fs.nyt.net - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 7 HTTP transactions. The main IP is 54.174.6.239, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is fs.nyt.net.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 2nd 2021. Valid for: a year.

This is the only time fs.nyt.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	13.110.61.202 13.110.61.202	14340 (SALESFORCE) (SALESFORCE)
1 3	20.190.160.71 20.190.160.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	54.174.6.239 54.174.6.239	14618 (AMAZON-AES) (AMAZON-AES)
7	3

3 13.110.61.202 (United States) 2 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl6-ncg1-c5-iad4.na167-ia4.my.salesforce.com

nytads.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.190.160.71 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.174.6.239 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-6-239.compute-1.amazonaws.com

fs.nyt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	nyt.net fs.nyt.net	696 KB
3	microsoftonline.com 1 redirects login.microsoftonline.com — Cisco Umbrella Rank: 28	62 KB
3	salesforce.com 2 redirects nytads.my.salesforce.com	7 KB
7	3

	Domain	Requested by
4	fs.nyt.net	fs.nyt.net
3	login.microsoftonline.com	1 redirects login.microsoftonline.com
3	nytads.my.salesforce.com	2 redirects
7	3

This site contains links to these domains. Also see Links.

Domain
forgotpw.nyt.net
sites.google.com

Subject Issuer	Validity	Valid
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-08`	a year	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-11-24`	a year	crt.sh
fs.nyt.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-02` - `2022-12-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
Frame ID: 954E159E4E8C80851FF78E8F8CF8788D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxT... HTTP 302
https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMz... HTTP 302
https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAA... Page URL
https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com Page URL
https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com&sso_reload=true HTTP 302
https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

759 kB
Transfer

856 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://forgotpw.nyt.net/
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://sites.google.com/a/nytimes.com/nyt-access/faq
Title: NYT Access FAQ

Search URL Search Domain Scan URL

URL: https://sites.google.com/a/nytimes.com/nyt-access/
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%3D%3D HTTP 302
https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D&login_hint=caroline.bales%40nytimes.com&ec=302&sdtd=1 HTTP 302
https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sTo2K5YdLCnKDFgAt5p5ystgJjJKhE1iGHQZF70g3nUzZry29K79uL6yTa-rT1hyDDnQcykMcf70XNGxeXZLHSLoR5kUb8RWsN0Ay2BMLv3DJZEvit2fxG4bHnEOIanOdeHI-5br9HL1UnckEp6kBd8ugXnojKwgiAh40n8hMYZgQ&saml_acs=https%3A%2F%2Fnytads.my.salesforce.com%3Fso%3D00D3000000060xn&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fnytads.my.salesforce.com&samlSsoConfig=0LE1O000000KymF&RelayState=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D Page URL
https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com Page URL
https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com&sso_reload=true HTTP 302
https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%3D%3D HTTP 302
https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D&login_hint=caroline.bales%40nytimes.com&ec=302&sdtd=1 HTTP 302
https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sTo2K5YdLCnKDFgAt5p5ystgJjJKhE1iGHQZF70g3nUzZry29K79uL6yTa-rT1hyDDnQcykMcf70XNGxeXZLHSLoR5kUb8RWsN0Ay2BMLv3DJZEvit2fxG4bHnEOIanOdeHI-5br9HL1UnckEp6kBd8ugXnojKwgiAh40n8hMYZgQ&saml_acs=https%3A%2F%2Fnytads.my.salesforce.com%3Fso%3D00D3000000060xn&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fnytads.my.salesforce.com&samlSsoConfig=0LE1O000000KymF&RelayState=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

authn-request.jsp
nytads.my.salesforce.com/saml/
Redirect Chain

https://nytads.my.salesforce.com/setup/emailverif?oid=00D3000000060xn&k=Cj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5Zn...
https://nytads.my.salesforce.com/?startURL=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-m...
https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sT...

6 KB
4 KB

125ms
125ms

Document
text/html

13.110.61.202
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sTo2K5YdLCnKDFgAt5p5ystgJjJKhE1iGHQZF70g3nUzZry29K79uL6yTa-rT1hyDDnQcykMcf70XNGxeXZLHSLoR5kUb8RWsN0Ay2BMLv3DJZEvit2fxG4bHnEOIanOdeHI-5br9HL1UnckEp6kBd8ugXnojKwgiAh40n8hMYZgQ&saml_acs=https%3A%2F%2Fnytads.my.salesforce.com%3Fso%3D00D3000000060xn&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fnytads.my.salesforce.com&samlSsoConfig=0LE1O000000KymF&RelayState=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.61.202 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl6-ncg1-c5-iad4.na167-ia4.my.salesforce.com

