www.seattletimes.com Open in urlscan Pro
95.100.75.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumpe...
Submission: On April 24 via manual (April 24th 2020, 11:45:21 am UTC) from PH

Summary HTTP 145 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 41 domains to perform 145 HTTP transactions. The main IP is 95.100.75.222, located in Ascension Island and belongs to AKAMAI-AS, US. The main domain is www.seattletimes.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 25th 2019. Valid for: a year.

This is the only time www.seattletimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	95.100.75.222 95.100.75.222	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.225.83.203 13.225.83.203	16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.118 13.225.73.118	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.194.69 13.224.194.69	16509 (AMAZON-02) (AMAZON-02)
9	95.100.67.47 95.100.67.47	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1	13.225.73.73 13.225.73.73	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
5	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE)
1	54.171.46.67 54.171.46.67	16509 (AMAZON-02) (AMAZON-02)
3	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.64 13.225.73.64	16509 (AMAZON-02) (AMAZON-02)
2	143.204.89.95 143.204.89.95	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	143.204.89.121 143.204.89.121	16509 (AMAZON-02) (AMAZON-02)
3	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
1 3	104.74.92.158 104.74.92.158	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.241.8.149 35.241.8.149	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a02:26f0:10c... 2a02:26f0:10c:287::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	63.33.80.49 63.33.80.49	16509 (AMAZON-02) (AMAZON-02)
3	23.222.53.19 23.222.53.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	54.209.139.223 54.209.139.223	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.95.123.41 52.95.123.41	16509 (AMAZON-02) (AMAZON-02)
1	216.58.207.70 216.58.207.70	15169 (GOOGLE) (GOOGLE)
4 6	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	23.222.58.180 23.222.58.180	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	54.171.59.252 54.171.59.252	16509 (AMAZON-02) (AMAZON-02)
1	52.73.102.160 52.73.102.160	14618 (AMAZON-AES) (AMAZON-AES)
145	55

19 95.100.75.222 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-222.deploy.static.akamaitechnologies.com

www.seattletimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.83.203 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-203.fra2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-118.fra2.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-69.fra2.r.cloudfront.net

seattle-times.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.100.67.47 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-47.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.73 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-73.fra2.r.cloudfront.net

modules.wearehearken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s16-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.46.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-46-67.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.64 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-64.fra2.r.cloudfront.net

awsapi.seattletimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-95.fra50.r.cloudfront.net

assets.wearehearken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:818::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-121.fra50.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 111.91.190.35.bc.googleusercontent.com

smashsurprise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.74.92.158 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-92-158.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.8.149 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 149.8.241.35.bc.googleusercontent.com

di.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

seattle-times-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:287::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.80.49 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.222.53.19 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-53-19.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.209.139.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-139-223.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.70 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.222.58.180 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-58-180.deploy.static.akamaitechnologies.com

www.aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.59.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-59-252.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.102.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-102-160.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	278 KB
20	seattletimes.com www.seattletimes.com awsapi.seattletimes.com	273 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net	116 KB
10	typekit.net use.typekit.net p.typekit.net	209 KB
9	google.com 4 redirects adservice.google.com ampcid.google.com www.google.com	1 KB
7	ampproject.org cdn.ampproject.org	168 KB
7	google-analytics.com 2 redirects www.google-analytics.com	49 KB
6	google.de ampcid.google.de www.google.de adservice.google.de	1 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	30 KB
4	facebook.com 1 redirects www.facebook.com	632 B
4	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	43 KB
4	crwdcntrl.net 1 redirects ad.crwdcntrl.net tags.crwdcntrl.net bcp.crwdcntrl.net	14 KB
3	aaxads.com c.aaxads.com l3.aaxads.com	77 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	smashsurprise.com smashsurprise.com	28 KB
3	facebook.net connect.facebook.net	255 KB
3	criteo.net static.criteo.net	30 KB
3	wearehearken.com modules.wearehearken.com assets.wearehearken.com	63 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	23 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	openx.net 1 redirects seattle-times-d.openx.net	825 B
2	criteo.com bidder.criteo.com gum.criteo.com	150 B
2	googletagmanager.com www.googletagmanager.com	79 KB
1	chartbeat.net ping.chartbeat.net	168 B
1	googletagservices.com www.googletagservices.com	27 KB
1	aaxdetect.com www.aaxdetect.com	323 B
1	atdmt.com cx.atdmt.com	353 B
1	adsrvr.org match.adsrvr.org	546 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	adnxs.com ib.adnxs.com	1 KB
1	lijit.com ap.lijit.com	751 B
1	rlcdn.com di.rlcdn.com api.rlcdn.com Failed	62 B
1	webcontentassessor.com scripts.webcontentassessor.com	30 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	google.pl adservice.google.pl	839 B
1	indexww.com js-sec.indexww.com	28 KB
1	zeustechnology.com seattle-times.zeustechnology.com	48 KB
1	p-n.io cdn.p-n.io	65 KB
145	41

	Domain	Requested by
19	www.seattletimes.com	www.seattletimes.com
14	tpc.googlesyndication.com	scripts.webcontentassessor.com pagead2.googlesyndication.com tpc.googlesyndication.com www.seattletimes.com cdn.ampproject.org
9	use.typekit.net	www.seattletimes.com use.typekit.net
7	cdn.ampproject.org	scripts.webcontentassessor.com securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	c.aaxads.com pagead2.googlesyndication.com www.seattletimes.com securepubads.g.doubleclick.net
7	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com www.seattletimes.com
6	www.google.com	4 redirects www.seattletimes.com
5	securepubads.g.doubleclick.net	seattle-times.zeustechnology.com securepubads.g.doubleclick.net www.seattletimes.com
4	www.google.de	www.seattletimes.com
4	www.facebook.com	1 redirects www.seattletimes.com connect.facebook.net
4	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com
3	stats.g.doubleclick.net	3 redirects
3	sb.scorecardresearch.com	1 redirects www.seattletimes.com www.googletagmanager.com
3	smashsurprise.com	www.seattletimes.com smashsurprise.com
3	connect.facebook.net	www.seattletimes.com connect.facebook.net
3	c.amazon-adsystem.com	www.seattletimes.com c.amazon-adsystem.com
3	static.criteo.net	seattle-times.zeustechnology.com www.seattletimes.com
3	fonts.googleapis.com	www.seattletimes.com scripts.webcontentassessor.com
2	bcp.crwdcntrl.net	1 redirects scripts.webcontentassessor.com
2	fonts.gstatic.com	www.seattletimes.com
2	aax-eu.amazon-adsystem.com	1 redirects scripts.webcontentassessor.com
2	www.i.matheranalytics.com	www.seattletimes.com
2	c.aaxads.com	smashsurprise.com www.seattletimes.com
2	seattle-times-d.openx.net	1 redirects www.seattletimes.com
2	px.ads.linkedin.com	1 redirects www.seattletimes.com
2	js.matheranalytics.com	1 redirects www.seattletimes.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	assets.wearehearken.com	modules.wearehearken.com www.seattletimes.com
2	www.googletagmanager.com	www.seattletimes.com www.googletagmanager.com
2	static.chartbeat.com	www.seattletimes.com scripts.webcontentassessor.com
1	ping.chartbeat.net
1	gum.criteo.com	scripts.webcontentassessor.com
1	l3.aaxads.com	www.seattletimes.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.aaxdetect.com	www.seattletimes.com
1	cx.atdmt.com	www.seattletimes.com
1	ad.doubleclick.net	scripts.webcontentassessor.com
1	match.adsrvr.org	js-sec.indexww.com
1	ampcid.google.de	www.google-analytics.com
1	p.typekit.net	www.seattletimes.com
1	fastlane.rubiconproject.com	seattle-times.zeustechnology.com
1	ib.adnxs.com	seattle-times.zeustechnology.com
1	ap.lijit.com	seattle-times.zeustechnology.com
1	bidder.criteo.com	static.criteo.net
1	www.linkedin.com	1 redirects
1	ampcid.google.com	www.google-analytics.com
1	di.rlcdn.com	www.seattletimes.com
1	scripts.webcontentassessor.com	www.googletagmanager.com
1	snap.licdn.com	www.seattletimes.com
1	tags.crwdcntrl.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	adservice.google.pl	securepubads.g.doubleclick.net
1	awsapi.seattletimes.com	www.seattletimes.com
1	ad.crwdcntrl.net	www.seattletimes.com
1	js-sec.indexww.com	seattle-times.zeustechnology.com
1	mab.chartbeat.com	static.chartbeat.com
1	modules.wearehearken.com	www.seattletimes.com
1	seattle-times.zeustechnology.com	www.seattletimes.com
1	cdn.p-n.io	www.seattletimes.com
0	api.rlcdn.com Failed	js-sec.indexww.com
145	61

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
seattletimes.com
secure.seattletimes.com
jobs.seattletimes.com
autos.seattletimes.com
classifieds.seattletimes.com
company.seattletimes.com
itunes.apple.com
play.google.com
modules.wearehearken.com
www.wearehearken.com
www.washingtonpost.com
srw.seattletimes.com
nie.seattletimes.com
ffn.seattletimes.com
nl.newsbank.com
stux.wufoo.com
homes.seattletimes.com
services.nwsource.com
mediakit.seattletimes.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
*.seattletimes.com GeoTrust RSA CA 2018	`2019-03-25` - `2020-06-23`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2020-04-04` - `2021-04-04`	a year	crt.sh
*.p-n.io Amazon	`2020-04-04` - `2021-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.zeustechnology.com Amazon	`2019-07-11` - `2020-08-11`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.wearehearken.com Amazon	`2019-06-20` - `2020-07-20`	a year	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-23` - `2021-04-24`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.google.pl GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
smashsurprise.com Let's Encrypt Authority X3	`2020-04-22` - `2020-07-21`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
k3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-20`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-03-30` - `2020-06-28`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.aaxads.com DigiCert Secure Site ECC CA-1	`2020-02-11` - `2021-05-12`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2019-09-18` - `2020-08-26`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.aaxdetect.com DigiCert Secure Site ECC CA-1	`2020-02-11` - `2021-05-12`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Frame ID: 83E4E22B2391D6CB030CD54715F58EF0
Requests: 113 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift&dcc=t
Frame ID: 8DD105A534743330EA196D6584E928F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 6FB082640327CB423B3D437AD968AB34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 1464D185F66CFDE306E198CB2EC2DA86
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200422/r20190131/zrt_lookup.html
Frame ID: 283D407648569E3F128AB87364AF817A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9595286865800821&output=html&adk=1812271804&adf=3279755396&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587728704666&bpp=11&bdt=64&idt=99&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=2710815627590&frm=23&ife=1&pv=2&ga_vid=1192300423.1587728704&ga_sid=1587728705&ga_hid=396621613&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=4&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&isw=0&ish=0&ifk=2566082785&scr_x=0&scr_y=0&eid=21065473&oid=3&pvsid=2200046084627728&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8212&bc=31&ifi=0&uci=0.ndnsvubuj55s&fsb=1&dtd=110
Frame ID: C0632A1AD7C12C2C1B45A72BFF7A612B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 399CAD2E4B3705FF8E6B14400743A17E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js
Frame ID: C5F3E605DD7FD5F42F4D3792F7406DB5
Requests: 23 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.seattletimes.com
Frame ID: C52656626F61765A036CC3017A361008
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world/int=%23OpR%2370999%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world%20%3A%20email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/rb=%7B%22article_title%22%3A%22%20Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%22%7D/rt=ifr
Frame ID: F33A303AD1ADC61FDAF955961D306F13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 3B924CADD59CAC6EFE80A35844042238
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

145
Requests

99 %
HTTPS

43 %
IPv6

41
Domains

61
Subdomains

55
IPs

7
Countries

1987 kB
Transfer

6190 kB
Size

1
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: http://www.legacy.com/obituaries/seattletimes/#_ga=1.72389267.1837675783.1379017650
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/seattletimes/#_ga=1.15101558.1560921668.1447363166
Title: Paid Obituaries

Search URL Search Domain Scan URL

URL: http://seattletimes.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/replica
Title: Print Replica

Search URL Search Domain Scan URL

URL: http://jobs.seattletimes.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://autos.seattletimes.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/
Title: Log In

Search URL Search Domain Scan URL

URL: http://classifieds.seattletimes.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/seattletimes/#_ga=1.6704882.1560921668.1447363166
Title: Paid Obituaries

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/store/
Title: Seattle Times Store

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/managesubscriptions
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/seattle-times-mobile/id329502124
Title: iOS App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.seattletimes.android.SeattleTimesMobileNews
Title: Android App

Search URL Search Domain Scan URL

URL: https://modules.wearehearken.com/seattle-times-newsroom/embed/5087/share
Title: If you're using a mobile device and can't see the form on this page, click here.

