www.nytimes.com Open in urlscan Pro
151.101.193.164  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAGAfkSUkF9rmhnKRwfJc3Rw3p6sTP7eVN6uSZuLw9yOW00DVmIeS2NaCrboEEsIAUniwNqd0V0= Page URL
2. https://www.nytimes.com/2021/05/10/business/dealbook/ransomware-pipeline-colonial.html?mkt_tok=MDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	MDk3LVVHTC03NDkAAAGAfkSUkF9rmhnKRwfJc3Rw3p6sTP7eVN6uSZuLw9yOW00DVmIeS2NaCrboEEsIAUniwNqd0V0= Show response app.discover.commvault.com/	533 B 855 B	305ms 156ms	Document text/html	199.15.215.8 OMNITURE
General Check archive.org Show headers Download Go to Full URL http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAGAfkSUkF9rmhnKRwfJc3Rw3p6sTP7eVN6uSZuLw9yOW00DVmIeS2NaCrboEEsIAUniwNqd0V0= Protocol HTTP/1.1 Server 199.15.215.8 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software Apache / Resource Hash b9cc9815de14dd533f0018bdb9b3ca9a6737a5b6ab6c66821f73f1bd2969053c Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Tue, 02 Nov 2021 07:06:11 GMT Server Apache Cache-Control private, no-cache, no-store, max-age=0 Connection close X-Content-Type-Options nosniff Vary Accept-Encoding Content-Encoding gzip Transfer-Encoding chunked Content-Type text/html
GET H2	403	Primary Request ransomware-pipeline-colonial.html Show response www.nytimes.com/2021/05/10/business/dealbook/	460 B 2 KB	99ms 22ms	Document text/html	151.101.193.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/2021/05/10/business/dealbook/ransomware-pipeline-colonial.html?mkt_tok=MDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw Requested by Host: app.discover.commvault.com URL: http://app.discover.commvault.com/MDk3LVVHTC03NDkAAAGAfkSUkF9rmhnKRwfJc3Rw3p6sTP7eVN6uSZuLw9yOW00DVmIeS2NaCrboEEsIAUniwNqd0V0= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software DataDome / Resource Hash ed59c10430c613cb43a812682c4f5416bc928265e77ee940dea0bce9dd501368 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://app.discover.commvault.com/ Response headers server DataDome x-datadome protected content-type text/html;charset=utf-8 charset utf-8 cache-control max-age=0, private, no-cache, no-store, must-revalidate pragma no-cache x-datadome-cid AHrlqAAAAAMArNczXT4uK0QA2INyPQ== x-datadome-timer S1635836771.384973,VS0,VE15 x-origin-time 2021-11-02 07:06:11 UTC accept-ranges bytes date Tue, 02 Nov 2021 07:06:11 GMT x-served-by cache-hhn4047-HHN x-cache MISS x-cache-hits 0 vary Fastly-SSL x-nyt-app-webview 0 x-gdpr 1 x-frame-options DENY onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2021/05/10/business/dealbook/ransomware-pipeline-colonial.html x-api-version F-X x-nyt-route vi-story content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; strict-transport-security max-age=63072000; preload x-nyt-edge-cache MISS content-length 460
GET H2	200	c.js Show response ct.captcha-delivery.com/	6 KB 6 KB	34ms 7ms	Script application/javascript	13.224.196.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ct.captcha-delivery.com/c.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2021/05/10/business/dealbook/ransomware-pipeline-colonial.html?mkt_tok=MDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-129.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash c0b74360111d08a854e0c2fd96aafa99dcc2ece0d240b06057fd9467822ea70c Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 00:55:40 GMT via 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront) last-modified Thu, 21 Oct 2021 13:19:45 GMT server AmazonS3 age 22232 etag "aa185283635644b05f5eb7ae181dadc1" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 6277 x-amz-cf-id xRaKVYuCg5B1Td_ZJsmsKMSWFYggrdnB4xTVLfFtOrSdDqbslHDvXQ==
GET H/1.1	200 OK	/ Show response geo.captcha-delivery.com/captcha/ Frame 4D82	33 KB 33 KB	63ms 9ms	Document text/html	3.125.247.22 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Requested by Host: ct.captcha-delivery.com URL: https://ct.captcha-delivery.com/c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.125.247.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-125-247-22.eu-central-1.compute.amazonaws.com Software / Resource Hash cad54a1ac461f70e82d81508231126a553e96464965770ce05ee57519db8efa2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.nytimes.com/ Response headers Date Tue, 02 Nov 2021 07:06:11 GMT Access-Control-Allow-Origin * Content-Type text/html;charset=utf-8 Transfer-Encoding chunked