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 15 Feb 2022 18:03:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: text/html;charset=UTF-8
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Date: Tue, 15 Feb 2022 18:03:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Robots-Tag: none
Referrer-Policy: origin-when-cross-origin
Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Type: text/html; charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://nytads.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX-Ov4I2MDAwMDAwMDAwMDAwMDAwAAAA7IRrNX25k4Hzw2ty3cDo9hDjR2KT6AITyzwS0VL3RCCnum1BydKqDSzkt8v4IsiycnIRU9yGuaY_zXjsn3zW6sTo2K5YdLCnKDFgAt5p5ystgJjJKhE1iGHQZF70g3nUzZry29K79uL6yTa-rT1hyDDnQcykMcf70XNGxeXZLHSLoR5kUb8RWsN0Ay2BMLv3DJZEvit2fxG4bHnEOIanOdeHI-5br9HL1UnckEp6kBd8ugXnojKwgiAh40n8hMYZgQ&saml_acs=https%3A%2F%2Fnytads.my.salesforce.com%3Fso%3D00D3000000060xn&saml_binding_type=HttpPost&Issuer=https%3A%2F%2Fnytads.my.salesforce.com&samlSsoConfig=0LE1O000000KymF&RelayState=%2Fsetup%2Femailverif%3Foid%3D00D3000000060xn%26k%3DCj4KNQoPMDBEMzAwMDAwMDA2MHhuEg8wMkcxTzAwMDAwMGtSMTAaDzAwNTNiMDAwMDBDU29JNCAFGIKZ5PDvLxIQubpvdHrp1Fag-mxG72rNDRoMzNYKr1xjkk5ZnfB1InG2KAMHSGDdw5ChZhedfjU86ETonJaJeOu_AVSl4N55LCadTrH0O0MuZfMjHuldz6X_6eoucMnGNsNGOufX9y3sBK3CgXNxgdAgheknAvKx7558tQ-uKFkh7vH-65tccgkqH5iOWiOGH7dL7BGoGUPvIw%253D%253D
Content-Length: 0

POST
H/1.1 200
OK saml2 Show response
login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/ 154 KB
58 KB 255ms
134ms Document
text/html 20.190.160.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

8bba91809d4fa2e56dc2281813b2fe9d7aca7c8f8c29baaed8c2024b006b52bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://nytads.my.salesforce.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nytads.my.salesforce.com/

Response headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: d50727c5-e3fd-4150-b9ac-e1ebad150700
x-ms-ests-server: 2.1.12381.24 - NCUS ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy: strict-origin-when-cross-origin
Date: Tue, 15 Feb 2022 18:03:09 GMT
Content-Length: 57913

POST
H/1.1 200
OK reportbssotelemetry
login.microsoftonline.com/common/instrumentation/ 264 B
1 KB 36ms
35ms Ping
application/json 20.190.160.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/instrumentation/reportbssotelemetry?hpgid=6&hpgact=1900&client-request-id=72e9be05-2b13-4713-8721-daa6127250c1&hpgrequestid=d50727c5-e3fd-4150-b9ac-e1ebad150700

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.190.160.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Date: Tue, 15 Feb 2022 18:03:09 GMT
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 785a79b5-925a-4880-84ee-961285663800
Cache-Control: no-store, no-cache
Content-Type: application/json; charset=utf-8
Content-Length: 264
x-ms-ests-server: 2.1.12470.11 - NEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
Expires: -1

GET
H/1.1

200
OK

Primary Request / Show response
fs.nyt.net/adfs/ls/
Redirect Chain

https://login.microsoftonline.com/5cbd3855-ce3c-4b95-a24a-3779a0405381/saml2?whr=ent.nytint.com&sso_reload=true
https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTP...

20 KB
20 KB

580ms
219ms

Document
text/html

54.174.6.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

54.174.6.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-6-239.compute-1.amazonaws.com

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

78852b532ab8f9b8ff3fd725da58ad8930ab28cacb740d1b15a1d1b055b4c3ad

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://login.microsoftonline.com/

Response headers

Cache-Control: no-cache,no-store
Pragma: no-cache
Content-Length: 20437
Content-Type: text/html; charset=utf-8
Expires: -1
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
x-frame-options: DENY
Date: Tue, 15 Feb 2022 18:03:06 GMT

Redirect headers

Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Location: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0#
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 80711ba8-483e-40b6-99b4-ab1ea217d800
x-ms-ests-server: 2.1.12381.24 - SCUS ProdSlices
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Referrer-Policy: strict-origin-when-cross-origin
Date: Tue, 15 Feb 2022 18:03:10 GMT
Content-Length: 1111