Search URL Search Domain Scan URL

URL: https://company.seattletimes.com/notices/notice2.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://company.seattletimes.com/notices/notice1.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.wearehearken.com/terms-of-services
Title: Powered by Hearken

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/technology/2020/04/21/nearly-25000-email-addresses-passwords-allegedly-nih-who-gates-foundation-are-dumped-online/
Title: Read it here.

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/who-we-are/
Title: About the Company

Search URL Search Domain Scan URL

URL: https://srw.seattletimes.com/
Title: Seattle Restaurant Week

Search URL Search Domain Scan URL

URL: http://nie.seattletimes.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: http://ffn.seattletimes.com/
Title: Fund for the Needy

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/careers/
Title: Employment

Search URL Search Domain Scan URL

URL: http://nl.newsbank.com/nl-search/we/Archives/?p_product=HA-SE&p_theme=histpaper&p_action=keyword
Title: Newspaper Archive

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/contact-us/
Title: Company Information

Search URL Search Domain Scan URL

URL: https://stux.wufoo.com/forms/permissions-and-licensing-request/
Title: Permissions

Search URL Search Domain Scan URL

URL: http://homes.seattletimes.com/postlisting.html
Title: Homes

Search URL Search Domain Scan URL

URL: http://services.nwsource.com/ClassifiedWeb/ObituaryNotice.aspx
Title: Obituary

Search URL Search Domain Scan URL

URL: http://jobs.seattletimes.com/employer-home
Title: Jobs

Search URL Search Domain Scan URL

URL: http://mediakit.seattletimes.com/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/linksubscription
Title: Activate Account

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/deliveryholds
Title: Place Temporary Hold

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/reportdeliveryissue
Title: Report Delivery Issue

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/paymybill
Title: Make a Payment

Search URL Search Domain Scan URL

URL: https://www.facebook.com/seattletimes
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/seattletimes
Title: Twitter

Search URL Search Domain Scan URL

URL: https://company.seattletimes.com/notices/notice3.html
Title: Copyright © 2020 The Seattle Times

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://js.matheranalytics.com/s/ma39482/93382992/ml.js?cb7=1531 HTTP 301
https://js.matheranalytics.com/static/ltm/ma39482/93382992/10/ml.br.js

Request Chain 56

https://sb.scorecardresearch.com/b?c1=2&c2=6950471&ns__t=1587728703250&ns_c=UTF-8&c8=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1587728703250&ns_c=UTF-8&c8=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&c9=&cs_ak_ss=1

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1665012&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&time=1587728703876 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1665012%26url%3Dhttps%253A%252F%252Fwww.seattletimes.com%252Fnation-world%252Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%252F%26time%3D1587728703876%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1665012&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&time=1587728703876&liSync=true

Request Chain 69

https://seattle-times-d.openx.net/w/1.0/arj?auid=540950123&aus=970x250&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&res=1600x1200x24&tz=-120&nocache=1587728704063 HTTP 302
https://seattle-times-d.openx.net/w/1.0/arj?cc=1&auid=540950123&aus=970x250&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&res=1600x1200x24&tz=-120&nocache=1587728704063

Request Chain 85

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift&dcc=t

Request Chain 90

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&gjid=1680672738&_gid=1324647371.1587728704&_u=aGDAgEAjQAQC~&z=2039640100 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&_v=j81&z=2039640100 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&_v=j81&z=2039640100&slf_rd=1&random=49525214

Request Chain 91

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=675357763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&ul=en-us&de=UTF-8&dt=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=segmentation&ea=network-segment&_u=aGDACEAjRAQC~&jid=979796559&gjid=1132050945&cid=1192300423.1587728704&tid=UA-52488759-1&_gid=1324647371.1587728704&_r=1&gtm=2wg4f0KDZ92J&cd1=story&cd2=Craig%20Timberg%20SOUAD%20MEKHENNET&cd3=nation-world&cd5=technology&cd6=Consumer%20News%2C%20Coronavirus%2C%20Personal%20Data&cd8=WaPo&cd18=12703102&cd22=&cd38=n%2Fa&cd39=700&cd47=not%20set&cd55=not-set&cd67=1587727650&cd68=nation-world%7Ctechnology&cd69=2019-redesign&cd71=off&cd73=19&cd52=MTk0Ljk5LjEwNS45OQ%3D%3D&cd53=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgxLjAuNDA0NC4xMjIgU2FmYXJpLzUzNy4zNiBFZGcvODEuMC40MTYuNjQ%3D&cd59=null&cd62=&z=255275173 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_gid=1324647371.1587728704&gjid=1132050945&_v=j81&z=255275173 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_v=j81&z=255275173 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_v=j81&z=255275173&slf_rd=1&random=2226698977

Request Chain 92

https://www.facebook.com/tr/?id=1511322088923926&ev=PageView&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&rl=&if=false&ts=1587728704395&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1587728704263.343257788&it=1587728703894&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=4508954916369143075&f=AYxkcqTOAimkfBeueJNvJtuAr34H71SYJvYV__TLhuYkAW2cTdoMW3Gi_tuNC6GyNkbNLQmDkOSZx-rULJCz8up5&id=1511322088923926&l=3&v=0

Request Chain 134

https://bcp.crwdcntrl.net/5/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world/int=%23OpR%2370999%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world%20%3A%20email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/rb=%7B%22article_title%22%3A%22%20Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world/int=%23OpR%2370999%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world%20%3A%20email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/rb=%7B%22article_title%22%3A%22%20Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%22%7D/rt=ifr

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 147

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=675357763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&ul=en-us&de=UTF-8&dt=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Interaction&ea=newsletterSignup%20%E2%80%93%20splash%20-%20story%20-%20displayed&el=Morning%20Brief&_u=aGjACEAjRAQC~&jid=1554389255&gjid=1618830675&cid=1192300423.1587728704&tid=UA-52488759-1&_gid=369980991.1587728706&_r=1&gtm=2wg4f0KDZ92J&cd1=story&cd2=Craig%20Timberg%20SOUAD%20MEKHENNET&cd3=nation-world&cd5=technology&cd6=Consumer%20News%2C%20Coronavirus%2C%20Personal%20Data&cd8=WaPo&cd18=12703102&cd22=&cd38=n%2Fa&cd39=700&cd47=not%20set&cd55=not-set&cd67=1587727650&cd68=nation-world%7Ctechnology&cd69=2019-redesign&cd71=off&cd73=19&cd52=MTk0Ljk5LjEwNS45OQ%3D%3D&cd53=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgxLjAuNDA0NC4xMjIgU2FmYXJpLzUzNy4zNiBFZGcvODEuMC40MTYuNjQ%3D&cd59=null&cd62=&z=1156422572 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_gid=369980991.1587728706&gjid=1618830675&_v=j81&z=1156422572 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_v=j81&z=1156422572 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_v=j81&z=1156422572&slf_rd=1&random=3909772711

145 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/ 210 KB
36 KB 1101ms
959ms Document
text/html 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-75-222.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

46307aa47885c00afeb3db29da8aada74f513f62dbc40a3b56536bd1c7e75daf

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline' data: 'self' blob:; connect-src wss: https: ; object-src 'self' blob: ;

Request headers

:method: GET
:authority: www.seattletimes.com
:scheme: https
:path: /nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

status: 200
server: nginx
content-type: text/html; charset=UTF-8
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline' data: 'self' blob:; connect-src wss: https: ; object-src 'self' blob: ;
content-encoding: gzip
x-varnish: 10743092 7859151
accept-ranges: bytes
x-akamai-transformed: 9 35255 0 pmb=mTOE,4
expires: Fri, 24 Apr 2020 11:45:01 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 24 Apr 2020 11:45:01 GMT
content-length: 35469
vary: Accept-Encoding
set-cookie: iss00=0; expires=Fri, 24-Apr-2020 12:05:01 GMT; path=/; domain=.seattletimes.com ak_bmsc=F9DD0A0C7500062631BF5E399668FDB202148EADC64000003DD1A25EDF997123~pl6fWJQGp9G8Ah9eWpsfqJwBEwgZjOeN0C/PwNXQ+ZTQYMUht0CesJLbxdMwRmwJvQjaCgyojDnTWjsCsXJH90ugFEFHl4ErrSHquehRTmtJ4Ust+6N5JcalQvWfKHoRD/TZkDsS8F14ZyTIAQgG75ixPL2pV8P3tkKd7KQ1h4cLeoZTiZgarodYjzKXcV1Xvw8IrlfUGFdm5dJiJwDKqSTTFu4jYzhojhT/sW/xLGAnE=; expires=Fri, 24 Apr 2020 13:45:01 GMT; max-age=7200; path=/; domain=.seattletimes.com; HttpOnly bm_mi=E15635384A922D576DEA5914210FDBCD~+7Gv8AoLX6Cr3lpZzPnVjVHVVpsd23/j973i3g4NIrNgVoW04jdfG1/NZBeO9gNWuFQ741c8EyjKAVJwcEFTGWHDqG5yNchguFjYimDMbzb3ZUxaLEVnLwY+nQXvnpnHyMk+TIXmJ+JX3eNMLrdnKBiQeMqYQpHX6/LHfAC65GNdlsDvWnGQWF/5PI36xZECAWk+NMp/0uLDQtZvEKSgjFrS+pajtI1Nrf0R/nWgk9K3Ban7uTwwUuwbq/NlanVN/1E+yY2MPRHvuUmc2KMUtXGBKYKZ/YwPuNKd7Ljk21fIcnU8G3PsyhwtEPUZCKv3RO4EpqZ/5wBKjcoOLV8Q2nqiKPi6CE/Cqmu+B3DbQnSaEoHpQ+QI41pNwb2aD7Xu; Domain=.seattletimes.com; Path=/; Max-Age=0; HttpOnly

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 274ms
95ms Script
application/x-javascript 13.225.83.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.83.203 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-203.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 10:44:28 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 3634
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: a-YIGCZgGYI54mxKodbkip0WH8siPxcMxdSyo_ZWAZ3gvXxXTK2Kbw==
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
expires: Fri, 24 Apr 2020 12:44:28 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 327 KB
65 KB 274ms
93ms Script
application/javascript 13.225.73.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=5PYtX3tOeW6xvo5rIlz9xALDt933Xdu9fsDU
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-118.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70fb2cda7d95517cdeeb97a6bbd27157a2e9c4c2ebd9ce5ac8925a101fa3c391

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:36:05 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 21:29:58 GMT
server: AmazonS3
age: 538
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=900
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: w5gMPL8wdjSrIkm-__WCW_gKRy4h0QKVV25tMTa4zsOrDlqHIRtaYQ==
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)

GET
H2 200 shortcodes-public.css
www.seattletimes.com/wp-content/plugins/shortcodes_plugin/css/ 605 B
543 B 83ms
80ms Stylesheet
text/css 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/shortcodes_plugin/css/shortcodes-public.css?ver=4.9.10
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ebf3b1f5f0a9ce5854290a089b8c96a56f54e6d51c907e6b216040eda5f77904

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 16:11:09 GMT
server: nginx
etag: "25d-5a3cf437e8fae-gzip"
vary: Accept-Encoding
x-varnish: 8267504
status: 200
cache-control: max-age=53676
accept-ranges: bytes
content-type: text/css
content-length: 325
expires: Sat, 25 Apr 2020 02:39:37 GMT

GET
H2 200 styles.min.css
www.seattletimes.com/wp-content/themes/st_refresh/css/ 305 KB
50 KB 86ms
83ms Stylesheet
text/css 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/styles.min.css?ver=1587661332
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c8bd4ef9f7f3ec513d39b8753ed27e7f9c6888111b1b6fc90d1efe98bc68c9ea

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 17:02:12 GMT
server: nginx
etag: "4c523-5a3f835c2c8c0-gzip"
vary: Accept-Encoding
x-varnish: 328443 819286
status: 200
cache-control: max-age=19789
accept-ranges: bytes
content-type: text/css
content-length: 50581
expires: Fri, 24 Apr 2020 17:14:50 GMT

GET
H2 200 main.css
www.seattletimes.com/wp-content/plugins/st-article-template/assets/css/dist/ 55 KB
10 KB 113ms
110ms Stylesheet
text/css 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-article-template/assets/css/dist/main.css?ver=1587661325
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de4e5f007daa10fb7876795414e400731622bc75bceabb1a51da85aa77128fc4

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 17:02:04 GMT
server: nginx
etag: "da05-5a3f83543f400-gzip"
vary: Accept-Encoding
x-varnish: 658201 823698
status: 200
cache-control: max-age=21824
accept-ranges: bytes
content-type: text/css
content-length: 10411
expires: Fri, 24 Apr 2020 17:48:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
794 B 73ms
71ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&display=swap&ver=1587661332

