www.nytimes.com Open in urlscan Pro
151.101.193.164  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request charles-coronation-mood.html Show response www.nytimes.com/2023/04/30/world/europe/	582 B 3 KB	74ms 15ms	Document text/html	151.101.193.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.nytimes.com/2023/04/30/world/europe/charles-coronation-mood.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software DataDome / Resource Hash 2c8a4fc773b85a6fb04468e43522727f4fd98a1b2aa348fc7ceda88e759c25b9 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; Strict-Transport-Security max-age=63072000; preload; includeSubdomains X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory accept-ranges bytes cache-control max-age=0, private, no-cache, no-store, must-revalidate charset utf-8 content-length 582 content-security-policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report; content-type text/html;charset=utf-8 date Tue, 02 May 2023 14:15:16 GMT onion-location https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2023/04/30/world/europe/charles-coronation-mood.html pragma no-cache server DataDome strict-transport-security max-age=63072000; preload; includeSubdomains vary Fastly-SSL x-api-version F-X x-cache MISS x-cache-hits 0 x-datadome protected x-datadome-cid AHrlqAAAAAMAsltrq7bP-68ABbXqhQ== x-datadome-timer S1683036917.788922,VS0,VE11 x-frame-options DENY x-gdpr 0 x-nyt-app-webview 0 x-nyt-edge-cache MISS x-nyt-route vi-story x-origin-time 2023-05-02 14:15:16 UTC x-served-by cache-lga21922-LGA
GET H2	200	c.js Show response ct.captcha-delivery.com/	5 KB 5 KB	41ms 4ms	Script application/javascript	13.225.63.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ct.captcha-delivery.com/c.js Requested by Host: www.nytimes.com URL: https://www.nytimes.com/2023/04/30/world/europe/charles-coronation-mood.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-44.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash d327fdebb5a02dd43a2ca128e50366f059518860adc8a952158e4cb23c5e01a1 Request headers accept-language en-US,en;q=0.9 Referer https://www.nytimes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 02:43:40 GMT via 1.1 92f8ba2eac28a12283a77bc938ff1728.cloudfront.net (CloudFront) last-modified Mon, 24 Apr 2023 12:29:15 GMT server AmazonS3 x-amz-cf-pop EWR53-C1 age 41497 x-amz-server-side-encryption AES256 etag "1f4a021d560d6a4b9ea35954db49aeab" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 5163 x-amz-cf-id TlV7ehzHRR5PXWWhmfCWXqx5ytd2cg3yqmndQwJjS3Q7aBcJJpD7FQ==
GET H/1.1	200 OK	/ Show response geo.captcha-delivery.com/captcha/ Frame A15F	33 KB 8 KB	107ms 14ms	Document text/html	18.208.5.161 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAsltrq7bP-68ABbXqhQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F04%2F30%2Fworld%2Feurope%2Fcharles-coronation-mood.html&s=17439&e=8466f195a3962080f6bb93197c5076150b1ab3a53122eeac778bbd49f552bd15 Requested by Host: ct.captcha-delivery.com URL: https://ct.captcha-delivery.com/c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.208.5.161 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-5-161.compute-1.amazonaws.com Software / Resource Hash 4ee3c06d88c1af4ad88ef3d4b314df4ff26675416e439c389b5e9a72e9014f69 Request headers Referer https://www.nytimes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Access-Control-Allow-Origin * Content-Encoding gzip Content-Type text/html;charset=utf-8 Date Tue, 02 May 2023 14:15:16 GMT Transfer-Encoding chunked Vary Accept-Encoding
GET H2	200	index.css static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame A15F	6 KB 2 KB	380ms 4ms	Stylesheet text/css	108.139.29.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAsltrq7bP-68ABbXqhQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F04%2F30%2Fworld%2Feurope%2Fcharles-coronation-mood.html&s=17439&e=8466f195a3962080f6bb93197c5076150b1ab3a53122eeac778bbd49f552bd15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-4.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1 Request headers accept-language en-US,en;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id null content-encoding gzip via 1.1 76d4de5b65bdf749a3f97445d1b9f4d2.cloudfront.net (CloudFront) date Mon, 01 May 2023 20:34:14 GMT last-modified Tue, 09 Jul 2019 14:35:24 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 63664 etag W/"8ba3717dee9fac12ab09dda082b49fac" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id 9dvIhJrbdY1KotER1mpRh4l8B22iWoEoxF7ttAQAAFTjZ610ONETBw==
