dOg7NAuuclDm7ATZE5J6IMQAwFEDGDkRToQWBuHRNl24DJRMuT3g6DczJRQaa2OB69xlX004pM88GaPaNkpPkDjShxYKeMP1ooXamMheMu+nDO3jtxGEGvVAXheiCQYMENc71nZbM2EKVEzTxswoCRxOVrG+KjYbNG96EakoGpM7JUTEDHk/Ijxr5SKQy0LNHwdr7HIO6gA50hFYMigyjtYhRxtSpn9svdymi92yBRlrqKrXO5dKlgLz3ciJ3+uRRumEe/zCc5gJx2Qc96EQxyK01l+O9U3NOR6x9Qgq2fWVSZmzl9N2Y0hyQnsdBuOlNIc/MKOsVTLvu4Gwvca/rFnE7UWP4Yrh1UDzeMJPm1JEhTTlz8m4I+zqw3Ti3M7UlSHT8BzKCsyuUKmO+/PynjNkF9EbWWCT9LDgWSZSEO2dl7BXA4aE8/Fk1oLDY0kLnUuJpbk+qgI+F2T0SvPm0hIdUoLa4pTX/NKWyMe9oMU6IrUom0IBiYiglytDjfBLkC4pP7YdD/TqPY8R8P7BTg9Nq7dLp7jb/IfxfqsdxTKrozkcsncKC5OmxLdU6yqkDYx5aIvwgGXjeIDhincHAE0MS5GFoSpDd27lZDYxdMNlb2zFo6+66DLx5RJ4co8mUK28qdv7S4gfi72xqb1VWza6dzHX2MRPJkGX7hJMMQRBoy4EDejVsV6Ng4nL03dZ0IkiKF+hXxXPryo/
.nytimes.com/	1970-01-19 17:02:23	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://s.pinimg.com/ct/lib/main.dec9de31.js(Line 1) Message: Pinterest Tag Error: 'load' command was called multiple times. Previously for tag id '%s', now for tag id '%s'. 2612709798038 2614963538652