GET H2	200	index.css static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame 4D82	6 KB 7 KB	62ms 7ms	Stylesheet text/css	13.224.196.2 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-2.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-amz-version-id null via 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront) last-modified Tue, 09 Jul 2019 14:35:24 GMT server AmazonS3 age 57504 etag "8ba3717dee9fac12ab09dda082b49fac" x-cache Hit from cloudfront content-type text/css date Mon, 01 Nov 2021 17:35:08 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 6323 x-amz-cf-id NOGVy9ebw4wf4k3j6njFQgg3q6OWKuF0lPTbXoFsNEb5_gGWhGTdtQ==
GET H2	200	web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css g1.nyt.com/fonts/css/ Frame 4D82	60 KB 10 KB	23ms 6ms	Stylesheet text/css	151.101.193.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db Request headers Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-goog-hash crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg== date Tue, 02 Nov 2021 07:06:11 GMT content-encoding gzip content-type text/css; charset=utf-8 age 1667413 x-guploader-uploadid ADPycdvxuqr7yRZTFDUmGj6c1ud4c69RflQLiEVjdjUqVb_ngFAQVFQ3xPsmEqnaIBP42Gl4QV-16RppOZgXCrrRHfI x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 9922 via 1.1 varnish x-served-by cache-hhn4047-HHN accept-ranges bytes expires Thu, 13 Oct 2022 23:55:58 GMT last-modified Thu, 21 Jan 2021 20:59:32 GMT server UploadServer x-timer S1635836772.571332,VS0,VE0 etag "b3e9eedd81b658bb38d40b91c6568d7a" vary Accept-Encoding access-control-allow-methods GET, OPTIONS x-goog-generation 1611262772377885 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000 x-goog-stored-content-length 9922 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 2
GET H2	200	loading_spinner.gif static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame 4D82	44 KB 44 KB	60ms 8ms	Image image/gif	13.224.196.2 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/loading_spinner.gif Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.2 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-2.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-amz-version-id null via 1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront) last-modified Tue, 31 Jul 2018 12:27:34 GMT server AmazonS3 age 10586 etag "18be94cf37fa0da67af3c46ddebca50a" x-cache Hit from cloudfront content-type image/gif date Tue, 02 Nov 2021 04:09:46 GMT x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 44663 x-amz-cf-id s5F3vGm3NO-WhASK-WOKd_C-KWRlrLCzkBQyTvX2DHde3lQjgtd_EQ==
GET H2	200	tags.js Show response js.datadome.co/ Frame 4D82	242 KB 36 KB	37ms 8ms	Script text/javascript	13.225.87.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.datadome.co/tags.js Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-67.fra2.r.cloudfront.net Software Apache / Resource Hash 86391635d6e56f4d6c0421f3feddb36904d79de6e3684bcebee55ba61e87ba0f Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 06:48:14 GMT content-encoding gzip vary Accept-Encoding age 1077 x-cache Hit from cloudfront content-length 36771 access-control-allow-origin * last-modified Thu, 28 Oct 2021 15:48:05 GMT server Apache etag "3c60f-5cf6ba2ebcd13-gzip" strict-transport-security max-age=15768000 content-type text/javascript via 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront) cache-control max-age=3600, public x-amz-cf-pop FRA2-C2 accept-ranges bytes x-amz-cf-id AxXGfQIxws-kYjRucHxIoj-_A1uuEQqSRb9gf2wLbFuVYvS1KehekQ== expires Tue, 02 Nov 2021 07:48:14 GMT