GET H2	200	web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css g1.nyt.com/fonts/css/ Frame A15F	60 KB 10 KB	71ms 4ms	Stylesheet text/css	151.101.193.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAsltrq7bP-68ABbXqhQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F04%2F30%2Fworld%2Feurope%2Fcharles-coronation-mood.html&s=17439&e=8466f195a3962080f6bb93197c5076150b1ab3a53122eeac778bbd49f552bd15 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.193.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers accept-language en-US,en;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Wed, 24 Apr 2024 07:50:21 GMT date Tue, 02 May 2023 14:15:17 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=63072000; preload; includeSubdomains age 627895 x-guploader-uploadid ADPycduFSXYQ4Hq0Io5nRAHoB6ZyIVzAONQ9K_StstELSPA3EICCa0Xpo7zwtR9D8Ejj4uKqCVS5NM7KTfTXGV3i4biv-w x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 9922 x-served-by cache-lga21922-LGA last-modified Thu, 21 Jan 2021 20:59:32 GMT server UploadServer x-timer S1683036917.056069,VS0,VE0 etag "b3e9eedd81b658bb38d40b91c6568d7a" vary Accept-Encoding x-goog-generation 1611262772377885 content-type text/css; charset=utf-8 access-control-allow-origin * x-goog-hash crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg== access-control-expose-headers Content-Type cache-control public,max-age=31536000 access-control-allow-methods GET, OPTIONS x-goog-stored-content-length 9922 accept-ranges bytes x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 30
GET H2	200	loading_spinner.gif static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/ Frame A15F	44 KB 44 KB	379ms 5ms	Image image/gif	108.139.29.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/loading_spinner.gif Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAsltrq7bP-68ABbXqhQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F04%2F30%2Fworld%2Feurope%2Fcharles-coronation-mood.html&s=17439&e=8466f195a3962080f6bb93197c5076150b1ab3a53122eeac778bbd49f552bd15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.139.29.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-29-4.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7 Request headers accept-language en-US,en;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id null date Tue, 02 May 2023 14:00:36 GMT via 1.1 76d4de5b65bdf749a3f97445d1b9f4d2.cloudfront.net (CloudFront) last-modified Tue, 31 Jul 2018 12:27:34 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 882 etag "18be94cf37fa0da67af3c46ddebca50a" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 44663 x-amz-cf-id s0iik00gSKjapHecfYEhtlXvz2RqMDXzaEGmvxDkpooZ-liHKqrafQ==
GET H2	200	tags.js Show response js.datadome.co/ Frame A15F	273 KB 57 KB	248ms 74ms	Script text/javascript	65.9.121.112 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.datadome.co/tags.js Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAsltrq7bP-68ABbXqhQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F04%2F30%2Fworld%2Feurope%2Fcharles-coronation-mood.html&s=17439&e=8466f195a3962080f6bb93197c5076150b1ab3a53122eeac778bbd49f552bd15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.121.112 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-121-112.qro50.r.cloudfront.net Software Apache / Resource Hash b2cbff271b2a424800d91db247d534e06414e5c5a91a6fcf6b9ce59539097f7c Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-US,en;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=15768000 content-encoding gzip via 1.1 93ea67eafc6696b7fdd60c1a3e1490de.cloudfront.net (CloudFront) date Tue, 02 May 2023 13:49:39 GMT x-amz-cf-pop QRO50-C1 age 1539 x-cache Hit from cloudfront content-length 57667 last-modified Mon, 24 Apr 2023 12:48:19 GMT server Apache etag "445f8-5fa146bd7ac68-gzip" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, public accept-ranges bytes x-amz-cf-id vW8wAQDPNgaNy9bXKrkPz-FZvrP5U3Mp53Oi5i16BYl-4YPRiEFZUw== expires Tue, 02 May 2023 14:49:38 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/ Frame A15F	916 B 901 B	273ms 25ms	Script text/javascript	142.251.40.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?onload=recaptchaLoadCallback&render=explicit&hl=en Requested by Host: geo.captcha-delivery.com URL: https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAsltrq7bP-68ABbXqhQ%3D%3D&hash=499AE34129FA4E4FABC31582C3075D&cid=773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ&t=fe&referer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F04%2F30%2Fworld%2Feurope%2Fcharles-coronation-mood.html&s=17439&e=8466f195a3962080f6bb93197c5076150b1ab3a53122eeac778bbd49f552bd15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f4.1e100.net Software GSE / Resource Hash 9450e6655f8fea60058570185ae374d6559c3f651b0c1c535782a93ff385984b Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://geo.captcha-delivery.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 14:15:17 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 581 x-xss-protection 1; mode=block expires Tue, 02 May 2023 14:15:17 GMT
