eu.desmoinesregister.com Open in urlscan Pro
151.101.194.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN...
Effective URL:
https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ran...
Submission: On October 08 via api (October 8th 2021, 2:11:49 pm UTC) from SE — Scanned from DE

Summary HTTP 178 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 21 domains to perform 178 HTTP transactions. The main IP is 151.101.194.62, located in United States and belongs to FASTLY, US. The main domain is eu.desmoinesregister.com.
TLS certificate: Issued by R3 on August 12th 2021. Valid for: 3 months.

This is the only time eu.desmoinesregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	104.18.31.105 104.18.31.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 108	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
2	104.20.185.68 104.20.185.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.16.149.64 104.16.149.64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.129.26 151.101.129.26	54113 (FASTLY) (FASTLY)
1	13.224.193.83 13.224.193.83	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
1 4	13.224.193.46 13.224.193.46	16509 (AMAZON-02) (AMAZON-02)
24	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	34.107.143.101 34.107.143.101	15169 (GOOGLE) (GOOGLE)
3	34.102.161.46 34.102.161.46	15169 (GOOGLE) (GOOGLE)
1	18.195.43.183 18.195.43.183	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.181 151.101.193.181	54113 (FASTLY) (FASTLY)
1 4	13.225.87.89 13.225.87.89	16509 (AMAZON-02) (AMAZON-02)
1	3.125.147.59 3.125.147.59	16509 (AMAZON-02) (AMAZON-02)
1	13.225.85.39 13.225.85.39	16509 (AMAZON-02) (AMAZON-02)
3	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
1	18.210.181.188 18.210.181.188	14618 (AMAZON-AES) (AMAZON-AES)
3	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
1	13.225.87.97 13.225.87.97	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	141.226.228.48 141.226.228.48	() ()
178	25

2 104.18.31.105 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

d11dxp04.na1.hubspotlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

108 151.101.194.62 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.desmoinesregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.desmoinesregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.desmoinesregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
atoms.desmoinesregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.185.68 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.149.64 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.26 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-83.fra2.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.193.46 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-46.fra2.r.cloudfront.net

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.143.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.143.107.34.bc.googleusercontent.com

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.161.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.161.102.34.bc.googleusercontent.com

ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.43.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-43-183.eu-central-1.compute.amazonaws.com

sp.desmoinesregister.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.181 (United States)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.87.89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-89.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.147.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-147-59.eu-central-1.compute.amazonaws.com

www.summerhamster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.181.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-181-188.compute-1.amazonaws.com

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-97.fra2.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (None, )

ASN- ()

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	gannettdigital.com cpt-static.gannettdigital.com	543 KB
27	taboola.com cdn.taboola.com trc.taboola.com am-trc-events.taboola.com images.taboola.com	386 KB
16	gannett-cdn.com www.gannett-cdn.com api.gannett-cdn.com	1 MB
15	desmoinesregister.com 2 redirects www.desmoinesregister.com eu.desmoinesregister.com user.desmoinesregister.com sp.desmoinesregister.com atoms.desmoinesregister.com	96 KB
9	cookielaw.org cdn.cookielaw.org	178 KB
6	abtasty.com try.abtasty.com dcinfos-cache.abtasty.com ariane.abtasty.com	48 KB
5	keywee.co 1 redirects cdn.keywee.co pixel.keywee.co	49 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
3	facebook.com www.facebook.com	432 B
3	facebook.net connect.facebook.net	191 KB
2	nr-data.net bam.nr-data.net	513 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	googleapis.com imasdk.googleapis.com	309 KB
2	polyfill.io cdn.polyfill.io	1 KB
2	onetrust.com geolocation.onetrust.com	644 B
2	hubspotlinks.com 1 redirects d11dxp04.na1.hubspotlinks.com	3 KB
1	2mdn.net s0.2mdn.net	17 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	adsafeprotected.com static.adsafeprotected.com	7 KB
1	parsely.com cdn.parsely.com	25 KB
1	summerhamster.com www.summerhamster.com	182 B
178	21