GET
H/1.1 200
OK style.css
fs.nyt.net/adfs/portal/css/ 8 KB
8 KB 104ms
104ms Stylesheet
text/css 54.174.6.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.nyt.net/adfs/portal/css/style.css?id=DBC0B4741D4217A138377E7BCC747D0D30B93B979DC99146E4C4016785BA8C42
Requested by: Host: fs.nyt.net
URL: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 54.174.6.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-6-239.compute-1.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 47c8b22935bc876849dbb14cbe8e2e5166bed47df9e72dfd5a4050e80efc46e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 18:03:06 GMT
Expires: Thu, 17 Mar 2022 17:03:11 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: DBC0B4741D4217A138377E7BCC747D0D30B93B979DC99146E4C4016785BA8C42
Content-Length: 7829
Content-Type: text/css

GET
H/1.1 200
OK logo.png
fs.nyt.net/adfs/portal/logo/ 18 KB
18 KB 209ms
104ms Image
image/png 54.174.6.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.nyt.net/adfs/portal/logo/logo.png?id=1119A89EA7D28E555FAA253A51C03EA2DEEEA81BEB2CF9BAC4B70FACD5D40D8C
Requested by: Host: fs.nyt.net
URL: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 54.174.6.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-6-239.compute-1.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1119a89ea7d28e555faa253a51c03ea2deeea81beb2cf9bac4b70facd5d40d8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 18:03:06 GMT
Expires: Thu, 17 Mar 2022 17:03:11 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: 1119A89EA7D28E555FAA253A51C03EA2DEEEA81BEB2CF9BAC4B70FACD5D40D8C
Content-Length: 18662
Content-Type: image/png

GET
H/1.1 200
OK illustration.png
fs.nyt.net/adfs/portal/illustration/ 649 KB
650 KB 120ms
120ms Image
image/png 54.174.6.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fs.nyt.net/adfs/portal/illustration/illustration.png?id=B2A117306596FD42FB9369CABD35CE511075F92BE9FCFAC147E911A4C5C01485
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 54.174.6.239 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-6-239.compute-1.amazonaws.com
Software: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b2a117306596fd42fb9369cabd35ce511075f92be9fcfac147e911a4c5c01485