GET H2	200	cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2 g1.nyt.com/fonts/family/cheltenham/ Frame 4D82	28 KB 29 KB	23ms 6ms	Font application/octet-stream	151.101.1.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Origin https://geo.captcha-delivery.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-goog-hash crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw== date Tue, 02 Nov 2021 07:06:11 GMT via 1.1 varnish content-type application/octet-stream age 6220316 x-guploader-uploadid ADPycduWewO8INHWShUuSlcqHSBkJA4-_JP2G-iiGmI3ZpQUHH9LMPyPLOXQN_5_yY5dQXt8vBNLq0XQj2wOuABqPhOkE6CsCA x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 29076 x-served-by cache-hhn4028-HHN accept-ranges bytes expires Mon, 22 Aug 2022 07:14:15 GMT last-modified Wed, 21 Jul 2021 17:23:53 GMT server UploadServer x-timer S1635836772.653170,VS0,VE0 etag "a3ed7afe3eaa0a873f3fbd379f8c491b" access-control-allow-methods GET, OPTIONS x-goog-generation 1626888233197339 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 29076 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 35170
GET H2	200	franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2 g1.nyt.com/fonts/family/franklin/ Frame 4D82	19 KB 20 KB	25ms 8ms	Font application/octet-stream	151.101.1.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6 Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Origin https://geo.captcha-delivery.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-goog-hash crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ== date Tue, 02 Nov 2021 07:06:11 GMT via 1.1 varnish content-type application/octet-stream age 2273035 x-guploader-uploadid ADPycdv_daBJz1GMbDv51CbbcmgvIEki9m2Vbyc2RlpNHfjikXqOwydbx02JYNMon2CphKiQnbieVibYJ2n6-cIuvVY x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 19836 x-served-by cache-hhn4028-HHN accept-ranges bytes expires Thu, 06 Oct 2022 23:42:16 GMT last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1635836772.653272,VS0,VE0 etag "d6c06a3d84a57100edad5bf9b84ff739" access-control-allow-methods GET, OPTIONS x-goog-generation 1631734984052902 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable x-goog-stored-content-length 19836 x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 53873
GET H2	200	api.js Show response www.google.com/recaptcha/ Frame 4D82	916 B 995 B	40ms 16ms	Script text/javascript	142.250.181.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=recaptchaLoadCallback&render=explicit&hl=de Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f4.1e100.net Software GSE / Resource Hash 91831de448b5b97222ff2724a1d1db30c67631b6c291dd531d079ef484301986 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 07:06:11 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 582 x-xss-protection 1; mode=block expires Tue, 02 Nov 2021 07:06:11 GMT
GET		icon16.png jnhgnonknehpejjnehehllkliplmbmhn/images/ Frame 4D82	0 0
POST H2	200	/ Show response api-js.datadome.co/js/ Frame 4D82	219 B 397 B	91ms 19ms	XHR application/json	18.195.3.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-js.datadome.co/js/ Requested by Host: js.datadome.co URL: https://js.datadome.co/tags.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.3.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-3-6.eu-central-1.compute.amazonaws.com Software DataDome / Resource Hash 986f7757b00af84059b10845311c0e01219012f51f83f6211cefa8c8c9210bef Request headers Referer https://geo.captcha-delivery.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 02 Nov 2021 07:06:11 GMT server DataDome content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 219 expires 0