	Domain	Requested by
78	cpt-static.gannettdigital.com	eu.desmoinesregister.com d11dxp04.na1.hubspotlinks.com cpt-static.gannettdigital.com
12	images.taboola.com
12	www.gannett-cdn.com	eu.desmoinesregister.com cpt-static.gannettdigital.com
10	atoms.desmoinesregister.com	1 redirects cpt-static.gannettdigital.com eu.desmoinesregister.com atoms.desmoinesregister.com d11dxp04.na1.hubspotlinks.com
9	cdn.cookielaw.org	eu.desmoinesregister.com cdn.cookielaw.org
7	trc.taboola.com	eu.desmoinesregister.com
5	cdn.taboola.com	cpt-static.gannettdigital.com cdn.taboola.com
4	sb.scorecardresearch.com	1 redirects cdn.taboola.com eu.desmoinesregister.com
4	api.gannett-cdn.com	eu.desmoinesregister.com
4	cdn.keywee.co	1 redirects eu.desmoinesregister.com cdn.keywee.co
3	am-trc-events.taboola.com
3	www.facebook.com	eu.desmoinesregister.com
3	connect.facebook.net	cdn.keywee.co connect.facebook.net
3	ariane.abtasty.com	eu.desmoinesregister.com
2	bam.nr-data.net	js-agent.newrelic.com eu.desmoinesregister.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	dcinfos-cache.abtasty.com	eu.desmoinesregister.com
2	user.desmoinesregister.com	eu.desmoinesregister.com
2	imasdk.googleapis.com	eu.desmoinesregister.com imasdk.googleapis.com
2	cdn.polyfill.io	eu.desmoinesregister.com
2	geolocation.onetrust.com	eu.desmoinesregister.com cdn.cookielaw.org
2	d11dxp04.na1.hubspotlinks.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	js-agent.newrelic.com	eu.desmoinesregister.com
1	static.adsafeprotected.com	cpt-static.gannettdigital.com
1	pixel.keywee.co	eu.desmoinesregister.com
1	cdn.parsely.com	www.gannett-cdn.com
1	www.summerhamster.com	eu.desmoinesregister.com
1	sp.desmoinesregister.com	eu.desmoinesregister.com
1	try.abtasty.com	eu.desmoinesregister.com
1	eu.desmoinesregister.com	d11dxp04.na1.hubspotlinks.com
1	www.desmoinesregister.com	1 redirects
178	32

This site contains links to these domains. Also see Links.

Domain
www.desmoinesregister.com
classifieds.desmoinesregister.com
connect.desmoinesregister.com
www.registermedia.com
desmoinesregister.newspapers.com
puzzles.usatoday.com
profile.desmoinesregister.com
www.facebook.com
twitter.com
www.reuters.com
help.desmoinesregister.com
cm.desmoinesregister.com
instagram.com
www.pinterest.com

Subject Issuer	Validity	Valid
hubspotlinks.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
usatoday.com R3	`2021-08-12` - `2021-11-10`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
try.abtasty.com Amazon	`2021-07-27` - `2022-08-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.anyword.com Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
dcinfos-cache.abtasty.com R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
ariane.abtasty.com R3	`2021-08-29` - `2021-11-27`	3 months	crt.sh
sp.alamogordonews.com R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.summerhamster.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-18` - `2021-10-16`	3 months	crt.sh
pixel.keywee.co Sectigo ECC Domain Validation Secure Server CA	`2021-01-20` - `2022-02-19`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Frame ID: BF508D87359D1D7D4970F8E14F9757C0
Requests: 237 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CC7D896F8639AD77C70DB04E7270A406
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.484.0_en.html
Frame ID: 0CD4E378F7C5E48DA7E602B993C38906
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iowa grain cooperative recovering from cyberattack remains mum on ransom