GET H2	200	cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2 g1.nyt.com/fonts/family/cheltenham/ Frame A15F	28 KB 29 KB	14ms 4ms	Font application/octet-stream	151.101.65.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Origin https://geo.captcha-delivery.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Mon, 30 Oct 2023 05:59:46 GMT date Tue, 02 May 2023 14:15:17 GMT via 1.1 varnish strict-transport-security max-age=63072000; preload; includeSubdomains age 15927330 x-guploader-uploadid ADPycdsLkzE9af4-95nygJnT3_hjSJ-npTDBK5vYvtasa2JP8JRR67485EdMyWWQY6uFkM-XjBlc7ZxZoE5RXtFMwdlMGu9rzmmk x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 29076 x-served-by cache-lga21950-LGA last-modified Tue, 03 May 2022 17:15:49 GMT server UploadServer x-timer S1683036917.399580,VS0,VE0 etag "a3ed7afe3eaa0a873f3fbd379f8c491b" x-goog-generation 1651598149633653 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw== access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable access-control-allow-methods GET, OPTIONS x-goog-stored-content-length 29076 accept-ranges bytes x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 21049
GET H2	200	franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2 g1.nyt.com/fonts/family/franklin/ Frame A15F	20 KB 20 KB	13ms 3ms	Font application/octet-stream	151.101.65.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.abe1b34d5a429f8e034860c86c483446.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Origin https://geo.captcha-delivery.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Wed, 21 Feb 2024 11:28:32 GMT date Tue, 02 May 2023 14:15:17 GMT via 1.1 varnish strict-transport-security max-age=63072000; preload; includeSubdomains age 6058005 x-guploader-uploadid ADPycdu_JoT4TWqlaMXsPoIW70s-0fZ8c1RjvQmrkeE1bGGdhNf1xRmJOyghUvdN6MZov68c9E89kBn_vARQiu2BVf2fO4z5GR2M x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 20212 x-served-by cache-lga21950-LGA last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1683036917.399551,VS0,VE0 etag "abe1b34d5a429f8e034860c86c483446" x-goog-generation 1631734984010934 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=JJVCDg==, md5=q+GzTVpCn44DSGDIbEg0Rg== access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable access-control-allow-methods GET, OPTIONS x-goog-stored-content-length 20212 accept-ranges bytes x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 3939
GET H2	200	franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2 g1.nyt.com/fonts/family/franklin/ Frame A15F	19 KB 20 KB	17ms 7ms	Font application/octet-stream	151.101.65.164 FASTLY
General Check archive.org Show headers Download Go to Full URL https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2 Requested by Host: g1.nyt.com URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.164 , United States, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6 Security Headers Name Value Strict-Transport-Security max-age=63072000; preload; includeSubdomains Request headers Referer https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css Origin https://geo.captcha-delivery.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Thu, 11 Apr 2024 07:15:56 GMT date Tue, 02 May 2023 14:15:17 GMT via 1.1 varnish strict-transport-security max-age=63072000; preload; includeSubdomains age 1753162 x-guploader-uploadid ADPycdv5aVqoVUmkwoqpWMgSG3jl6PkSW6GPREpAUF0ysdfvdS3litSBHbrYP-bkF3YMgO5WVTtVzFF8qW4VunxpJNQ3Th_ibuwh x-cache HIT x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 19836 x-served-by cache-lga21950-LGA last-modified Wed, 15 Sep 2021 19:43:04 GMT server UploadServer x-timer S1683036917.399952,VS0,VE0 etag "d6c06a3d84a57100edad5bf9b84ff739" x-goog-generation 1631734984052902 content-type application/octet-stream access-control-allow-origin * x-goog-hash crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ== access-control-expose-headers Content-Type cache-control public,max-age=31536000,immutable access-control-allow-methods GET, OPTIONS x-goog-stored-content-length 19836 accept-ranges bytes x-nyt-pagetype web-font timing-allow-origin * x-cache-hits 4323
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/ Frame A15F	405 KB 162 KB	25ms 4ms	Script text/javascript	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?onload=recaptchaLoadCallback&render=explicit&hl=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4900a65a65d13917a7651f99e470094e2df283f056166a70a2f2163b0cbb42ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://geo.captcha-delivery.com/ Origin https://geo.captcha-delivery.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 05:51:13 GMT content-encoding gzip x-content-type-options nosniff age 30244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 165308 x-xss-protection 0 last-modified Mon, 01 May 2023 04:04:04 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 May 2024 05:51:13 GMT