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame 4D82	348 KB 137 KB	41ms 6ms	Script text/javascript	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=recaptchaLoadCallback&render=explicit&hl=de Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://geo.captcha-delivery.com/ Origin https://geo.captcha-delivery.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 07:00:34 GMT content-encoding gzip x-content-type-options nosniff age 337 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139303 x-xss-protection 0 last-modified Mon, 25 Oct 2021 04:03:05 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 02 Nov 2022 07:00:34 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame ADAC	40 KB 21 KB	24ms 24ms	Document text/html	142.250.181.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=normal&cb=vkuhrysfh3jy Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f4.1e100.net Software GSE / Resource Hash 3f0a01fc7208f4fc01af64a2b7e6ff6724197cd7fbac2af73e557273883938af Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Zpcs5U4/lmbmaTo7La1lOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 02 Nov 2021 07:06:11 GMT content-security-policy script-src 'report-sample' 'nonce-Zpcs5U4/lmbmaTo7La1lOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 21292 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame ADAC	52 KB 25 KB	22ms 8ms	Stylesheet text/css	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=normal&cb=vkuhrysfh3jy Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 14:45:51 GMT content-encoding gzip x-content-type-options nosniff age 58820 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25743 x-xss-protection 0 last-modified Mon, 25 Oct 2021 04:03:05 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Tue, 01 Nov 2022 14:45:51 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame ADAC	348 KB 136 KB	20ms 7ms	Script text/javascript	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=normal&cb=vkuhrysfh3jy Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 07:00:34 GMT content-encoding gzip x-content-type-options nosniff age 337 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139303 x-xss-protection 0 last-modified Mon, 25 Oct 2021 04:03:05 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 02 Nov 2022 07:00:34 GMT
GET DATA	200 OK	truncated / Frame ADAC	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame ADAC	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame ADAC	2 KB 2 KB	7ms 7ms	Image image/png	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 05:32:00 GMT x-content-type-options nosniff age 5652 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Tue, 09 Nov 2021 05:32:00 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame ADAC	15 KB 16 KB	28ms 6ms	Font font/woff2	142.250.185.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=normal&cb=vkuhrysfh3jy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 04:18:33 GMT x-content-type-options nosniff age 355659 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 29 Oct 2022 04:18:33 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame ADAC	102 B 134 B	27ms 26ms	Other text/javascript	142.250.181.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=normal&cb=vkuhrysfh3jy Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f4.1e100.net Software GSE / Resource Hash 254853b06629a0510c2e9252f92aa2b525cf9851b29a3cdeeb41c94dc91d632c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&size=normal&cb=vkuhrysfh3jy User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 07:06:12 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 02 Nov 2021 07:06:12 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame ED5E	7 KB 1 KB	25ms 23ms	Document text/html	142.250.181.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f4.1e100.net Software GSE / Resource Hash 697265a5a0566ffbf8464e1d1e35230db1a0a8593794f6014b11f1d8a4327518 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-QLnYA9jBa2yDdnmldRWjNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://geo.captcha-delivery.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 02 Nov 2021 07:06:12 GMT content-security-policy script-src 'report-sample' 'nonce-QLnYA9jBa2yDdnmldRWjNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 1112 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame ED5E	52 KB 25 KB	7ms 7ms	Stylesheet text/css	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash 295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 14:45:51 GMT content-encoding gzip x-content-type-options nosniff age 58821 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25743 x-xss-protection 0 last-modified Mon, 25 Oct 2021 04:03:05 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="recaptcha" expires Tue, 01 Nov 2022 14:45:51 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/ Frame ED5E	348 KB 136 KB	9ms 8ms	Script text/javascript	142.250.185.