Page URL History Show full URLs

https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc3... Page URL
https://d11dxp04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW... HTTP 307
https://www.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberat... HTTP 302
https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberat... Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

^https?://cdn\.polyfill\.io/

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

178
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

32
Subdomains

25
IPs

3
Countries

2927 kB
Transfer

8667 kB
Size

19
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.desmoinesregister.com/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://classifieds.desmoinesregister.com/
Title: Marketplace

Search URL Search Domain Scan URL

URL: https://connect.desmoinesregister.com/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.desmoinesregister.com/enewspaper
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://www.registermedia.com/
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://desmoinesregister.newspapers.com/
Title: Archives

Search URL Search Domain Scan URL

URL: https://puzzles.usatoday.com/
Title: Crosswords

Search URL Search Domain Scan URL

URL: https://profile.desmoinesregister.com/newsletters/manage/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=169766623060429&redirect_uri=https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/&link=https://www.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/&name=Iowa%20grain%20cooperative%20says%20it%27s%20working%20to%20restore%20automated%20operations%2C%20but%20remains%20silent%20on%20cyberattack%20ransom
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Iowa%20grain%20cooperative%20says%20it%27s%20working%20to%20restore%20automated%20operations%2C%20but%20remains%20silent%20on%20cyberattack%20ransom%20https://www.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/%20via%20@DMRegister
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.desmoinesregister.com/staff/2647975001/donnelle-eller/
Title: Donnelle Eller

Search URL Search Domain Scan URL

URL: https://www.desmoinesregister.com/story/money/agriculture/2021/09/21/why-blackmatter-hackers-targeted-iowa-grain-cooperative-ransomware-attack/5802000001/
Title: the ransomware group BlackMatter's demand for $5.9 million

Search URL Search Domain Scan URL

URL: https://www.reuters.com/technology/minnesota-grain-handler-targeted-ransomware-attack-2021-09-23/
Title: urged cooperatives last month

Search URL Search Domain Scan URL

URL: https://www.desmoinesregister.com/story/money/business/2021/09/24/new-carbon-capture-pipeline-iowa-farmers-fought-dakota-access-battle-again-eminent-domain/8317507002/
Title: Some Iowa farmers who fought Dakota Access are in the path of world's largest carbon capture pipeline

Search URL Search Domain Scan URL

URL: https://www.desmoinesregister.com/story/money/2021/05/13/colonial-pipeline-gas-shortages-ransom-cyberattack/5075311001/
Title: attacked earlier this year,

Search URL Search Domain Scan URL

URL: https://help.desmoinesregister.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://cm.desmoinesregister.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.desmoinesregister.com/privacy-policy/
Title: Your California Privacy Rights/Privacy Policy

Search URL Search Domain Scan URL

URL: https://cm.desmoinesregister.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.desmoinesregister.com/sitemap/
Title: Site Map

Search URL Search Domain Scan URL

URL: http://cm.desmoinesregister.com/accessibility/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://cm.desmoinesregister.com/ethical-conduct/
Title: Our Ethical Principles

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DesMoinesRegister

Search URL Search Domain Scan URL

URL: https://twitter.com/DMRegister

Search URL Search Domain Scan URL

URL: http://instagram.com/dmregister

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/dmregister/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1 Page URL
https://d11dxp04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1?_ud=6a6140d2-caaf-48e4-b0fb-c9b15df9560d&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://www.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/?utm_campaign=2021%20Brand%20Awareness&utm_medium=email&_hsmi=168463925&_hsenc=p2ANqtz-_WjHzmZNVVGOmngUvebd9251m2O0xpax81rvno5mIbUYEKZrwWbmzWVqVEwKdEQpapjiOrJ-7WYU11H6nisx32E50ZQn0Z96sI1fuhuBXysqfkiBU&utm_content=168463925&utm_source=hs_email HTTP 302
https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cdn.keywee.co/dist/analytics.min.js HTTP 301
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