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0af85627e7c13ef9974aa6f404b4dbe85cb1df2ab642a23f8c4a3ffb7fd915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Apr 2020 11:45:01 GMT
server: ESF
date: Fri, 24 Apr 2020 11:45:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Apr 2020 11:45:01 GMT

GET
H2 200 main.js Show response
seattle-times.zeustechnology.com/ 173 KB
48 KB 273ms
91ms Script
application/javascript 13.224.194.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d35cdd70491922d7327a0c8881e392828e73f987a1c7475878dd0aa5996babc1

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

x-amz-version-id: aVzENR8XPtS4WNLwawDiDvpa2b5NeqOa
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 20:55:02 GMT
server: AmazonS3
age: 2813
date: Fri, 24 Apr 2020 10:58:10 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600,s-maxage=3600
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: jDE-oVvVFxIONFt8xVXfGvQ4-RLGsmv4JEFj0my3IqzCXBGZ-SbvEg==
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)

GET
H2 200 st-analytics-article-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-analytics/dist/ 10 KB
4 KB 173ms
171ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-analytics/dist/st-analytics-article-bundle.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d652b147ad1822f985252f26f60480d17ab3910d30da1f7235ba272e9d3d2e82

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: "288e-58862977b119b-gzip"
vary: Accept-Encoding
x-varnish: 6244907 5367699
status: 200
cache-control: max-age=53676
accept-ranges: bytes
content-type: application/x-javascript
content-length: 3615
expires: Sat, 25 Apr 2020 02:39:37 GMT

GET
H2 200 ad-test.js Show response
www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/src/ads/ 345 B
422 B 173ms
171ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/src/ads/ad-test.js?ver=0.0.2
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0c7603d2ffaf7858118b699779cd3e33e3f3a37916528a969974cca8713d7285

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: "159-58862977cd6bb-gzip"
vary: Accept-Encoding
x-varnish: 6429924 4860182
status: 200
cache-control: max-age=26528
accept-ranges: bytes
content-type: application/x-javascript
content-length: 187
expires: Fri, 24 Apr 2020 19:07:09 GMT

GET
H2 200 st-detect.min.js Show response
www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/dist/ 5 KB
2 KB 173ms
172ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/dist/st-detect.min.js?ver=1573149249
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dbf3c857eb35b901813c878ab820207c24c4d491ea933e986010ab385aa402ef

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Thu, 07 Nov 2019 17:54:09 GMT
server: nginx
etag: "14e5-596c55a2c0b0e-gzip"
vary: Accept-Encoding
x-varnish: 2228415 983977
status: 200
cache-control: max-age=28139
accept-ranges: bytes
content-type: application/x-javascript
content-length: 1774
expires: Fri, 24 Apr 2020 19:34:00 GMT

GET
H2 200 300d30fa Show response
www.seattletimes.com/akam/11/ 32 KB
11 KB 115ms
115ms Script
application/javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/akam/11/300d30fa
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d35bc68dab6b58597c20f0ae7278d6b8270c7a5491447497ea248d9f6cca828

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Thu, 02 May 2019 20:03:39 GMT
etag: "4c8b25135b49f838afbcbbd2cd2d390d9204f27db2191371f0135a2c2a8dc1d6"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 10429
expires: Fri, 24 Apr 2020 11:45:02 GMT

GET
H2 200 lty1dar.js Show response
use.typekit.net/ 20 KB
8 KB 281ms
99ms Script
text/javascript 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lty1dar.js

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-67-47.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

8111615ce7959f9c1b33c5307f5f3dd4bdbdf89465e99a97520f8fa9b373489c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Fri, 24 Apr 2020 11:45:02 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
content-length: 7655
timing-allow-origin: *
akamai-age-ms: 1587728538255

GET
H2 200 wp-emoji-release.min.js Show response
www.seattletimes.com/wp-includes/js/ 12 KB
5 KB 83ms
81ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.10
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 17:02:12 GMT
server: nginx
etag: "2efa-5a3f835c2f7a0-gzip"
vary: Accept-Encoding
x-varnish: 2984181 1321922
status: 200
cache-control: max-age=26526
accept-ranges: bytes
content-type: application/x-javascript
content-length: 4382
expires: Fri, 24 Apr 2020 19:07:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
39 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6495f2ec61c8c0bea17e20c0cb865df1e6bb44ff50d9c3b29dae5c29b765041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39654
x-xss-protection: 0
last-modified: Fri, 24 Apr 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Apr 2020 11:45:02 GMT

GET
H2 200 5087.js Show response
modules.wearehearken.com/seattle-times-newsroom/embed/ 8 KB
4 KB 280ms
97ms Script
text/javascript 13.225.73.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://modules.wearehearken.com/seattle-times-newsroom/embed/5087.js

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.73.73 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-73-73.fra2.r.cloudfront.net

Software

Cowboy /

Resource Hash

1885236fb05e77f0cd466d006a6388c673c1cf144fc205ea7cb3a7ff2fe12980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Thu, 23 Apr 2020 19:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 59724
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
x-request-id: 41116364-ce23-4fe7-bc4d-ab1b3f93f1e5
x-runtime: 0.024079
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
etag: W/"1ccacb5d3ea5cae606466ab4ca81032d"
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 vegur, 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=60, public, s-maxage=172800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 7ze_P1SMymjw25dYh5U0j3VdmncVV4Pltf6ZOn_zecn0VzKnZq_Czw==

GET
H2 200 st-advertising-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-advertising/dist/ 32 KB
9 KB 89ms
88ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-advertising/dist/st-advertising-bundle.js?ver=1587485469
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a8f3fd48da50cc9be7d47c5a07267e7c1a22f5708a2eb7160b4ca3bd2263d66f

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:01 GMT
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 16:11:09 GMT
server: nginx
etag: "7e97-5a3cf437eaeee-gzip"
vary: Accept-Encoding
x-varnish: 1912448 10618663
status: 200
cache-control: max-age=53648
accept-ranges: bytes
content-type: application/x-javascript
content-length: 9272
expires: Sat, 25 Apr 2020 02:39:09 GMT

GET
H2 200 article-main.js Show response
www.seattletimes.com/wp-content/plugins/st-article-template/js/article-template/dist/ 20 KB
7 KB 89ms
88ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-article-template/js/article-template/dist/article-main.js?ver=1587661325
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18fc57c1477befa17fc5bc19145e94c0933bc9bdbd94afa1495dccc77e008ade

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 17:02:04 GMT
server: nginx
etag: "4e0e-5a3f83544bf20-gzip"
vary: Accept-Encoding
x-varnish: 1150571 1838262
status: 200
cache-control: max-age=21792
accept-ranges: bytes
content-type: application/x-javascript
content-length: 7323
expires: Fri, 24 Apr 2020 17:48:14 GMT

GET
H2 200 bundle.min.js Show response
www.seattletimes.com/wp-content/themes/st_refresh/js/ 207 KB
47 KB 87ms
86ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/bundle.min.js?ver=1587661332
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 310358279d26b81e657ecc9d51ad502b1d78d7db1ac7221ec092c301e216859e

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 17:02:10 GMT
server: nginx
etag: "33bd9-5a3f8359b6aa0-gzip"
vary: Accept-Encoding
x-varnish: 1311351 98358
status: 200
cache-control: max-age=19788
accept-ranges: bytes
content-type: application/x-javascript
content-length: 48194
expires: Fri, 24 Apr 2020 17:14:50 GMT

GET
H2 200 st-recirculation-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-recirculation/dist/ 26 KB
8 KB 83ms
81ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-recirculation/dist/st-recirculation-bundle.js?ver=1587485469
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4d0df6c748484ff77f646fad34a73c3005e6b6caef813bcfd6f6c841775ccaf1

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 16:11:09 GMT
server: nginx
etag: "6809-5a3cf437eed6e-gzip"
vary: Accept-Encoding
x-varnish: 6407190 10557515
status: 200
cache-control: max-age=53648
accept-ranges: bytes
content-type: application/x-javascript
content-length: 7774
expires: Sat, 25 Apr 2020 02:39:10 GMT

GET
H2 200 st-user-messaging-main-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-user-messaging/dist/ 302 KB
65 KB 83ms
82ms Script
application/x-javascript 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-user-messaging/dist/st-user-messaging-main-bundle.js?ver=1587661332
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d5cc3b22702ddf6f7320c640076572dd90d68ebf431cb6966d2ef636b408cf09

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 17:02:10 GMT
server: nginx
etag: "4b7ee-5a3f8359b6aa0-gzip"
vary: Accept-Encoding
x-varnish: 1180775 688290
status: 200
cache-control: max-age=19788
accept-ranges: bytes
content-type: application/x-javascript
content-length: 65771
expires: Fri, 24 Apr 2020 17:14:50 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 270 B
512 B 134ms
106ms XHR
application/json 2a04:4e42:3::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=seattletimes.com&domain=seattletimes.com&path=%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb1935ab39199376bc20094d90c00e380247790772a5df76049b2de4e0cd4ea8

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 191
x-served-by: cache-fra19180-FRA
access-control-allow-origin: *
x-timer: S1587728702.468033,VS0,VE100
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 22 Apr 2020 11:45:02 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 98 KB
30 KB 102ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: seattle-times.zeustechnology.com
URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6d891777771aa5f97eacda90fbd16004957c0784475110611a4f7493bad8a9b5

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 10:35:37 GMT
server: nginx
etag: W/"5e81cb79-1867d"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 25 Apr 2020 11:45:02 GMT

GET
H/1.1 200
OK 185755-164310286164052.js Show response
js-sec.indexww.com/ht/p/ 90 KB
28 KB 981ms
801ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185755-164310286164052.js
Requested by: Host: seattle-times.zeustechnology.com
URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 12852ccf3064ed0d5745d7a5f2be4ad983d5299eb083c83a1c8b1fc41e281520

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Apr 2020 11:36:39 GMT
Server: Apache
ETag: "da2759-1688f-5a407c7567b6c"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 27886
Expires: Fri, 24 Apr 2020 12:45:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 42 KB
14 KB 83ms
82ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: seattle-times.zeustechnology.com
URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

48f95e4171ead8318e93c8bd8e5cd16a4e1688d359bfb5ca2bc9f3ecc8724bbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "495 / 814 of 1000 / last-modified: 1587667613"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14371
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:02 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f7c2d8e7b31ad79e3f8d08eab6cccef702cd680a34575ebc68f3c4d55793a4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d336b2f26c28d81613b6added9d9f942806236744523712204cca7362c78d01

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 icons-st.woff
www.seattletimes.com/wp-content/themes/st_refresh/css/fonts/ 5 KB
6 KB 241ms
238ms Font
application/font-woff 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/fonts/icons-st.woff?9054d6b4f849d2e344acdf1a638bdaab
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 11f9cd88cbcde7c206bc162fcc4986a3be20d538adc746b3635eb5e7495274a5

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/wp-content/themes/st_refresh/css/styles.min.css?ver=1587661332
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:02 GMT
content-encoding: gzip
last-modified: Wed, 29 Jan 2020 17:55:35 GMT
server: nginx
etag: W/"15dc-59d4b0c2c52f5"
vary: Accept-Encoding
x-varnish: 8672323 12552675
status: 200
cache-control: max-age=59
accept-ranges: bytes
content-type: application/font-woff
content-length: 5585

GET
H2 200 footer-temp.png
www.seattletimes.com/wp-content/themes/st_refresh/css/img/ 6 KB
7 KB 94ms
93ms Image
image/png 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/img/footer-temp.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c7ac0d791b0ad92100e6071256d55d4b7f11b7a4c064348ced16838faaa0183f

Request headers

Referer: https://www.seattletimes.com/wp-content/themes/st_refresh/css/styles.min.css?ver=1587661332
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:02 GMT
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: W/"1975-58862977d923b"
x-varnish: 901590 4912757
status: 200
cache-control: max-age=53676
accept-ranges: bytes
content-type: image/png
content-length: 6517
expires: Sat, 25 Apr 2020 02:39:38 GMT

GET
H2 200 var=ccauds Show response
ad.crwdcntrl.net/5/c=8381/pe=y/ 70 B
278 B 295ms
82ms Script
application/javascript 54.171.46.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=8381/pe=y/var=ccauds
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/wp-content/plugins/st-advertising/dist/st-advertising-bundle.js?ver=1587485469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.46.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-46-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:03 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.60
content-type: application/javascript;charset=UTF-8
content-length: 70
expires: 0

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 101 KB
26 KB 200ms
92ms Script
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/wp-content/plugins/st-advertising/dist/st-advertising-bundle.js?ver=1587485469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 1615f1ff025d6fe1f52f8305bb86c36bf7ed8a8849d40936148e85a7f301437c