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=UrRmT3mBwY326qQxUfVlHu1P&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f3.1e100.net Software sffe / Resource Hash aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 07:00:34 GMT content-encoding gzip x-content-type-options nosniff age 338 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139303 x-xss-protection 0 last-modified Mon, 25 Oct 2021 04:03:05 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 02 Nov 2022 07:00:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

jnhgnonknehpejjnehehllkliplmbmhn

URL

chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.discover.commvault.com/	1969-12-31 23:59:59	Name: BIGipServersj_mailtracking_http Value: !KTcJZy4OXN4CYDW7iv4ewrP5TPDRs7vVs0lUmjTli/HEh6VI0INetXmdAsPskbiLEEKHlUyRrsLzeaE=
			.nytimes.com/	1970-01-20 07:09:32	Name: datadome Value: GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p
			.nytimes.com/	1970-01-20 07:09:32	Name: nyt-a Value: J94sTssTABd0OzHwxaN_GK
			.nytimes.com/	1970-01-19 22:24:18	Name: nyt-gdpr Value: 1
			.nytimes.com/	1970-01-20 07:09:32	Name: nyt-purr Value: cfhspnahhud
			.nytimes.com/	1970-01-19 22:24:18	Name: nyt-us Value: 0
			.nytimes.com/	1970-01-19 22:24:18	Name: nyt-geo Value: DE
			.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 94e6afec22674a40a88f8552205f8284

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.nytimes.com/2021/05/10/business/dealbook/ransomware-pipeline-colonial.html?mkt_tok=MDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMArNczXT4uK0QA2INyPQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=GWedUefxExfL0PqeM86WzRn6Irb6UXCTNJlJUpReanVIvqBhzrapno3iCSrMR~zhzqEs7fxUsC75tt1Oo~X3jPMFZl0Rv_3yp7B6iyHz_p&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fbusiness%2Fdealbook%2Fransomware-pipeline-colonial.html%3Fmkt_tok%3DMDk3LVVHTC03NDkAAAGAfkSUkFkyelj9cVJPuzh2vk9TJcsUIuXPyOTdCI-Oakj9SPhMzSH_J9ra9pOQprv0jxMypQFENH-_9w9EJUSM2yCx5APkyNhDPPC5ALJPGghlrHbXxw&s=17439 Message: Access to XMLHttpRequest at 'chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png' from origin 'https://geo.captcha-delivery.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://jnhgnonknehpejjnehehllkliplmbmhn/images/icon16.png Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
app.discover.commvault.com
ct.captcha-delivery.com
fonts.gstatic.com
g1.nyt.com
geo.captcha-delivery.com
jnhgnonknehpejjnehehllkliplmbmhn
js.datadome.co
static.captcha-delivery.com
www.google.com
www.gstatic.com
www.nytimes.com
jnhgnonknehpejjnehehllkliplmbmhn
13.224.196.129
13.224.196.2
13.225.87.67
142.250.181.228
142.250.185.131
142.250.185.67
151.101.1.164
151.101.193.164
18.195.3.6
199.15.215.8
3.125.247.22
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
254853b06629a0510c2e9252f92aa2b525cf9851b29a3cdeeb41c94dc91d632c
295426f89c923624640e8f1bb52e3438a7b43fb7efa84c1dc6bbbd41971c0f10
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f0a01fc7208f4fc01af64a2b7e6ff6724197cd7fbac2af73e557273883938af
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
697265a5a0566ffbf8464e1d1e35230db1a0a8593794f6014b11f1d8a4327518
86391635d6e56f4d6c0421f3feddb36904d79de6e3684bcebee55ba61e87ba0f
91831de448b5b97222ff2724a1d1db30c67631b6c291dd531d079ef484301986
986f7757b00af84059b10845311c0e01219012f51f83f6211cefa8c8c9210bef
aba311cb6a5c9a5bc6aedd12bf7e4eafe080fecd789840865ffebb30c4cdde5a
b9cc9815de14dd533f0018bdb9b3ca9a6737a5b6ab6c66821f73f1bd2969053c
c0b74360111d08a854e0c2fd96aafa99dcc2ece0d240b06057fd9467822ea70c
cad54a1ac461f70e82d81508231126a553e96464965770ce05ee57519db8efa2
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1
ed59c10430c613cb43a812682c4f5416bc928265e77ee940dea0bce9dd501368
fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7