Request Chain 108

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1633702303568&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633702303568&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&c9=

Request Chain 116

https://atoms.desmoinesregister.com/atoms-configs/prod/dist/uw/PDEM/(null)/journey.json HTTP 302
https://atoms.desmoinesregister.com/atoms-configs/prod/dist/uw/pdem/control/journey.json?originalSegment=(null)

178 HTTP transactions
61 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37...
d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/ 10 KB
3 KB 443ms
418ms Document
text/html 104.18.31.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.31.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: d11dxp04.na1.hubspotlinks.com
:scheme: https
:path: /Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: Accept-Encoding
x-hubspot-correlation-id: a24d41ec-7ef6-423e-af49-a5c1d94dec1d
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69aff5bb5e2f2175-DUS
content-encoding: br

GET
H2

200

Primary Request / Show response
eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Redirect Chain

https://d11dxp04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_...
https://www.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/?utm_campaign=2021%20Brand%20Awareness&utm_medium=em...
https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

172 KB
46 KB

17ms
7ms

Document
text/html

151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Requested by

Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

669a45b4165bb5c155e16b7e5656bdc8a05ce60062c9a8dabe3d9e3869eb75a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

:method: GET
:authority: eu.desmoinesregister.com
:scheme: https
:path: /story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: gnt_eid=(null)
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1

Response headers

server: nginx/1.15.2
content-type: text/html; charset=utf-8
x-content-access-type: Metered
x-content-key: 6007123001
x-content-restricted-url: /restricted/?return=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F
x-meter-enabled: Yes
x-meter-limit-url: /get-access/?return=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F
x-meter-registered-threshold: 5
x-meter-threshold: 5
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-robots-tag: noindex, nofollow
gannett-debug-path: region: east ---> region: east
gannett-debug-path-full: restarts: 0 ttl: 31536000.000 shield: false server: cache-hhn4080-HHN path: region: west >>>> restarts: 0 ttl: 31536000.000 shield: true server: cache-fra19155-FRA path: region: east ---> region: east
accept-ranges: bytes
date: Fri, 08 Oct 2021 14:11:42 GMT
age: 175514
set-cookie: gnt_eu=true; domain=.desmoinesregister.com; path=/; expires=Fri, 08 Oct 2021 20:11:42 GMT;
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=600
x-served-by: cache-fra19153-FRA, cache-hhn4023-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1633702303.881947,VS0,VE1
content-length: 46453

Redirect headers

retry-after: 0
location: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
cache-control: max-age=300
accept-ranges: bytes
date: Fri, 08 Oct 2021 14:11:42 GMT
set-cookie: gnt_eid=(null); domain=.desmoinesregister.com; path=/; secure; samesite=lax; max-age=5184000;
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000;includeSubDomains;preload
x-cache: HIT
vary: User-Agent
content-length: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 53ms
28ms Script
text/javascript 104.20.185.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60756645bbed6ad3cc3e8be0a057dff15132f22b5b60cbe14e48250980043653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 69aff5c15a3ffaee-DUS

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 41ms
18ms Script
application/javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BC5xsXKGgJbQbCzkLNvwBQ==
age: 5340051
vary: Accept-Encoding
content-length: 6328
x-ms-lease-status: unlocked
last-modified: Wed, 04 Aug 2021 01:49:58 GMT
server: cloudflare
etag: 0x8D956EA2A6E73F4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b8d637e9-f01e-012a-80bd-8bebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c15e1cfae5-DUS

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 23 KB
6 KB 50ms
27ms Script
application/javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vK1pqwR5vAdncTOZa1Txzw==
age: 5340049
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 08:52:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bb51bcfd-c01e-000f-7abd-8b3510000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 69aff5c15e1ffae5-DUS

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ 505 B
744 B 31ms
8ms Script
text/javascript 151.101.129.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