POST H2	200	/ Show response api-js.datadome.co/js/ Frame A15F	244 B 422 B	63ms 13ms	XHR application/json	44.199.52.102 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-js.datadome.co/js/ Requested by Host: js.datadome.co URL: https://js.datadome.co/tags.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.199.52.102 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-199-52-102.compute-1.amazonaws.com Software DataDome / Resource Hash d436a697299502b8464ca547e65c17077d015d8de5e1729ffabf6e5f2e0ad922 Request headers Referer https://geo.captcha-delivery.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Tue, 02 May 2023 14:15:17 GMT server DataDome content-type application/json;charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 244 expires 0
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 895D	50 KB 28 KB	41ms 40ms	Document text/html	142.251.40.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=en&v=kluKgh5aRskAAiryF2YrJLQo&size=normal&cb=z60b292grc3l Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/recaptcha__en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s79-in-f4.1e100.net Software GSE / Resource Hash f79d83d7f5ea600721d015040a714057f68056297256d6544131b5d8adf1df8a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-jBhkr3kwUDE25y2a8eM5dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://geo.captcha-delivery.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 28113 content-security-policy script-src 'report-sample' 'nonce-jBhkr3kwUDE25y2a8eM5dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 02 May 2023 14:15:17 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/ Frame 895D	55 KB 24 KB	51ms 38ms	Stylesheet text/css	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=en&v=kluKgh5aRskAAiryF2YrJLQo&size=normal&cb=z60b292grc3l Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 05:51:14 GMT content-encoding gzip x-content-type-options nosniff age 30243 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Mon, 01 May 2023 04:04:04 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 May 2024 05:51:14 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/ Frame 895D	405 KB 161 KB	69ms 56ms	Script text/javascript	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=en&v=kluKgh5aRskAAiryF2YrJLQo&size=normal&cb=z60b292grc3l Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4900a65a65d13917a7651f99e470094e2df283f056166a70a2f2163b0cbb42ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 05:51:13 GMT content-encoding gzip x-content-type-options nosniff age 30244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 165308 x-xss-protection 0 last-modified Mon, 01 May 2023 04:04:04 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 May 2024 05:51:13 GMT
GET DATA	200 OK	truncated / Frame 895D	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 895D	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 895D	2 KB 2 KB	5ms 5ms	Image image/png	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 10:27:06 GMT x-content-type-options nosniff age 272892 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 06 May 2023 10:27:06 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 895D	15 KB 16 KB	54ms 11ms	Font font/woff2	2607:f8b0:4020:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=en&v=kluKgh5aRskAAiryF2YrJLQo&size=normal&cb=z60b292grc3l Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 16:49:44 GMT x-content-type-options nosniff age 249934 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 28 Apr 2024 16:49:44 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 895D	102 B 134 B	39ms 39ms	Other text/javascript	2607:f8b0:4020:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=kluKgh5aRskAAiryF2YrJLQo Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=en&v=kluKgh5aRskAAiryF2YrJLQo&size=normal&cb=z60b292grc3l Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 041f9a91e6e643cbc677bbdfb4aa91a74c6750f5844cc1568b666644432edcfd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T&co=aHR0cHM6Ly9nZW8uY2FwdGNoYS1kZWxpdmVyeS5jb206NDQz&hl=en&v=kluKgh5aRskAAiryF2YrJLQo&size=normal&cb=z60b292grc3l User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 14:15:18 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112 x-xss-protection 1; mode=block expires Tue, 02 May 2023 14:15:18 GMT