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Thu, 23 Apr 2020 22:12:29 GMT
content-encoding: gzip
server: Server
age: 48753
etag: 9939711bec30b55c0ff5bad3b91f63c9
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mVgfzKK8ujtm7FJuKpjxy3ncvn6LJs4xbJmBgo6ULNxxaIaNeqt2EA==
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d54f94df1233ab7224af68f63fe3df27584c4c01d70b2e65bcdc774ba05c6b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/png

GET
H/1.1 200
OK clientip Show response
awsapi.seattletimes.com/ 22 B
645 B 514ms
228ms XHR
application/json 13.225.73.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://awsapi.seattletimes.com/clientip
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/bundle.min.js?ver=1587661332
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.64 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-64.fra2.r.cloudfront.net
Software: /
Resource Hash: 42a9f4217712c30ae366136bf8ba447e13f963bf6abe5d8c47ff6a89a05b56b4

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:03 GMT
Via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
x-amzn-RequestId: ce36417e-c5d8-4319-9a19-462fb90a4514
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-5ea2d13f-145b94d1b0babeb3d5aeec3d;Sampled=0
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-apigw-id: LfWh5G2xvHcFYWw=
Content-Length: 22
X-Amz-Cf-Id: qPvEl8ejC3vq6CUW_otTUOZKGQLgWFJ18DtM38uttI8isho3Tk4XXw==
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization

GET
H2 200 embed-init-c284dd585598d733465ddabb1c08df97217676deb48865e75e2fb61a41ca1195.js Show response
assets.wearehearken.com/production/assets/embed/ 146 KB
47 KB 285ms
88ms Script
application/ecmascript 143.204.89.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.wearehearken.com/production/assets/embed/embed-init-c284dd585598d733465ddabb1c08df97217676deb48865e75e2fb61a41ca1195.js
Requested by: Host: modules.wearehearken.com
URL: https://modules.wearehearken.com/seattle-times-newsroom/embed/5087.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c284dd585598d733465ddabb1c08df97217676deb48865e75e2fb61a41ca1195

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Wed, 08 Apr 2020 05:36:08 GMT
content-encoding: gzip
age: 1404535
x-cache: Hit from cloudfront
status: 200
content-length: 47169
last-modified: Tue, 07 Apr 2020 20:25:30 GMT
server: AmazonS3
etag: "18786a0c0fc533ac41458da8a25e9edf"
x-amz-version-id: ZNRgU.fGM1x3Me3x6chKQ4tL_nIUN3TJ
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/ecmascript
x-amz-cf-id: gmINf-9nk-17DnFOklOaY2HQOYFs42PmoEEXnFEcFS5HebL931S9XQ==
expires: Thu, 08 Apr 2021 02:25:29 GMT

GET
H2 200 l
use.typekit.net/af/66f9cc/00000000000000003b9b0503/27/ 27 KB
27 KB 280ms
98ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/66f9cc/00000000000000003b9b0503/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6f62264c991fbf339ac2d25c7bd4f772d79a817c0014ed640fcce5057f153e05

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "61b98dfc576b4a2b0f113725035f38aba572c375"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27564

GET
H2 200 l
use.typekit.net/af/2203a0/00000000000000003b9b0506/27/ 26 KB
27 KB 381ms
199ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2203a0/00000000000000003b9b0506/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 70ef4c822491fe92d2930416a41be09acc296a0e6a32550cbefc8db927b226a0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "087f46b3dae53c5d0dc8131d40e78f7e66990a6f"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27032

GET
H2 200 l
use.typekit.net/af/b3fa4d/00000000000000003b9b0502/27/ 27 KB
27 KB 309ms
128ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b3fa4d/00000000000000003b9b0502/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ac2023f3a20503f101ec818760b0892d07e80397237aa8af5256e3105164870a

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "78ffb92198b589e9f79d4a68d48f82c542edf110"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27148

GET
H2 200 l
use.typekit.net/af/329083/00000000000000003b9b04ff/27/ 26 KB
26 KB 284ms
103ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/329083/00000000000000003b9b04ff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fe1d8731586a0b3f1c5a3dba7d6b1c879495cbc6d05163a234868f082d9a06fb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "0ebaf1bf890ab6da84d0e246694e1a2b2e7b7c3d"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26800

GET
H2 200 l
use.typekit.net/af/608768/00000000000000003b9b06f3/27/ 23 KB
23 KB 336ms
154ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/608768/00000000000000003b9b06f3/27/l?subset_id=2&fvd=i5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8e50177029cb2306172bc041564b5b2000688d67989a56b70c0c4bc71278326

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "1ce513e1fd2ef5d3c4b3ef550e8b522ad1cb43a8"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23504

GET
H2 200 l
use.typekit.net/af/59164f/00000000000000003b9b06f6/27/ 24 KB
24 KB 391ms
210ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/59164f/00000000000000003b9b06f6/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 98ecc0bce26305114d5c34b34e24583eb60ba3f1ff352ab9d8bb4de91cb0abbd

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "a3a46a38cbbe7872858825f140618f74a1c2452f"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24860

GET
H2 200 l
use.typekit.net/af/6da54c/00000000000000003b9b06f7/27/ 24 KB
24 KB 383ms
202ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6da54c/00000000000000003b9b06f7/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 308603042b468f50088fc1da2d2df84961098f3f3126b36a124dc6c092e2c275

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "2c124b66e0a36989aa73cdac3a1ff60d5fd256b2"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24340

GET
H2 200 l
use.typekit.net/af/8e6183/00000000000000003b9b06f2/27/ 22 KB
23 KB 325ms
144ms Font
application/font-woff2 95.100.67.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e6183/00000000000000003b9b06f2/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-67-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c772192d318b30339e05ce1e87618b2d1c7519e14f3f20dbd358238c45245a3

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Origin: https://www.seattletimes.com

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
server: nginx
etag: "4bb0065e5b23bea45eec7c23d257bfd0261b8e27"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 22892

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
839 B 29ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.seattletimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.seattletimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020042001.js Show response
securepubads.g.doubleclick.net/gpt/ 171 KB
63 KB 94ms
93ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 20:16:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 64174
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:03 GMT

GET
H2 200 facebook_log_in.png
www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/ 1 KB
2 KB 72ms
71ms Image
image/png 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/facebook_log_in.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e767af013378d1adf0d6561edd37f8cd0d05ba430ce7a611ce94828478d85c67

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:03 GMT
last-modified: Tue, 24 Sep 2019 16:43:27 GMT
server: nginx
etag: W/"559-5934f3c4ebf08"
x-varnish: 4771558
status: 200
cache-control: max-age=53679
accept-ranges: bytes
content-type: image/png
content-length: 1369
expires: Sat, 25 Apr 2020 02:39:42 GMT

GET
H2 200 google_log_in.png
www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/ 3 KB
4 KB 75ms
74ms Image
image/png 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/google_log_in.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 371b0723b274026907d7625b2ecc830910f884fbc2f741c5bdbd027b34306a3d

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: public
date: Fri, 24 Apr 2020 11:45:03 GMT
last-modified: Tue, 24 Sep 2019 16:43:27 GMT
server: nginx
etag: W/"d14-5934f3c4ebf08"
x-varnish: 9899031
status: 200
cache-control: max-age=53679
accept-ranges: bytes
content-type: image/png
content-length: 3348
expires: Sat, 25 Apr 2020 02:39:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
41 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BBN1BHX44&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acc8c3d5178fe28692ceef2eb92f597b80b63bba78caa13babecfd4ca5ba144e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 41371
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 50ms
1ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 389
date: Fri, 24 Apr 2020 11:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 24 Apr 2020 13:38:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
10 KB 148ms
96ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

6e6af6ef2f891ed0ff21cbeaa6a42bd54f797e21d2ae3fa7fd6aed985a1c70df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10647
x-xss-protection: 0
server: cafe
etag: 6392266145143938537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Apr 2020 11:45:03 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 14ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: qRIc7lNuJSCWV70wvbRLRkoEjukLqZZBFXvDbmuWsFsyelILxTxQNmDbAfu4oDgEbM/NbDc8C02rnYZQIQ3yHw==
x-fb-trip-id: 2000377899
x-frame-options: DENY
date: Fri, 24 Apr 2020 11:45:03 GMT, Fri, 24 Apr 2020 11:45:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma39482/93382992/10/
Redirect Chain

https://js.matheranalytics.com/s/ma39482/93382992/ml.js?cb7=1531
https://js.matheranalytics.com/static/ltm/ma39482/93382992/10/ml.br.js

147 KB
43 KB

83ms
83ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma39482/93382992/10/ml.br.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: e909d680bf70a3c912a8371ece94931ecf072dfcc5bff7b62fce609c74a0101b

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 04:14:16 GMT
content-encoding: br
last-modified: Tue, 25 Feb 2020 21:09:50 GMT
server: nginx
age: 27048
etag: "760cd66a2030d862f7cf42f2031e8697"
vary: Accept-Encoding
x-cache: HIT Tue, 25 Feb 2020 21:19:10 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 43577
via: 1.1 google

Redirect headers

date: Fri, 24 Apr 2020 11:45:03 GMT
via: 1.1 google
server: nginx
status: 301
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma39482/93382992/10/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 4-gc-euw1-10922

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/8943/ 43 KB
13 KB 252ms
53ms Script
application/json 143.204.89.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/8943/cc.js?ns=_cc8943
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-121.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f3a7b96b7ddc57ed6721f1ac5136c2a3075740713f37f0fd7ef4e5e94a55124

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Thu, 23 Apr 2020 20:26:48 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2020 01:03:48 GMT
server: AmazonS3
age: 55096
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
status: 200
cache-control: max-age: 86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SptHFvX0o3yuiEWXYWHAOxq6C7s-cBp3JYgZLqAw_Cd-S0JHrkm1BQ==
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)

GET
H2 200 zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV Show response
smashsurprise.com/v2/0/ 87 KB
27 KB 556ms
335ms Script
text/javascript 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

8a8ff2d1dffb57882508ed3f81af9d94b72a7d4d2c61e59b7c7e5f6adaa11c54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "cbc31aeac1a880c06be401ad56027ca622173274b45efef83d86390ed5e829b2"
vary: Accept-Encoding
x-hostname: hank
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Fri, 24 Apr 2020 11:45:03 GMT
timing-allow-origin: *

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=42142
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c Show response
scripts.webcontentassessor.com/scripts/ 120 KB
30 KB 289ms
85ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46dbfc33b12c4e26c1eae7e23eb6951693f1248cbb7710eff0fe54dfb7967f3d

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: gzip
age: 1817
x-cache: HIT
status: 200
content-length: 30758
x-amz-id-2: MmOnXwh7rO+pkzpQu0B7Vo8nb1K9mgSEPbnt27uFYEhDTbzjxJr0SGQ/fnnkb3xnYyqNUIftxeA=
x-served-by: cache-hhn4026-HHN
last-modified: Fri, 24 Apr 2020 11:04:01 GMT
server: AmazonS3
x-timer: S1587728703.490520,VS0,VE0
etag: "872e17236d7e6f2905df4d8aaa9d4b7c"
vary: Accept-Encoding
x-amz-request-id: 44FF24E57BACB770
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6950471&ns__t=1587728703250&ns_c=UTF-8&c8=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dump...
https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1587728703250&ns_c=UTF-8&c8=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dum...

0
528 B

57ms
56ms

Image
text/plain

104.74.92.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1587728703250&ns_c=UTF-8&c8=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&c9=&cs_ak_ss=1
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.74.92.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-92-158.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Pragma: no-cache
Date: Fri, 24 Apr 2020 11:45:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1587728703250&ns_c=UTF-8&c8=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Fri, 24 Apr 2020 11:45:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 406006.gif
di.rlcdn.com/ 0
62 B 387ms
193ms Image
text/plain 35.241.8.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://di.rlcdn.com/406006.gif?pdata=partner%3Dtap83689%2Cdata%3Dtype%3Aimpression%24audience%3ANinthDecimal_OnDemand_Pixel_SeattleTimes_Homepage_NEW_20191211
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.8.149 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 149.8.241.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

status: 204
date: Fri, 24 Apr 2020 11:45:03 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 275ms
87ms XHR
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 02:09:00 GMT
content-encoding: gzip
vary: Origin
age: 34564
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 23:46:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: mzRXwxa4vl0vmPmWjkL4PkCa9BA0BODjjYG77L5GmGq9r0dyJuUXTA==

POST
H2 200 pixel_300d30fa Show response
www.seattletimes.com/akam/11/ 0
434 B 89ms
88ms XHR
text/html 95.100.75.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/akam/11/pixel_300d30fa
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/akam/11/300d30fa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.75.222 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-75-222.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Fri, 24 Apr 2020 11:45:03 GMT
content-length: 0
content-type: text/html

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
349 B 15ms
14ms XHR
application/json 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: text/plain

Response headers

date: Fri, 24 Apr 2020 11:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1665012&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dump...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1665012%26url%3Dhttps%253A%252F%252Fwww.seattletimes.com%252Fnation-world%252Fema...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1665012&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dump...