846d6342d8f911d417bfe3fb9fb865d8d5f4865b304f33b29caa6c760d06417e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1942236
detected-user-agent: Chrome/93.0.4577
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 257
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Sep 2021 13:37:31 GMT
date: Fri, 08 Oct 2021 14:11:42 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 gallium.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 11 KB
4 KB 24ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f16dbe23bd8fbde489ab6a9dd3cea0a923de345292054587b8304e675b8cd8bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
age: 36237
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3450
x-served-by: cache-bwi5149-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.931308,VS0,VE1
etag: "9d4cfa8b4479f0101a58ee3de131cec1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 custom-elements-es5-adapter.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 938 B
815 B 8ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/custom-elements-es5-adapter.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
age: 137641
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 493
x-served-by: cache-bwi5126-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.915268,VS0,VE1
etag: "8af5f1900788253d8384715a01425ab7"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 story.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/ 478 KB
114 KB 25ms
8ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5016b1dba1d21a7f05a7e3d17a9c4b0b43222056c729c6c653df72377f400ef4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
age: 35109
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 116618
x-served-by: cache-bwi5167-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.931461,VS0,VE1
etag: "b3a53c7fb6664bf1ca06357a266ef755"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 afcffa4bef1e76dbaeaf2ca06f3e2c27.js Show response
try.abtasty.com/ 180 KB
46 KB 54ms
7ms Script
application/javascript 13.224.193.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/afcffa4bef1e76dbaeaf2ca06f3e2c27.js
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-83.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: f73a3c59251f307e963453ffc6dbb715025a2642e0ddbb14eff98f0320e8b995

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 05:38:42 GMT
content-encoding: gzip
last-modified: Thu, 05 Nov 2020 21:38:14 GMT
server: CloudFront
age: 32572
etag: W/"c7067c529423518f2804e8ebb043db0f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
cache-control: s-maxage=86400,max-age=30
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ybzilS6i1-Qem1KaQOWNlrL7IhE8Y8zRpZEbmrk3jiScC9vzEOP-6w==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 349 KB
120 KB 2132ms
2082ms Script
text/javascript 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

58f5cc90322a4e8b5eca28354006d80483685dfd55622c442aba2c4a2b3f00ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122199
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 08 Oct 2021 14:11:45 GMT

GET
H2 200 dfe68c75-8331-4bc5-89d4-b6eb78b3c521_poster.jpg
www.gannett-cdn.com/authoring/video-thumbnails/ 132 KB
133 KB 14ms
8ms Image
image/webp 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/authoring/video-thumbnails/dfe68c75-8331-4bc5-89d4-b6eb78b3c521_poster.jpg
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 538f323e6385179ce2f6bb76f3df4e1bbeb5564131685997e539d8c06754f88d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=77Y8Mw==, md5=ry9NRyWxo6l3D0jrflcblw==
date: Fri, 08 Oct 2021 14:11:42 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1431284
x-guploader-uploadid: ADPycduLL2Hs1PhzDRVr2YbII9j8jWp7ronEztLnF-c2qRooe8EqC43p8ydlyuuVZB2XLcOcIApMNE23RM8Dgui2Kqqf6uThog
x-cache: HIT, HIT
fastly-io-info: ifsz=192615 idim=1920x1080 ifmt=jpeg ofsz=135402 odim=1920x1080 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 135402
x-served-by: cache-bwi5182-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702303.988050,VS0,VE1
etag: "AeDzcxanEAfqTjJSKU/5/htCLcEM9HPYOgfruaMRROo"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 00:36:58 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 icon-play-alt-white.svg
www.gannett-cdn.com/appservices/universal-web/universal/icons/ 943 B
1 KB 13ms
6ms Image
image/svg+xml 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/appservices/universal-web/universal/icons/icon-play-alt-white.svg