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs.nyt.net/adfs/ls/?client-request-id=f3b056b6-2107-4f49-832d-88dd00692426&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAYVTPYjbdhSX7zM5khJKoYVCuECaTWfpL_31YbimsmVLsr7Otnyn03LIkizJsv_y6cO2NBW6ZOzaGzOFdimlZOhUOpVMGUuge-lU6NKxDiEZsuTxHo_33u_9hvf4HWGt46golnmr2URV4fr5yaI6yd15kE_TzAtOvHSRfXx07_n5j_8ePlDMb_Anf2Lxw0c3jY8CVJxsV-Jt2oK-bzz4EE_zt8aznSvQEbZm4-aKVoAuCuv34_WYVYaZYQOY0HK9BkVFeWLKR-JsCFSLERSrqtcj4lyjhp0OKhdku_LVa3FUJwW3Zc3jykPKcMxXUuleXtX2LEdUfcHkVgpUeOlrHaSKvVAo4BJWeRH2Z3016pKxJA-cHkuEFBrXTlYBXmX5UmMqy8Uzi4wqUUQDr0p0b8oStiFtAtvR5JGWDmEynnDDi9wghAq0dW1FiX2nu4oLMN1I9ERGXVNxkekHsoLDScbLGjlGXtJdMknb58rQRulMXYexENEE4iL90gkHLxuNvxqNVzv7I3cxBze7v-8086Aol81g4cbzVZDF08dp7J8ShEgRb4whNuhRctqZ0aoxSM90sd3V63d3Bbocld2QW-uJt7He9qVipFuCK25rwzLiN9i2OAZ83-gIPUlRHXgmrrSNMigny5UvZ0uy54b4YiOxIDPEYarXxqWakZtZkkAHTdukgiSgCro8kkR_DTuREwX-dDbmmK6Vor7bD8zySjgfzWkDQq3j-lYmEyahl85Un8nl3K8Z-4oJ0tLTkWTkhmSWU5uvqLytUp3QNjahL4RRkCBhpW5YCLligJdqL4nYlYwzsPC8MLmWYWxexKYks77GtqVUGp-tlPUXlLj1n3YfQm_iUxyEuBdQHk5PeIi7gHZximV5l6AJSHHky707f-_dIXZbt24d3cM-w46x__YaT_e3Wnj2-fXXX8rPv_ru5x_uP_30D-zFfnNMBQPSQl2Nd85iTSGtCZUl7dquwcQEjiVyFteUkC4x_vqUapHfHtx9cYD9c9B4cojdHGK_3KY-pJ3Hefr-q18dfQIIAHAC4CQ8JrkWsWUmnF_vYv8D0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Tue, 15 Feb 2022 18:03:06 GMT
Expires: Thu, 17 Mar 2022 17:03:11 GMT
Server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag: B2A117306596FD42FB9369CABD35CE511075F92BE9FCFAC147E911A4C5C01485
Content-Length: 664967
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nytads.my.salesforce.com/	1970-01-20 09:41:24	Name: CookieConsentPolicy Value: 0:1
nytads.my.salesforce.com/	1970-01-20 09:41:24	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.salesforce.com/	1970-01-20 09:41:24	Name: BrowserId Value: iK05B46JEeyXvsX04TR3-Q
.salesforce.com/	1970-01-20 09:41:24	Name: BrowserId_sec Value: iK05B46JEeyXvsX04TR3-Q
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 00:55:48	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 01:39:00	Name: buid Value: 0.AQMAVTi9XDzOlUuiSjd5oEBTgbMSz7887yxFqM65YRjGbd8DAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrBUpDLiVlkOO8KmThFqIGo34UOasLSWAK5bmItEyxV5LcMNXkYMqodBJ-VU0j396AxCm3fKrVQKsckcSQUX5Rnwvire12kJiD2zeAeTqboqQgAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: ESTSWCTXFLOWTOKEN Value: AQABAAEAAAD--DLA3VO7QrddgJg7WevrZfF2k4m0aXSLFzgPD6fWbDgk9dwXedszfDLcNnNDo12ofRd1bCbj_5xqOC6iLYw7onpCg1BhEL5-p7kgOiJkiljqVLa4CMlFEnYkb9Zk0z0WquUBG2tEWW6UT_hBpLS84fjAW1nBEw4dm43Y0CZl6OG7H_XNQR6FtUm6oKKpoGzakgmXXr2m0kMflURjE1nlon8KmyaJca0tUNeYZDtBjlb9rwQXGpiNs0D-y_b_INGSSdafxHDHZcD84DwcBgsZMQLHBpZlYDk19uQfz8_eKgAcxukoTMe8duoC1YrNL4ei2iDEV_fn8nd2E7sG6WTBKdZayHAQYbI4yJY7fRZ1OB2GUr7raRkXaJ-J6upnCyltSFBU23Q3rfsHtsRcmJ9-E2r9gFhjWbWukRVQyoB2wNsG28-CzeC_LUjFGdCOE6a1y1AwOkYZr8hFNV6omWkE_q1uCCi1hOHNRH2g3OgDu514GS-KMzj2YqyWhbcl_FI6y53g3h5srPspI92s2JK1IAA
login.microsoftonline.com/	1970-01-20 01:39:00	Name: fpc Value: Ajy5WNsxHaxHnkJsKOU6GOnIcsEtAQAAAN3hndkOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7Wevr-qL2GyaCMHQReRerkHVrdPhqYUhrgbKwFUOoSbhoLPAeX7_Qf6dUDVnNG_EjuN-wJ9t9wQzO8VvQ5C9MLFId9MnIEbM31cbcV6WwQ2ce8hJVnf7Md0Y3LMJH5HhChYOCNBAgUL7Ju6vgXHz14PdkyNJckQ_-hf_E4yaF_Ttmf9kgAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fs.nyt.net
login.microsoftonline.com
nytads.my.salesforce.com
13.110.61.202
20.190.160.71
54.174.6.239
1119a89ea7d28e555faa253a51c03ea2deeea81beb2cf9bac4b70facd5d40d8c
47c8b22935bc876849dbb14cbe8e2e5166bed47df9e72dfd5a4050e80efc46e8
78852b532ab8f9b8ff3fd725da58ad8930ab28cacb740d1b15a1d1b055b4c3ad
8bba91809d4fa2e56dc2281813b2fe9d7aca7c8f8c29baaed8c2024b006b52bc
b2a117306596fd42fb9369cabd35ce511075f92be9fcfac147e911a4c5c01485

fs.nyt.net Open in urlscan Pro 54.174.6.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

759 kBTransfer

856 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

12 Cookies

Security Headers

Indicators

fs.nyt.net Open in urlscan Pro
54.174.6.239 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

759 kB
Transfer

856 kB
Size

12
Cookies

7 HTTP transactions
0 data transactions