0
63 B

109ms
109ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1665012&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&time=1587728703876&liSync=true
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: 8XJ8Kti+CBaANeZ/6ioAAA==

Redirect headers

date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action: 1
status: 302
x-li-pop: prod-efr5
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: Play
cache-control: no-cache, no-store
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid: X1lwINi+CBZAoJ/v+yoAAA==
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1665012&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&time=1587728703876&liSync=true
x-li-proto: http/2
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-fabric: prod-lva1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1003 B 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2655
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Fri, 24 Apr 2020 12:00:48 GMT

GET
H2 200 894503507259758 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/894503507259758?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3fc0aaa83d11f756acc32fbf5c5116a737d29dac26532057787c9238498491a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115065
x-xss-protection: 0
pragma: public
x-fb-debug: ZXMv2lKFeluOZiYAAlcq0RB8ruMNe7RgohbIdChkVVBbegWsZ4NIDz39lY6N6ERJycx8ewTNp2IJbe9QeM1Pdw==
x-fb-trip-id: 2000377899
x-frame-options: DENY
date: Fri, 24 Apr 2020 11:45:03 GMT, Fri, 24 Apr 2020 11:45:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pJxM2r2y7jg1PYbCfPWPJA.gif
assets.wearehearken.com/production/embed/3773/ 12 KB
13 KB 57ms
57ms Image
image/gif 143.204.89.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.wearehearken.com/production/embed/3773/pJxM2r2y7jg1PYbCfPWPJA.gif
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b2e5f95682bd75d31495a3113455d027b39444acdbbc743085f344c8617b4c6

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Wed, 08 Apr 2020 17:33:23 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
last-modified: Fri, 02 Aug 2019 22:48:10 GMT
server: AmazonS3
age: 1361501
etag: "c51cb8b11b0cd06e499c4780e050267f"
x-cache: Hit from cloudfront
x-amz-version-id: WEBANGVC_6kE86JqrYaIY1P.DVaG9gkA
status: 200
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 12668
x-amz-cf-id: fRtVhG9OStPnXwjKZxj0BP77cJG8Bs37zJHxK8JGuvg01ot28zXz_g==

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
150 B 190ms
62ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=88&profileId=184&cb=26571500895
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Fri, 24 Apr 2020 11:45:03 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.seattletimes.com
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 68 B
751 B 232ms
109ms Fetch
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid
Requested by: Host: seattle-times.zeustechnology.com
URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c6741bc1958b32cf3fe86d05de08bde74ae8b2312207444683e5cff4155053d

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: application/json

Response headers

Date: Fri, 24 Apr 2020 11:45:04 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.seattletimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 84

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 166 B
1 KB 188ms
84ms Fetch
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: seattle-times.zeustechnology.com
URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4f81bb56b6a1f7b4a39d3cc3f67a52601616a0027df086bca7e8ed156b5a497c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 24 Apr 2020 11:45:06 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.165:80
AN-X-Request-Uuid: 1461e457-5ca2-4a60-b6eb-9133936c369b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.seattletimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 166
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
506 B 192ms
192ms XHR
text/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3303&u=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&pid=hVw4X22IQ5ERY&cb=0&ws=1600x1200&v=7.49.02&t=1000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F81279359%2Fseattletimes.com%2Fnation-world%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: a2097bb2f9b247e3da9c69c7d110af9f1dfab9936ab029e7a4c586d7837904fb

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA2-C2
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-id: JJyTeifiBP2lkkLT_PVotPJNth4D9yLTvFEG3t88CAkxWtXonVOr6g==

GET
H2

200

arj Show response
seattle-times-d.openx.net/w/1.0/
Redirect Chain

https://seattle-times-d.openx.net/w/1.0/arj?auid=540950123&aus=970x250&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-fr...
https://seattle-times-d.openx.net/w/1.0/arj?cc=1&auid=540950123&aus=970x250&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-alleged...

175 B
387 B

274ms
273ms

Fetch
application/json

34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://seattle-times-d.openx.net/w/1.0/arj?cc=1&auid=540950123&aus=970x250&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&res=1600x1200x24&tz=-120&nocache=1587728704063
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.184.0 /
Resource Hash: b56978189fe13e9c34c910c6109bdec36505e2770d77df9896da0bc0e618bf28

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
server: OXGW/16.184.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.seattletimes.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 24 Apr 2020 11:45:04 GMT
via: 1.1 google
server: OXGW/16.184.0
status: 302
location: https://seattle-times-d.openx.net/w/1.0/arj?cc=1&auid=540950123&aus=970x250&bc=hb_dyn_wapo&be=1&ch=UTF-8&ju=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&res=1600x1200x24&tz=-120&nocache=1587728704063
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.seattletimes.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
2 KB 293ms
109ms Fetch
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10472&site_id=112172&tk_flint=custom&slots=1&size_id=57&alt_size_ids=&zone_id=585568&rp_floor=0.01
Requested by: Host: seattle-times.zeustechnology.com
URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 232d6bbabfa4ae976769b718829ba7d2ef8f7dc535230734ce82236652d3580e

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Pragma: no-cache
Date: Fri, 24 Apr 2020 11:45:04 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.seattletimes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=145
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK p.gif
p.typekit.net/ 35 B
367 B 9ms
9ms Image
image/gif 2a02:26f0:10c:287::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=lty1dar&ht=tk&h=www.seattletimes.com&f=4664.4667.5199.5200.5022.5035.5178.5310&a=1740476&js=1.19.2&app=typekit&e=js&_=1587728704071
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:287::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:04 GMT
Last-Modified: Fri, 15 Feb 2019 23:43:47 GMT
Server: nginx
ETag: "5c674eb3-23"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35
Expires: Mon, 26 Aug 2019 13:32:57 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
482 B 34ms
14ms XHR
application/json 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: text/plain

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978986367/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978986367/?random=1587728704166&cv=9&fst=1587728704166&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&tiba=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18df3a9c97731a11bb8850edec1db1958713936bda047bdbc73ab3b033af0e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1116
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 103 KB
29 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TWNDJBM&t=gtm2&cid=1192300423.1587728704

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3a929d925312d6601c58d1c23cb01cc5600b886d42ccba41de93e429b202121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29794
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
546 B 68ms
68ms XHR
application/json 63.33.80.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185755
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185755-164310286164052.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.80.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-80-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d91e2e0e74ad93365251f0ff95e906a630550b02beb88d780a5e9485fdd4d218

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.seattletimes.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 24 May 2020 11:45:04 GMT

GET identity
api.rlcdn.com/api/ 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/png

GET
H2 200 aax.js Show response
c.aaxads.com/ 272 KB
76 KB 248ms
99ms Script
text/javascript 23.222.53.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.aaxads.com/aax.js?pub=AAXESMQ43&hst=www.seattletimes.com&ver=1.2

Requested by

Host: smashsurprise.com
URL: https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.53.19 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-53-19.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c4341b9975cacaf35d56ee3748f884967b426495e1422328e9638cc4025a7f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Fri, 24 Apr 2020 11:45:04 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
expires: Fri, 24 Apr 2020 12:15:04 GMT

GET
H2 200 1511322088923926 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1511322088923926?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81583aa7ba0e00e7c8c8bc1d650e097c83fa182c46e2a12aceb1a40b9d4e9412

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 115176
x-xss-protection: 0
pragma: public
x-fb-debug: 1/0n/kjOrh5mfnuWISL4BENYyHcFtfBA3sZQk0rXA4V5qHOIe+VGE8uVcoe95LJcJ1rnY7QWnitgdleETHeTGA==
x-fb-trip-id: 2000377899
x-frame-options: DENY
date: Fri, 24 Apr 2020 11:45:04 GMT, Fri, 24 Apr 2020 11:45:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=894503507259758&ev=PageView&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&rl=&if=false&ts=1587728704263&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1587728704263.343257788&it=1587728703894&coo=false&rqm=GET

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT, Fri, 24 Apr 2020 11:45:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 15ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 19 Apr 2021 11:45:04 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 14ms
14ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 19 Apr 2021 11:45:04 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 595ms
149ms Image
image/gif 54.209.139.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&wrdcnt=762&sec=nation-world&prem=0&paracnt=19&ptype=story&hier=nation-world%7Ctechnology&auth=Craig%20Timberg%20SOUAD%20MEKHENNET&artupt=1587574665&arttype=The%20Washington%20Post&artsrc=WaPo&artpubt=1587521899&artid=12703102&tv=js-3.0.104&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_nolocalstorage=1&tvltm=10&tid=f5aa5cc0-ea14-4fff-8dcd-7a3c34a38814&pid=8fdcd19c-d4aa-40b7-b3b5-c34b7dddc3b8&dtm=1587728704354&qnm=_matherq&visible=1&tabid=54d6177a-bd10-4874-b937-a26bf4753a3c&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&vp=1600x1200&ds=1585x6384&tofa=1587728704&vid=1&lvidt=1587728704&duid=99fe032558be8ddd&fp=3485153272&cid=ma39482&mrk=93382992&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU4NzcyODcwMDc1MCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNS4zODg5NTVtYiIsImhlYXBUIjoiMTcuODE4MzMxbWIiLCJmc3RQYWludCI6IjE4MzQiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiMyIsImNvbm5TIjoiMyIsImNvbm5FIjoiMTQzIiwic3NsUyI6IjMzIiwicmVxdVMiOiIxNDMiLCJyZXNwUyI6IjExMDIiLCJyZXNwRSI6IjEyMDUiLCJkb21Mb2FkIjoiMTEyMiIsImRvbUludGVyIjoiMjAzOCIsImRvbUxvYWRTIjoiMjEwOCIsImRvbUxvYWRFIjoiMjExNSJ9LCJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJDb25zdW1lciBOZXdzIiwiQ29yb25hdmlydXMiLCJQZXJzb25hbCBEYXRhIl1dfX0
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.139.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-139-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:04 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 8DD1
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift&dcc=t

0
0

238ms
238ms

Document
text/html

52.95.123.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift&dcc=t
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A-LsvWWa8EPZqa80yxKMeEo|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

Server: Server
Date: Fri, 24 Apr 2020 11:45:04 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 192
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A-LsvWWa8EPZqa80yxKMeEo; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 11:45:04 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Tue, 01-Jul-2025 11:45:04 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Fri, 24 Apr 2020 11:45:04 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=brt_oath_dm_3lift&dcc=t
Set-Cookie: ad-id=A-LsvWWa8EPZqa80yxKMeEo|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Jan-2021 11:45:04 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 Aixlhp Show response
ad.doubleclick.net/ddm/adj/Brwj/ 11 B
776 B 288ms
100ms Script
text/javascript 216.58.207.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Brwj/Aixlhp

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.70 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s25-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/978986367/ 42 B
119 B 20ms
20ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978986367/?random=1587728704166&cv=9&fst=1587726000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&tiba=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&async=1&fmt=3&is_vtc=1&random=1081263811&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/978986367/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/978986367/?random=1587728704166&cv=9&fst=1587726000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4f0&sendb=1&frm=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&tiba=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&async=1&fmt=3&is_vtc=1&random=1081263811&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
107 B 6ms
5ms Image
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=675357763&t=pageview&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&ul=en-us&de=UTF-8&dt=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAjQAQC~&jid=255354712&gjid=1680672738&cid=1192300423.1587728704&tid=UA-52488759-1&_gid=1324647371.1587728704&gtm=2wg4f0KDZ92J&cd1=story&cd2=Craig%20Timberg%20SOUAD%20MEKHENNET&cd3=nation-world&cd5=technology&cd6=Consumer%20News%2C%20Coronavirus%2C%20Personal%20Data&cd8=WaPo&cd17=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online&cd18=12703102&cd19=0&cd22=&cd34=off&cd35=2&cd36=762&cd38=1192300423.1587728704&cd39=700&cd40=2020-04-21%2018%3A18%3A19&cd41=2020-04-22%2008%3A57%3A45&cd43=0&cd47=not%20set&cd55=not-set&cd56=0&cd57=&cd64=The%20Washington%20Post&cd67=1587727650&cd68=nation-world%7Ctechnology&cd69=2019-redesign&cd71=off&cd73=19&z=854428597

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 05:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1232287
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&gjid=1680672738&_gid=1324647371.1587728704&_u=aGDAgEAjQAQC~&z=2039640100
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&_v=j81&z=2039640100
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&_v=j81&z=2039640100&slf_rd=1&random=49525214

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&_v=j81&z=2039640100&slf_rd=1&random=49525214

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=255354712&_v=j81&z=2039640100&slf_rd=1&random=49525214
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=675357763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-g...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_gid=1324647371.1587728704&gjid=1132050945&_v=j81&z=255275173
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_v=j81&z=255275173
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_v=j81&z=255275173&slf_rd=1&random=2226698977