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

de90e56c63d2b963ccc54a00aba3ce82287605c37544a2a43b5a5f2fea65570c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=BLfURQ==, md5=6UQEjlFPSroJlLmM/zPgEg==
x-amz-meta-goog-reserved-posix-uid: 1001
content-encoding: gzip
etag: "e944048e514f4aba0994b98cff33e012"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 4085242
x-amz-meta-goog-reserved-file-mtime: 1491597132
x-amz-meta-goog-reserved-posix-mode: 775
x-guploader-uploadid: ADPycdvO-prH_ZUVaV_Tjrxi-kyy1KuIfZ6Aln8xl6PRRIpbCbtJTjJPpbLcx4sf_ERnpKte-6cfVI3XDtHY35ogN8Uk-s86rQ
x-cache: HIT, HIT
x-goog-storage-class: NEARLINE
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
content-length: 418
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5183-BWI, cache-hhn4023-HHN
x-amz-meta-goog-reserved-file-atime: 1498140858
last-modified: Thu, 22 Jun 2017 14:22:15 GMT
server: UploadServer
x-timer: S1633702303.987958,VS0,VE0
date: Fri, 08 Oct 2021 14:11:42 GMT
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-goog-reserved-posix-gid: 1003
expires: Sun, 22 Aug 2021 07:24:21 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1656

GET
H2 200 icon-instagram_24.png
www.gannett-cdn.com/appservices/universal-web/universal/icons/ 1 KB
2 KB 13ms
7ms Image
image/webp 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/appservices/universal-web/universal/icons/icon-instagram_24.png
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ee14ab9c91eaa98c77adab568df55da8db6fe9aa701e9a869506c3732cea15e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7Zl2A==, md5=jsIx6sz1jM5jkVlnRj//9g==
x-amz-meta-goog-reserved-posix-uid: 1001
via: 1.1 varnish, 1.1 varnish
etag: "/L0xKU3vkCKirp9KYAZTZpu24jIFXk7C60eR67+OxAk"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 4085350
x-amz-meta-goog-reserved-file-mtime: 1488574391
x-guploader-uploadid: ADPycdseQDrTZYtRHVIAr-kDb32bl0EBPa6GTQSht39uh5cDT0EHNQWKEk8EpiV2vEiPHfw796WTtndx1E8RT11lN33tEcDyzw
x-cache: HIT, HIT
fastly-io-info: ifsz=1483 idim=24x24 ifmt=png ofsz=1282 odim=24x24 ofmt=webp
x-goog-storage-class: NEARLINE
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
fastly-stats: io=1
content-length: 1282
x-served-by: cache-bwi5168-BWI, cache-hhn4023-HHN
x-amz-meta-goog-reserved-file-atime: 1498140858
x-amz-meta-goog-reserved-posix-mode: 775
server: UploadServer
x-timer: S1633702303.987822,VS0,VE0
date: Fri, 08 Oct 2021 14:11:42 GMT
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-goog-reserved-posix-gid: 1003
expires: Sun, 22 Aug 2021 07:22:33 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2887

GET
H2 200 45e29b99-6e34-4a9d-ab94-5c6d56bfac9e.json Show response
cdn.cookielaw.org/consent/45e29b99-6e34-4a9d-ab94-5c6d56bfac9e/ 4 KB
2 KB 52ms
32ms XHR
application/x-javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/45e29b99-6e34-4a9d-ab94-5c6d56bfac9e/45e29b99-6e34-4a9d-ab94-5c6d56bfac9e.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af84b32f2682675dbd41d3a3e3418db9f0b1232d2fbba0ad87c399f792e124f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: PCRedZiSr9JCli/KaXtIhQ==
vary: Accept-Encoding
content-length: 1592
x-ms-lease-status: unlocked
last-modified: Wed, 29 Sep 2021 09:32:51 GMT
server: cloudflare
etag: 0x8D9832C1BE609BB
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2237859f-d01e-005f-1a21-b52a18000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c1bd37c49f-DUS