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame 4465	7 KB 1 KB	40ms 39ms	Document text/html	2607:f8b0:4020:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=en&v=kluKgh5aRskAAiryF2YrJLQo&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/recaptcha__en.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3b0ca414da8b9f008f7e576e4575fd1dd40eb510f08b6bf55a35b56d17a1f7aa Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GtR4AFnTg2tLUjEjXFNmhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://geo.captcha-delivery.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1145 content-security-policy script-src 'report-sample' 'nonce-GtR4AFnTg2tLUjEjXFNmhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 02 May 2023 14:15:18 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/ Frame 4465	55 KB 24 KB	5ms 4ms	Stylesheet text/css	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=kluKgh5aRskAAiryF2YrJLQo&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 05:51:14 GMT content-encoding gzip x-content-type-options nosniff age 30244 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24605 x-xss-protection 0 last-modified Mon, 01 May 2023 04:04:04 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 May 2024 05:51:14 GMT
GET H3	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/ Frame 4465	405 KB 161 KB	7ms 6ms	Script text/javascript	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/kluKgh5aRskAAiryF2YrJLQo/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=kluKgh5aRskAAiryF2YrJLQo&k=6LcSzk8bAAAAAOTkPCjprgWDMPzo_kgGC3E5Vn-T Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 New York, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4900a65a65d13917a7651f99e470094e2df283f056166a70a2f2163b0cbb42ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 02 May 2023 05:51:13 GMT content-encoding gzip x-content-type-options nosniff age 30245 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 165308 x-xss-protection 0 last-modified Mon, 01 May 2023 04:04:04 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 01 May 2024 05:51:13 GMT

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| dd undefined| isIframeLoaded undefined| maxTimeoutMs undefined| initialTime function| iframeOnload

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nytimes.com/2023/04/30/world/europe/charles-coronation-mood.html	1970-01-20 11:30:36	Name: nyt.et.dd Value: iv=C921965764E344DC9A8BCA28C71282FD&val=nvIOVRP40OxTdiB7eYVAgOtGNNynmFXDi09c4h0r6hMPSGkFCMa/7c17ZprGWov7mRaCoflllLpdAHiRRoEww+AX4NlFraCSODK0GvTnLdzeUypoTCEckcagrn4XlEsDJ7OJn3tepCaZ0FKGVIJct/Bqz48YC8eUlfrzP0HBx0KuJAituYJaU8v2ygHSgZm7u0djNOUrpuitq6foSANoXJL8kgt30ppErf24SVf0qqBO1zJkizMMHlmrTyDfhv7WFV1L31l6IZuPxrPTalorztSfmyRq1flVBYVwfrcLwBhTw1eWxA1HlPUO7bFcvvuJlVlYhaP/zgbK9p75vhTzBQ==
			.www.nytimes.com/	1970-01-20 20:16:12	Name: datadome Value: 773TGkP9tXhnt0ldk3IbxHWYlAJ_fNBb87ItCkfXDG7fCCct1Y2Pn8~qngVTO5OSR_KkuhBi5m8n1X0tMlntjD~KGAadLm8P6b8r5rsEmuCeXM7PlFcPKIOfXmjgi8SJ
			.nytimes.com/	1970-01-20 20:16:12	Name: nyt-a Value: ncCdQF_mzjYllOcq8UKW2h
			.nytimes.com/	1970-01-20 11:30:58	Name: nyt-gdpr Value: 0
			.nytimes.com/	1970-01-20 20:16:12	Name: nyt-purr Value: cfhhcfhhhckfhdf
			.nytimes.com/	1970-01-20 11:30:58	Name: nyt-us Value: 1
			.nytimes.com/	1970-01-20 11:30:58	Name: nyt-geo Value: US
			.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 2aada2baf26a41a48902f987dd47a531

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.nytimes.com/2023/04/30/world/europe/charles-coronation-mood.html Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.datadome.co
ct.captcha-delivery.com
fonts.gstatic.com
g1.nyt.com
geo.captcha-delivery.com
js.datadome.co
static.captcha-delivery.com
www.google.com
www.gstatic.com
www.nytimes.com
108.139.29.4
13.225.63.44
142.251.40.100
151.101.193.164
151.101.65.164
18.208.5.161
2607:f8b0:4006:81d::2003
2607:f8b0:4020:806::2003
2607:f8b0:4020:807::2004
44.199.52.102
65.9.121.112
041f9a91e6e643cbc677bbdfb4aa91a74c6750f5844cc1568b666644432edcfd
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
2c8a4fc773b85a6fb04468e43522727f4fd98a1b2aa348fc7ceda88e759c25b9
382754535c8544a1771a47b0f27d04402334c75c0b83cb0b18d88b20e271e3ab
3b0ca414da8b9f008f7e576e4575fd1dd40eb510f08b6bf55a35b56d17a1f7aa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4900a65a65d13917a7651f99e470094e2df283f056166a70a2f2163b0cbb42ca
4ee3c06d88c1af4ad88ef3d4b314df4ff26675416e439c389b5e9a72e9014f69
9450e6655f8fea60058570185ae374d6559c3f651b0c1c535782a93ff385984b
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
b2cbff271b2a424800d91db247d534e06414e5c5a91a6fcf6b9ce59539097f7c
d327fdebb5a02dd43a2ca128e50366f059518860adc8a952158e4cb23c5e01a1
d436a697299502b8464ca547e65c17077d015d8de5e1729ffabf6e5f2e0ad922
ed243a7fa712a26559089ad5eadb7bffb314357ac21966fe20f5cef1fb6355b1
f79d83d7f5ea600721d015040a714057f68056297256d6544131b5d8adf1df8a
fab79f1dfdc7b759da9e1c4d80169bc879352b47bf0cf9352e3eeaed39e55de7