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_v=j81&z=255275173&slf_rd=1&random=2226698977

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=979796559&_v=j81&z=255275173&slf_rd=1&random=2226698977
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1511322088923926&ev=PageView&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dum...
https://cx.atdmt.com/?c=4508954916369143075&f=AYxkcqTOAimkfBeueJNvJtuAr34H71SYJvYV__TLhuYkAW2cTdoMW3Gi_tuNC6GyNkbNLQmDkOSZx-rULJCz8up5&id=1511322088923926&l=3&v=0

42 B
353 B

41ms
38ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=4508954916369143075&f=AYxkcqTOAimkfBeueJNvJtuAr34H71SYJvYV__TLhuYkAW2cTdoMW3Gi_tuNC6GyNkbNLQmDkOSZx-rULJCz8up5&id=1511322088923926&l=3&v=0
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

status: 200
date: Fri, 24 Apr 2020 11:45:04 GMT, Fri, 24 Apr 2020 11:45:04 GMT, Fri, 24 Apr 2020 11:45:04 GMT
content-type: image/gif
alt-svc: h3-27=":443"; ma=3600
content-length: 42
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT, Fri, 24 Apr 2020 11:45:04 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=4508954916369143075&f=AYxkcqTOAimkfBeueJNvJtuAr34H71SYJvYV__TLhuYkAW2cTdoMW3Gi_tuNC6GyNkbNLQmDkOSZx-rULJCz8up5&id=1511322088923926&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 6FB0 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Fri, 17 Apr 2020 14:58:01 GMT
expires: Sat, 17 Apr 2021 14:58:01 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 593223
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 53 KB
12 KB 419ms
419ms XHR
text/plain 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2530975819378726&correlator=2570490069880479&output=ldjh&impl=fifs&adsid=NT&eid=21064368%2C21065202%2C44716866&vrg=2020042001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200424&iu_parts=81279359%2Cseattletimes.com%2Cnation-world&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=970x250%2C1x1&prev_scp=pos%3Dtop%252Celite%252Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Dwallpaper&eri=1&cust_params=zeus%3Dapplied%26subsc%3DNoAcct-NotLoggedIn%26GA-ID%3Dnot-set%26type%3Dstory%26id%3D12703102%26tag%3DConsumer%2520News%252C%2520Coronavirus%252C%2520Personal%2520Data%26author%3DCraig%2520Timberg%2520SOUAD%2520MEKHENNET%26environment%3Dprod%26tpid%3D%26ccaud%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1587728704&dt=1587728704510&dlt=1587728701872&idt=2127&frm=20&biw=1585&bih=1200&oid=3&adxs=792%2C792&adys=125%2C6384&adks=2182379987%2C400333115&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&dssz=68&icsg=52982358998784&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x271%7C1585x1&msz=1x250%7C1x1&ga_vid=1192300423.1587728704&ga_sid=1587728705&ga_hid=675357763&ga_fc=true&fws=4%2C4&ohw=1585%2C1585

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

cafe /

Resource Hash

3843922ef354f0ed8b08028c17f1e1d4835f9a874133dc87483b86b95bc4222b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 11630
x-xss-protection: 0
google-lineitem-id: -1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020042001.js Show response
securepubads.g.doubleclick.net/gpt/ 67 KB
24 KB 93ms
93ms Script
text/javascript 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s16-in-f2.1e100.net

Software

sffe /

Resource Hash

4e84d85a31c26a182e31a0e7e97f1393690c5b5756a00201ca7752a253c79998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Apr 2020 20:16:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24855
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1464 107 KB
38 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAXESMQ43&hst=www.seattletimes.com&ver=1.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91bf72ab417eea5ff3f141d7c8ad74e33a117f0a76e9d43f68b36d82397595e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39050
x-xss-protection: 0
server: cafe
etag: 12180329160569944715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
205 B 56ms
55ms Image
image/gif 23.222.53.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.aaxads.com/pxusr.gif

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.222.53.19 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-222-53-19.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
status: 200
cache-control: max-age=526525
accept-ranges: bytes
content-length: 43
expires: Thu, 30 Apr 2020 14:00:29 GMT

GET
H/1.1 200
OK pxext.gif
www.aaxdetect.com/ 43 B
323 B 246ms
88ms Image
image/gif 23.222.58.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aaxdetect.com/pxext.gif
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.58.180 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-58-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:04 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=264104
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 27 Apr 2020 13:06:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1464 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.seattletimes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1464 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.seattletimes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/ Frame 1464 247 KB
90 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bff820919682846237903a0aa499f1643608e00823118f58a1c7b04dd614163d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 92108
x-xss-protection: 0
server: cafe
etag: 5066730366600830143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200422/r20190131/ Frame 283D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlGogqhMg2uZS50atWfvP0Dih31fDsQucV0Uv9GOiyXHtqhZpoVET7ICiax
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 23 Apr 2020 07:38:20 GMT
expires: Thu, 07 May 2020 07:38:20 GMT
content-type: text/html; charset=UTF-8
etag: 4094386822458569044
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4444
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 101204
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame C063 0
0 56ms
56ms Document
text/html 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9595286865800821&output=html&adk=1812271804&adf=3279755396&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587728704666&bpp=11&bdt=64&idt=99&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=2710815627590&frm=23&ife=1&pv=2&ga_vid=1192300423.1587728704&ga_sid=1587728705&ga_hid=396621613&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=4&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&isw=0&ish=0&ifk=2566082785&scr_x=0&scr_y=0&eid=21065473&oid=3&pvsid=2200046084627728&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8212&bc=31&ifi=0&uci=0.ndnsvubuj55s&fsb=1&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9595286865800821&output=html&adk=1812271804&adf=3279755396&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1587728704666&bpp=11&bdt=64&idt=99&shv=r20200422&cbv=r20190131&ptt=9&saldr=aa&nras=1&correlator=2710815627590&frm=23&ife=1&pv=2&ga_vid=1192300423.1587728704&ga_sid=1587728705&ga_hid=396621613&ga_fc=1&iag=3&icsg=170&nhd=1&dssz=4&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&isw=0&ish=0&ifk=2566082785&scr_x=0&scr_y=0&eid=21065473&oid=3&pvsid=2200046084627728&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8212&bc=31&ifi=0&uci=0.ndnsvubuj55s&fsb=1&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlGogqhMg2uZS50atWfvP0Dih31fDsQucV0Uv9GOiyXHtqhZpoVET7ICiax
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 24 Apr 2020 11:45:04 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1464 6 KB
5 KB 27ms
15ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200422&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b5bc7159b676e676618bbaff4d623d84ea8393662c6fb45735f6ae08cf5aea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 4601
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1464 74 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1587573036175118"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27875
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:04 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
78 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNEVDxGJ5lYtoyP0F

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 24 Apr 2020 11:45:04 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.seattletimes.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 log
l3.aaxads.com/ 35 B
194 B 57ms
56ms Image
image/gif 23.222.53.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dewh=SSP_CLIENT&dgeg=0&dgw=desktop&flg=AAXESMQ43&fw=WARSAW&ff=PL&xjg=4&oshu=1&skw=6385&slg=8PR6YK195&gq=seattletimes.com&vhuyqdph=rtb-nv-dcos-ssp-10-6-45-6-25162&vg=1&vyu=2211_242_2212_116_ssp&vf=&yhuvlrq=4&yk=1200&yz=1585&yvlg=&ylg=00001587728704593032612948488522&vvsDeExfnhw=CONTROL&jgsu_hqi=1&fvha=0&jgivwu=Y--&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=false&xvs_vwulqj=&xifd=-1&deg=2&gvwduw=23&ghqg=286&uhtxuo=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&nzui=
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.222.53.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-222-53-19.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:04 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1464 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200422/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:04 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytblnPwlfOzbCI6CO

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 24 Apr 2020 11:45:04 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.seattletimes.com
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 399C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 24 Apr 2020 11:34:13 GMT
expires: Sat, 24 Apr 2021 11:34:13 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 651
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame C5F3 200 KB
56 KB 102ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/
Origin: https://www.seattletimes.com

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5023
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 10:21:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 10:21:22 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame C5F3 200 KB
55 KB 191ms
97ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5023
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 10:21:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 10:21:22 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame C5F3 16 KB
6 KB 187ms
94ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-ad-exit-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8044
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5717
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 09:31:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "955d460ecdaddff4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 09:31:01 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame C5F3 93 KB
29 KB 101ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5021
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28417
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 10:21:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 10:21:24 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame C5F3 3 KB
1 KB 187ms
95ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-fit-text-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8064
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1416
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 09:30:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7405f8d8da732be7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 09:30:41 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame C5F3 46 KB
15 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-form-0.1.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 8050
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 09:30:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "37d2c34b66959890"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 09:30:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C5F3 5 KB
764 B 29ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de194513e4629c7a62da8ab95582cfb3294943483c00ff17a1d6ce80d7ca1477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Apr 2020 11:45:05 GMT
server: ESF
date: Fri, 24 Apr 2020 11:45:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Apr 2020 11:45:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C5F3 5 KB
718 B 30ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de194513e4629c7a62da8ab95582cfb3294943483c00ff17a1d6ce80d7ca1477

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Apr 2020 11:45:05 GMT
server: ESF
date: Fri, 24 Apr 2020 11:45:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Apr 2020 11:45:05 GMT

GET
DATA 200
OK truncated
/ Frame C5F3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee826c51e018a476b8ff74d0e405195683aaafa1f3493736066124149e046b84

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ 20 KB
7 KB 179ms
178ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5015
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7162
x-xss-protection: 0
server: sffe
date: Fri, 24 Apr 2020 10:21:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "124c7b7cd5d53550"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Apr 2021 10:21:30 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2655097233104295585/ Frame C5F3 39 KB
39 KB 274ms
83ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2655097233104295585/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2gMQ-AEYASABLQAAAD8w2gM4-AFFAACAPw&rs=AOga4qlZXHw0wi8GWFibmb5PqgPMWfxpPA

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce1e77181aa2b8723eae6982cb123f3cd69b8a1eb0274832f633c00cee3838bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Wed, 15 Apr 2020 20:09:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Apr 2020 10:45:47 GMT
server: sffe
age: 747358
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39747
x-xss-protection: 0
expires: Thu, 15 Apr 2021 20:09:07 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2851142661111622463/ Frame C5F3 22 KB
22 KB 289ms
99ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2851142661111622463/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qlEVNouMaphdWMJGAhSUvRbQzuuHA

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81e161db834e8b06faca47e01d4f4935eb169dcc536668ddd339013ce5333828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Wed, 15 Apr 2020 20:08:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jan 2020 14:18:02 GMT
server: sffe
age: 747370
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 22815
x-xss-protection: 0
expires: Thu, 15 Apr 2021 20:08:55 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C5F3 0
0 371ms
181ms Image
text/html 172.217.22.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfy-rQNGiXt3jJYbu3wP16L-IAf7Ftc5cltCsgaIL__WQ49cCEAEg07m7JGDp5MmF2BqgAbnzhfADyAEGqQLPzUvkhQayPuACAKgDAcgDCqoE3wJP0C8fHzrErmGGNZRsU7eLlrKxyoPgnqYiGElcIGYQvPUWytkllxmIobtbeFprx3iBTZPi6PNpUkPvLaRs8y_sg45M5V0Q_UEZUYSdH6WsOzM3KRs-UR-sogEF6qptjrM7JxNJ3hDL5ot7d-QCEZmI-KeUXSirxjF2XDHVDIFB7bQZTnSG4EM2gfhnwdUB0KiCxN1LMFtrekPotqp4wJqPtKBh2N6xbgPjsbU1cmisPzdto_7oOdtWipmLZ2NDfVhN44V_cRZkEwRCJ-XaKd_VaXShsWcuJMnK0YP_URg_u6jDDkNKKHOrjrS3WriCOPco90aTXVoG64LERFGsVwj4oqJS3639Ej6k5O21XJDaIkWxcOzGOH7xfr4MU96z1dkV7KxAoJQYa9cudcmK4uBj3OzCxOK4J7j02ulIC1hrvoZ2XpUcsq3oS_5GcLG7BWRy9tWo_9tXQpue1_GcxGjABI-6kdnwAuAEAZIFBAgEGAGSBQQIBRgEoAY3gAfLjJF0qAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEM7aD9IICQiA4YBwEAEYHYAKA8gLAdgTAogUAQ&sigh=j5FTNApfWJU&template_id=492&tpd=AGWhJmvnsn5mf06kb9hc31J3-Ts5c6yNWq4OqJAVqpMIyGSaDg
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s16-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame C5F3 0
0 366ms
181ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs2qXAWUaP5VuAIFeoDwI24tso1FZbicV5Lbasqj1lqHvVbU0gb6dusX0d0USaE3fZiI85
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C5F3 2 KB
3 KB 366ms
182ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Thu, 23 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 43872
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 24 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C5F3 295 B
514 B 291ms
190ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Thu, 23 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 49905
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 24 Apr 2020 21:53:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C5F3 15 KB
15 KB 196ms
4ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.seattletimes.com