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.et.nytimes.com
a.nytimes.com
a1.nyt.com
accdn.lpsnmedia.net
cdn.optimizely.com
ct.pinterest.com
dd.nytimes.com
e.newyorktimes.com
errors.client.optimizely.com
fonts.gstatic.com
g1.nyt.com
googleads.g.doubleclick.net
lpcdn.lpsnmedia.net
lptag.liveperson.net
myaccount.nytimes.com
px.ads.linkedin.com
s.pinimg.com
snap.licdn.com
stags.bluekai.com
tags.bkrtx.com
typeface.nyt.com
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
142.250.185.130
151.101.13.164
162.223.233.247
178.249.97.23
178.249.97.98
178.249.97.99
184.30.24.193
208.89.12.87
23.79.152.128
2600:9000:2057:5a00:a:a8c5:a040:93a1
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:810::2013
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2004
2a02:26f0:10c:58e::25ea
2a02:26f0:7100:19a::13b8
2a02:26f0:7100:1a1::1931
52.200.208.53
92.123.14.137
017d4d6331dcc9c3543aa1698d1fd9db9124ce562b34217e6c7800017e2eae9f
0262e4f2487b99b600ac734da7bea561084ff2ea999eb00909de658e2d648a9a
040add1e810927db71db6258a80d44f34fda2a9bf0fae4970c4cd3d3cc9a1aea
0506751c62dd60774d5dc1164d6e8c17832bd622f18037e07856fac3b65914af
08cd18445c6b36281295051959279ea330bb23dc4ca2e3b359549e02ea5916fb
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
110ad41075c204ecf99c89eb093420d85d1734205ee72f24baf46cc43defda47
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14f5d14ed9f63885229a32f4fe5002e735823237db155fb09ae572fe91f83b66
16a8a9fd53199f67d77717177245f6ec4ab0dbbcf9d6cc2bc60be4e7c089f553
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21888ab4bb3907e5e251db4a63371309ecf53c31a557beba1daf62e837d2b901
245f2469539df8f69cba0b7b03d529912e744e8543adf80116a67a77c5cc7670
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3ac6ff36295250e5b2cba8a34fce13d1908742646881833d2a4c26e04cc60408
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e71e6079b362ae288e6bcb9d67947a46b5395842793488bc89022b54510cdcd
4389b6324bc268e491e848bda6ed79bced0dfd27eed8a3bba5064ce8dc31607c
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
44ce733e1c9cedefd832ff0b571555695fb7f8dbff7a066d3de45c446e44bb45
477832fbba1e757d56a5ce845ae878a2f39083402c0288f4c7bf4ed85456c846
4793e23b5bee0b1e4cbd0c56d606ee75789976edf8991db62445259d7fb6c202
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5607e52d880bd690d3d5d835d7542217a590d6ac3445c32a814741ac2b9d8b27
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
61132df5cda0b6743e54df07ff74d1857966b758ae74c7ba544f08aa2816cb93
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
727c1da8e55057e62c0610eec2a7736b7cca0cbc83b82940ed9ac8d448173fb3
73830e8932f2ce25df7c93dd321d28919b7af5e022a06a212c2a1f6f167df47e
738589ed6863dd953448fb2c5e21415c94873f7f15a3b22a5e8d43d5347c43d5
7b49b6bd775f9f5744e22046847b7f0da1021ddfc41a7a6ff030ac253506f6d7
81bbd72fd89a648606e310631ac244511224b04109669bdd8e32025e1e31bce3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850420a74b035447dcf888c73803e7588d07aa16c80c3ee326c7c575186bd001
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8d1cda6421e10e2e5f9719e47df69d50f1962a146ec5b2fd6cf20377e6885be7
9921591b1fe5dd0dae12723d688e0871b780411cdd47a01dba4de420a7878faa
9c2464add3c699d2be6d7ec889eed8d56ff71327ce4fc9e43955cea79b117fce
9f01c2698951a6861edc0f371c6b0b01e004af3d1f13ffe9aafaf0aa4cd2147a
a4346f1ca1df87066eb4c7ab7457e7b923676b70227379586e2a12e2d62e36c5
aae36e0135bd89b347e31e575989c25a954a96c797c678610aeaa080694ba8de
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b0a826fa53a52c446352d13c02654eff897691e910dbf3a3d79b44757fd37fea
b156f3ba6934f9826ef79f074c99e34084bcebb81e96a9e39ceefb521319021b
b6fcdd11c229160158b2399cfc0524bd1712b0b24e86e9d3432e5eec78d9e518
b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2
c01c6c339b91168fe5772cc47eaa6003c6b046de65e344e9aed9fc8cac820f88
c2f23413596117a39779d945c82e8fe0b026c03683a5b484810a820bcb15182b
c37b8f12ac71dad4f488ceaaf46d11f9319bc0b2c8ddda3970e6974936587056
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
df8ebfd98599dea093fbfd09326577357878bf423cbb344fecd582e3db603581
e0176d88d71adf58cc9e76c0bbc1fb1ad091a7d7e058ff82e5d9fb50618e8ba1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea49e01ffbdadfbf090a72390d61f08ee9c698175dcc29bf11f7cbf7a2aaec7c
ee5576bf20dd9564319f7a878379061f3ca9275b50467576475fea06e64b1b6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f531e78ab97a8130df1cc8dd7e184c0859e175772deaadf13a9d48f6df8ef14f
f73c1255ccc1f100b5f3f4789babd6e7de579918a2605bd591a31f07147d082b
fc6adb58ed6e469f9d51d84ba52b4133c5e227a292828693058ebb880b9ba0ca

myaccount.nytimes.com Open in urlscan Pro 151.101.13.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

100 %HTTPS

59 %IPv6

19 Domains

29 Subdomains

26 IPs

4 Countries

2063 kBTransfer

4136 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myaccount.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

100 %
HTTPS

59 %
IPv6

19
Domains

29
Subdomains

26
IPs

4
Countries

2063 kB
Transfer

4136 kB
Size

14
Cookies

79 HTTP transactions
2 data transactions