Response headers

date: Wed, 01 Apr 2020 17:07:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 1967873
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 15736
x-xss-protection: 0
expires: Thu, 01 Apr 2021 17:07:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C5F3 16 KB
16 KB 101ms
4ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.seattletimes.com

Response headers

date: Wed, 01 Apr 2020 19:21:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 1959791
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 15872
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:21:54 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1464 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200422&jk=2200046084627728&bg=!QEOlQ1tYjT0Vd6T9YHQCAAACU1IAAAAHmQFZwzRMhuMX6J0SxbV_HDA-G1FzcwcZYrReaI1V5OrL3NJ-ON0DeagNVGqLDX7yg3B7gpfZvMmqn3ccyPma8-lml55Cg6b7XaVJF1kGkRQiEjnuvgpx6aLpPbP31nUVvAGfZnRy83SLWq_eIvAbuoOWQNq_h03Q3FFr6xb32CQ6wQyc25zPLKEzPIDAPZFAPYLpK-Z3ujg4rYfc6BFG-_6zgrXr5_J3god5_ZR3D_9WSFXp3815d8sQ52_GOZb5E7LPgH-bf4GL3ZBUPF_iXnhi3fiBZKKSAO7XM_9pL3b_DUQ1_Buw8ILZv4L0J9vlhypkfT8hL6qZOoKaLJy-MDwVzLiR9jlvtXPtMx81kZMQ33ntSM6MCDUnBqoLwaWost6Wz9ZPkU0nvkGCCb6p_IlXYQns8HqjN5ojlAJ1jksKo38-B7bbb53nwV7IktLCb40-7tbnaAkb2mU3

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 85ms
84ms Script
application/x-javascript 13.225.83.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.83.203 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-203.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:15:18 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 1787
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _VaRZATaReHMA5pNf3h3YYcAw7Lg5wrR6RxpIFnAxVxCPT9Y7DR2mQ==
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
expires: Fri, 24 Apr 2020 13:15:18 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame C526 0
0 98ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.seattletimes.com

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.seattletimes.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 200
cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-powered-by: ASP.NET
date: Fri, 24 Apr 2020 11:45:05 GMT
content-length: 5120

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/6950471/ 0
400 B 306ms
305ms Script
application/x-javascript 104.74.92.158
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/6950471/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.74.92.158 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-74-92-158.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Mon, 27 Apr 2020 11:45:05 GMT

GET
H2

200

rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20... Frame F33A
Redirect Chain

https://bcp.crwdcntrl.net/5/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A...
https://bcp.crwdcntrl.net/5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%...

0
0

98ms
97ms

Document
text/html

54.171.59.252
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world/int=%23OpR%2370999%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world%20%3A%20email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/rb=%7B%22article_title%22%3A%22%20Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%22%7D/rt=ifr
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.59.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-59-252.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world/int=%23OpR%2370999%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world%20%3A%20email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/rb=%7B%22article_title%22%3A%22%20Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%22%7D/rt=ifr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _cc_cc=ctst
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 200
date: Fri, 24 Apr 2020 11:45:06 GMT
content-type: text/html;charset=UTF-8
content-length: 2040
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.9.151
set-cookie: _cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 19-Jan-2021 11:01:00 GMT;SameSite=None;Secure _cc_domain=.cc.seattletimes.com;Path=/;Domain=crwdcntrl.net;Expires=Tue, 19-Jan-2021 11:01:00 GMT;SameSite=None;Secure _cc_id=39e4434edf6176e3c34ce6c80c7230af;Path=/;Domain=crwdcntrl.net;Expires=Tue, 19-Jan-2021 11:01:00 GMT;SameSite=None;Secure _cc_cc="ACZ4nGNQMLZMNTExNklNSTMzNDdLNU42NklONUu2MEg2NzI2SExjAIK4RRed%2FgMBPwMMCC7ofM3F%2BN6V4T8jI8P7P0f5YOx1D47B2fMPXFGFsTd0XpCCsQ%2F1XFKAsds2POWGsc8dPcQMY%2B%2Fed1kAbv5nSxjz8Xl1GPPw4jksMPbt1j64TZdOPWKDsd8tQaj50HAfbuLfjVPg4gBS8Vrl";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 19-Jan-2021 11:01:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4nGNgYGCIW3TRiQEGmBiY6o6AGVprgCQASUQEMg%3D%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Tue, 19-Jan-2021 11:01:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin: *

Redirect headers

status: 302
date: Fri, 24 Apr 2020 11:45:05 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=8943/rand=300021036/pv=y/genp=Guest/int=%23OpR%2370997%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Total%20Site%20Traffic/int=%23OpR%2370998%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world/int=%23OpR%2370999%23Seattle%20Times%20%3A%20seattletimes%20%3A%20Site%20Section%20%3A%20nation-world%20%3A%20email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/rb=%7B%22article_title%22%3A%22%20Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online%20%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.7.167
set-cookie: _cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure

POST
H2 200 v2usrtfLzEpt4TjZyFc3eh8HJ04S-i0qPuCVKOZ0nuSujHV7mG7z4KbG1MuX6USx7YnAdzOkq Show response
smashsurprise.com/ 216 B
607 B 358ms
182ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smashsurprise.com/v2usrtfLzEpt4TjZyFc3eh8HJ04S-i0qPuCVKOZ0nuSujHV7mG7z4KbG1MuX6USx7YnAdzOkq

Requested by

Host: smashsurprise.com
URL: https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

866e65f78723d64f942e5b82608ac43896084c71b194a96bd85e133505559611

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Fri, 24 Apr 2020 11:45:05 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.seattletimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: hank
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 24 Apr 2020 11:45:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 6 KB
5 KB 57ms
57ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020042001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020042001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f96bf8f26b444fa65e6f14779961f617b51a9dcbe0f4bd61c053e12843a1418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Fri, 24 Apr 2020 11:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C5F3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
40ms

Image
text/html

2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Redirect headers

date: Fri, 24 Apr 2020 11:45:05 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Fri, 24 Apr 2020 11:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 24 Apr 2020 11:45:05 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2655097233104295585/ Frame C5F3 39 KB
39 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce1e77181aa2b8723eae6982cb123f3cd69b8a1eb0274832f633c00cee3838bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Wed, 15 Apr 2020 20:09:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Apr 2020 10:45:47 GMT
server: sffe
age: 747358
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39747
x-xss-protection: 0
expires: Thu, 15 Apr 2021 20:09:07 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2851142661111622463/ Frame C5F3 22 KB
22 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81e161db834e8b06faca47e01d4f4935eb169dcc536668ddd339013ce5333828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

date: Wed, 15 Apr 2020 20:08:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jan 2020 14:18:02 GMT
server: sffe
age: 747370
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 22815
x-xss-protection: 0
expires: Thu, 15 Apr 2021 20:08:55 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C5F3 2 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Thu, 23 Apr 2020 23:33:53 GMT
x-content-type-options: nosniff
server: cafe
age: 43872
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 24 Apr 2020 23:33:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C5F3 295 B
360 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

timing-allow-origin: *
date: Thu, 23 Apr 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 49905
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 24 Apr 2020 21:53:20 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 451ms
164ms Image
image/gif 52.73.102.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=seattletimes.com&p=%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&u=LzAI8B3uqK_BM4E0b&d=seattletimes.com&g=22565&g0=nation-world&g1=Craig%20Timberg%20SOUAD%20MEKHENNET&n=1&f=00001&c=0&x=0&m=0&y=6384&o=1593&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4915&t=C96vIEB7DplfBi6UnJ5xmgBOagnT&V=120&i=Email%20addresses%20and%20passwords%20allegedly%20from%20NIH%2C%20WHO%20and%20Gates%20Foundation%2C%20are%20dumped%20online&tz=-120&_acct=anon&sn=1&sv=nVCti62GLrCGRmHeBF7WEyBXmEe9&sd=1&im=067b0ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.102.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-102-160.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

status: 200
pragma: no-cache
date: Fri, 24 Apr 2020 11:45:06 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 3B92 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/605d2c78582df01d0ec93855950a4cfbd5a14db83d0f7eab211fd4894ae78c3c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 24 Apr 2020 11:34:13 GMT
expires: Sat, 24 Apr 2021 11:34:13 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 652
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020042001&jk=2530975819378726&bg=!T0ylTFRYrxXac81rGPcCAAAAZFIAAAANmQE7cAuPLnXNRFH7vW38yG4sFzi8kk0eTOb3tL-Gk6O-Q0NQZQbherRkVAnUtXsoefzc6Nrc0SI3lUkwQ0oN4AeYpDDQD1oEYkRRGycZroDcSux1peq2olsn8yUQZ1AMlBXvQIoB5k47h8TTgUM4MZvd5z6Ylj6b9Pytmie0TbyicgzRFQA-U2YZwJm-Kqi2yBkmIECXE-7O-lWpcyvjBIIi-Va-dsP7HKaykvdb0WaGk0UUR1sedXBC1VZPb4QB6jEPyyHojkfTNOW_hhGf9T4yLD9ilAxBQNRD_b6yvDvyesUiAxCyLY_JiEzbN_Bby8ijEu-Zaa9yQHwEuRJHUkPgDhpwUbzsXh5DOIG0Q_XMW1TUel2kBSOKPtmKqp0azdKqsbswCpxmjS8prD_vrn2LedVMe4hLhYFFhALX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2mgkiBm6CnHc0oGFKjjvefoOgA7IxPKGGMaL7zoxzz8RfN3C314WYpfWH_LTj8zhdtJJhupa Show response
smashsurprise.com/ 3 B
59 B 101ms
99ms Fetch
application/json 35.190.91.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://smashsurprise.com/v2mgkiBm6CnHc0oGFKjjvefoOgA7IxPKGGMaL7zoxzz8RfN3C314WYpfWH_LTj8zhdtJJhupa

Requested by

Host: smashsurprise.com
URL: https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
status: 200
date: Fri, 24 Apr 2020 11:45:06 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.seattletimes.com
access-control-allow-credentials: true
x-hostname: hank
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=675357763&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-g...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_gid=369980991.1587728706&gjid=1618830675&_v=j81&z=1156422572
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_v=j81&z=1156422572
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_v=j81&z=1156422572&slf_rd=1&random=3909772711

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_v=j81&z=1156422572&slf_rd=1&random=3909772711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=1192300423.1587728704&jid=1554389255&_v=j81&z=1156422572&slf_rd=1&random=3909772711
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 5ms
5ms Image
image/gif 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&aip=1&t=data&ni=1&_s=1&dt=&je=0&exp=gZ6b3huQQMS6mvrVwps6dw.1&_u=aHjACEAjRAQC~&jid=&gjid=&cid=1192300423.1587728704&tid=UA-52488759-1&_gid=1324647371.1587728704&gtm=2wg4f0KDZ92J&z=404394443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 05:26:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1232289
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C5F3 42 B
110 B 17ms
17ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmKi4pnQTNiYZbElxGFJQ17Hozjth7ViFuG9XUlX1RnP_v-s0uGgQ2YMfP80qAALjZmmxm8jzio438f3p5bvV7OxS4wednp--avYlP06uUQxnR_QHoTXmApMBaJg&sai=AMfl-YTIRUOcSXvNrSeGlplagt5fZba9fWyud1sFPsQQ1kYKNCGAnfechNgbkX7d9cPzNc-L1h4CBZe0oPDT9Y83zzsBVrKM6QQcqdHvNdjzwsBiYwtpwAImVYHmQuR4&sig=Cg0ArKJSzPpfIyjGGQTtEAE&cid=CAASPeRo-rIY6G4PLsFkEq4-wNAtAZmdp6PML1DBaCP42oQPHgMGHAiV8idpPAUneUczrz3vanJsJtClqae-Lwo&id=ampim&o=308,125&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=226&tls=1226&g=100&h=100&tt=1226&r=v&avms=ampa&adk=2182379987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

pragma: no-cache
date: Fri, 24 Apr 2020 11:45:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 149ms
148ms Image
image/gif 54.209.139.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.104&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_nolocalstorage=1&tvltm=10&f_privb=0&tid=8a09120f-24e0-4270-ad8d-21c72dd27e34&pid=8fdcd19c-d4aa-40b7-b3b5-c34b7dddc3b8&dtm=1587728714352&qnm=_matherq&visible=1&tabid=54d6177a-bd10-4874-b937-a26bf4753a3c&url=https%3A%2F%2Fwww.seattletimes.com%2Fnation-world%2Femail-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online%2F&vp=1600x1200&ds=1585x6384&tofa=1587728714&vid=1&lvidt=1587728714&duid=272c6903154ef86c&fp=3485153272&cid=ma39482&mrk=93382992&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU4NzcyODcwMDc1MCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMC4wNDExOTVtYiIsImhlYXBUIjoiMjIuMjI5ODE5bWIiLCJmc3RQYWludCI6IjE4MzQiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiMyIsImNvbm5TIjoiMyIsImNvbm5FIjoiMTQzIiwic3NsUyI6IjMzIiwicmVxdVMiOiIxNDMiLCJyZXNwUyI6IjExMDIiLCJyZXNwRSI6IjEyMDUiLCJkb21Mb2FkIjoiMTEyMiIsImRvbUludGVyIjoiMjAzOCIsImRvbUxvYWRTIjoiMjEwOCIsImRvbUxvYWRFIjoiMjExNSIsImRvbUNtcGx0IjoiNDkxNSIsImxvYWRTIjoiNDkxNSIsImxvYWRFIjoiNDk0MiJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.139.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-139-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.122 Safari/537.36 Edg/81.0.416.64

Response headers

Date: Fri, 24 Apr 2020 11:45:14 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.adnxs.com/	1970-01-19 11:11:44	Name: uuid2 Value: 4395255673340392206

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [CustomSSP] Registering custom bidder [object Object]
console-api	debug	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: LOTAME values retrieved [object Object]
console-api	warning	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [Zeus] - CCPA string not set: IAB __uspapi method does not exist on window.
console-api	warning	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [IX Err]: [object Object]
console-api	log	(Line 1) Message: lotr=Guest
console-api	log	URL: https://static.criteo.net/js/ld/publishertag.js(Line 1) Message: %cPubTag color: #fff; background: #ff8f1c; display: inline-block; padding: 1px 4px; border-radius: 3px; ERROR: Error onError: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [AppNexus] Bid returned but marked as nobid or doesn't contain an ad [object Object]
console-api	warning	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [Rubicon] bid error occured no-compatible-ads
console-api	warning	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [Openx Err]: [object Object]
console-api	warning	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: [sovrn]: No bids returned
console-api	log	URL: https://seattle-times.zeustechnology.com/main.js?ver=4.9.10(Line 1) Message: Render the following adNodes: [object HTMLElement],[object HTMLElement]
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://www.seattletimes.com/nation-world/email-addresses-and-passwords-allegedly-from-nih-who-and-gates-foundation-are-dumped-online/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline' data: 'self' blob:; connect-src wss: https: ; object-src 'self' blob: ;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.crwdcntrl.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
adservice.google.pl
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.rlcdn.com
assets.wearehearken.com
awsapi.seattletimes.com
bcp.crwdcntrl.net
bidder.criteo.com
c.aaxads.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.p-n.io
connect.facebook.net
cx.atdmt.com
di.rlcdn.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
js-sec.indexww.com
js.matheranalytics.com
l3.aaxads.com
mab.chartbeat.com
match.adsrvr.org
modules.wearehearken.com
p.typekit.net
pagead2.googlesyndication.com
ping.chartbeat.net
px.ads.linkedin.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
seattle-times-d.openx.net
seattle-times.zeustechnology.com
securepubads.g.doubleclick.net
smashsurprise.com
snap.licdn.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
use.typekit.net
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.linkedin.com
www.seattletimes.com
api.rlcdn.com
104.74.92.158
107.178.250.234
13.224.194.69
13.225.73.118
13.225.73.64
13.225.73.73
13.225.83.203
13.225.86.250
143.204.89.121
143.204.89.95
151.101.114.217
172.217.22.34
172.217.22.98
178.250.2.131
216.58.207.70
23.210.249.164
23.222.53.19
23.222.58.180
2a00:1450:4001:806::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:814::200e
2a00:1450:4001:815::2003
2a00:1450:4001:817::2008
2a00:1450:4001:818::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:824::2002
2a00:1450:400c:c0c::9b
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:10c:287::19fd
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::714
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
34.95.120.147
35.190.91.111
35.241.8.149
37.252.172.249
52.73.102.160
52.95.123.41
54.171.46.67
54.171.59.252
54.209.139.223
63.33.80.49
69.173.144.140
72.251.249.9
95.100.67.47
95.100.75.222
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b810c6b83f3d55da4c3e345113ad863901ff3e382e04170817b853f761dd9f0
0c6741bc1958b32cf3fe86d05de08bde74ae8b2312207444683e5cff4155053d
0c7603d2ffaf7858118b699779cd3e33e3f3a37916528a969974cca8713d7285
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f9cd88cbcde7c206bc162fcc4986a3be20d538adc746b3635eb5e7495274a5
12852ccf3064ed0d5745d7a5f2be4ad983d5299eb083c83a1c8b1fc41e281520
13f7c2d8e7b31ad79e3f8d08eab6cccef702cd680a34575ebc68f3c4d55793a4
1615f1ff025d6fe1f52f8305bb86c36bf7ed8a8849d40936148e85a7f301437c
1885236fb05e77f0cd466d006a6388c673c1cf144fc205ea7cb3a7ff2fe12980
18df3a9c97731a11bb8850edec1db1958713936bda047bdbc73ab3b033af0e5a
18fc57c1477befa17fc5bc19145e94c0933bc9bdbd94afa1495dccc77e008ade
1c772192d318b30339e05ce1e87618b2d1c7519e14f3f20dbd358238c45245a3
232d6bbabfa4ae976769b718829ba7d2ef8f7dc535230734ce82236652d3580e
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
2a902f3f6bb291138692567054de342c7482edfe90db9f3d2bab061351320386
308603042b468f50088fc1da2d2df84961098f3f3126b36a124dc6c092e2c275
310358279d26b81e657ecc9d51ad502b1d78d7db1ac7221ec092c301e216859e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
371b0723b274026907d7625b2ecc830910f884fbc2f741c5bdbd027b34306a3d
3843922ef354f0ed8b08028c17f1e1d4835f9a874133dc87483b86b95bc4222b
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
42a9f4217712c30ae366136bf8ba447e13f963bf6abe5d8c47ff6a89a05b56b4
46307aa47885c00afeb3db29da8aada74f513f62dbc40a3b56536bd1c7e75daf
46dbfc33b12c4e26c1eae7e23eb6951693f1248cbb7710eff0fe54dfb7967f3d
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48f95e4171ead8318e93c8bd8e5cd16a4e1688d359bfb5ca2bc9f3ecc8724bbf
4d0df6c748484ff77f646fad34a73c3005e6b6caef813bcfd6f6c841775ccaf1
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
4d336b2f26c28d81613b6added9d9f942806236744523712204cca7362c78d01
4e84d85a31c26a182e31a0e7e97f1393690c5b5756a00201ca7752a253c79998
4f81bb56b6a1f7b4a39d3cc3f67a52601616a0027df086bca7e8ed156b5a497c
4f96bf8f26b444fa65e6f14779961f617b51a9dcbe0f4bd61c053e12843a1418
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5f3a7b96b7ddc57ed6721f1ac5136c2a3075740713f37f0fd7ef4e5e94a55124
6b5bc7159b676e676618bbaff4d623d84ea8393662c6fb45735f6ae08cf5aea1
6d891777771aa5f97eacda90fbd16004957c0784475110611a4f7493bad8a9b5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e6af6ef2f891ed0ff21cbeaa6a42bd54f797e21d2ae3fa7fd6aed985a1c70df
6f62264c991fbf339ac2d25c7bd4f772d79a817c0014ed640fcce5057f153e05
70ef4c822491fe92d2930416a41be09acc296a0e6a32550cbefc8db927b226a0
70fb2cda7d95517cdeeb97a6bbd27157a2e9c4c2ebd9ce5ac8925a101fa3c391
757356e3395a14678ad98d34ab39325de29d79752e66ae1748d0015cfd5d007e
7853f30b8d97f4ea1936818b0b01f1757e46fe3f99571a572582d4eec53e6875
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d35bc68dab6b58597c20f0ae7278d6b8270c7a5491447497ea248d9f6cca828
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8111615ce7959f9c1b33c5307f5f3dd4bdbdf89465e99a97520f8fa9b373489c
81583aa7ba0e00e7c8c8bc1d650e097c83fa182c46e2a12aceb1a40b9d4e9412
81e161db834e8b06faca47e01d4f4935eb169dcc536668ddd339013ce5333828
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866e65f78723d64f942e5b82608ac43896084c71b194a96bd85e133505559611
8a8ff2d1dffb57882508ed3f81af9d94b72a7d4d2c61e59b7c7e5f6adaa11c54
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b2e5f95682bd75d31495a3113455d027b39444acdbbc743085f344c8617b4c6
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98ecc0bce26305114d5c34b34e24583eb60ba3f1ff352ab9d8bb4de91cb0abbd
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a2097bb2f9b247e3da9c69c7d110af9f1dfab9936ab029e7a4c586d7837904fb
a2deddad8c3b18a05e32ffdbb3e57004f820bf30d3ba341cd529b9156db47f41
a3fc0aaa83d11f756acc32fbf5c5116a737d29dac26532057787c9238498491a
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
a6495f2ec61c8c0bea17e20c0cb865df1e6bb44ff50d9c3b29dae5c29b765041
a8f3fd48da50cc9be7d47c5a07267e7c1a22f5708a2eb7160b4ca3bd2263d66f
ac2023f3a20503f101ec818760b0892d07e80397237aa8af5256e3105164870a
acc8c3d5178fe28692ceef2eb92f597b80b63bba78caa13babecfd4ca5ba144e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56978189fe13e9c34c910c6109bdec36505e2770d77df9896da0bc0e618bf28
bff820919682846237903a0aa499f1643608e00823118f58a1c7b04dd614163d
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c284dd585598d733465ddabb1c08df97217676deb48865e75e2fb61a41ca1195
c3a929d925312d6601c58d1c23cb01cc5600b886d42ccba41de93e429b202121
c4341b9975cacaf35d56ee3748f884967b426495e1422328e9638cc4025a7f33
c7ac0d791b0ad92100e6071256d55d4b7f11b7a4c064348ced16838faaa0183f
c8bd4ef9f7f3ec513d39b8753ed27e7f9c6888111b1b6fc90d1efe98bc68c9ea
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce1e77181aa2b8723eae6982cb123f3cd69b8a1eb0274832f633c00cee3838bb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d35cdd70491922d7327a0c8881e392828e73f987a1c7475878dd0aa5996babc1
d54f94df1233ab7224af68f63fe3df27584c4c01d70b2e65bcdc774ba05c6b41
d5cc3b22702ddf6f7320c640076572dd90d68ebf431cb6966d2ef636b408cf09
d652b147ad1822f985252f26f60480d17ab3910d30da1f7235ba272e9d3d2e82
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d91e2e0e74ad93365251f0ff95e906a630550b02beb88d780a5e9485fdd4d218
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
dbf3c857eb35b901813c878ab820207c24c4d491ea933e986010ab385aa402ef
de194513e4629c7a62da8ab95582cfb3294943483c00ff17a1d6ce80d7ca1477
de4e5f007daa10fb7876795414e400731622bc75bceabb1a51da85aa77128fc4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e767af013378d1adf0d6561edd37f8cd0d05ba430ce7a611ce94828478d85c67
e909d680bf70a3c912a8371ece94931ecf072dfcc5bff7b62fce609c74a0101b
e91bf72ab417eea5ff3f141d7c8ad74e33a117f0a76e9d43f68b36d82397595e
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebf3b1f5f0a9ce5854290a089b8c96a56f54e6d51c907e6b216040eda5f77904
ee826c51e018a476b8ff74d0e405195683aaafa1f3493736066124149e046b84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0af85627e7c13ef9974aa6f404b4dbe85cb1df2ab642a23f8c4a3ffb7fd915f
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f8e50177029cb2306172bc041564b5b2000688d67989a56b70c0c4bc71278326
fb1935ab39199376bc20094d90c00e380247790772a5df76049b2de4e0cd4ea8
fe1d8731586a0b3f1c5a3dba7d6b1c879495cbc6d05163a234868f082d9a06fb

www.seattletimes.com Open in urlscan Pro 95.100.75.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

145 Requests

99 %HTTPS

43 %IPv6

41 Domains

61 Subdomains

55 IPs

7 Countries

1987 kBTransfer

6190 kBSize

1 Cookies

37 Outgoing links

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.seattletimes.com Open in urlscan Pro
95.100.75.222 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

99 %
HTTPS

43 %
IPv6

41
Domains

61
Subdomains

55
IPs

7
Countries

1987 kB
Transfer

6190 kB
Size

1
Cookies

145 HTTP transactions
7 data transactions