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 191 B
246 B 31ms
31ms Script
text/javascript 104.20.185.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.185.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d1f220e6b2184a1d55b715797a89377333709de7bf7c8ab12dbef2fec50faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 69aff5c1aaccfaee-DUS

GET
H2 200 webcomponents-loader.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 4 KB
2 KB 8ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
age: 702550
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1524
x-served-by: cache-bwi5163-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.982680,VS0,VE1
etag: "596ad3dc06dfb78ecdc6bcee1d653f04"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 17 KB
18 KB 7ms
7ms Font
binary/octet-stream 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
via: 1.1 varnish, 1.1 varnish
age: 22653
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17876
x-served-by: cache-bwi5168-BWI, cache-hhn4073-HHN
server: AmazonS3
x-timer: S1633702303.983306,VS0,VE1
etag: "eec61fc37ea7dff16e6503e33ab66949"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polyfill.js
cdn.polyfill.io/v2/ 505 B
328 B 7ms
5ms Other
text/javascript 151.101.129.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=default,fetch,Array.prototype.find,IntersectionObserver,IntersectionObserverEntry,Intl,Intl.~locale.en-US

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

846d6342d8f911d417bfe3fb9fb865d8d5f4865b304f33b29caa6c760d06417e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 1942236
detected-user-agent: Chrome/93.0.4577
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 257
referrer-policy: origin-when-cross-origin
last-modified: Wed, 15 Sep 2021 13:37:31 GMT
date: Fri, 08 Oct 2021 14:11:42 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/93.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 partner.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 66 KB
15 KB 10ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/partner.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

039462e6ea98c38105a76cc4d911029da12a6adaa5802f3ef28ec9cc7b062c5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
age: 36236
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 15031
x-served-by: cache-bwi5134-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.995739,VS0,VE1
etag: "acbfb9e3a5f15c8d2a8a38a8e152fee9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 utils.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/ 17 KB
5 KB 10ms
8ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b2b6340e3e36ff6d0423b24c8e16528485ce9cb3aeafb1c9c594da12aa7f0113

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/gallium.js
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:42 GMT
content-encoding: gzip
age: 36236
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4615
x-served-by: cache-bwi5149-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.995860,VS0,VE1
etag: "fc5b821f08e27b84c7700f39d1fca976"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/desmoinesregister/logos-and-branding/ 10 KB
3 KB 8ms
7ms Image
image/svg+xml 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/desmoinesregister/logos-and-branding/logo-default.svg

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

94c78b879e0dd3fabf50b65f350c6b4f1b9e903b9995a1969aa85b570cf8e05f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=nVrYDg==, md5=mEyR/ago19NH3omGP662aA==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3737855
x-amz-meta-goog-reserved-file-mtime: 1521733027
x-guploader-uploadid: ADPycdtyxkcG1wPBK29RDjY_TP6o2yflSIDNlklJyPlOfd2HfKazsaK1MYGUpC9P35Z6yvqU6V8hbZF6XcXVFkHO1WzvyxORvw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 2891
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5173-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
last-modified: Mon, 18 Feb 2019 22:02:18 GMT
server: UploadServer
x-timer: S1633702303.013640,VS0,VE1
etag: "984c91fda828d7d347de89863faeb668"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Thu, 26 Aug 2021 07:54:07 GMT
cache-control: max-age=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 UnifySans_W_Bd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 18 KB
18 KB 7ms
6ms Font
binary/octet-stream 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Bd.woff2

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 22653
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17984
x-served-by: cache-bwi5149-BWI, cache-hhn4073-HHN
server: AmazonS3
x-timer: S1633702303.016079,VS0,VE0
etag: "79f7fee52a3077ef23d7fb327d25836a"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 2

GET
H2 200 UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 16 KB
16 KB 7ms
7ms Font
binary/octet-stream 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 22653
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 16620
x-served-by: cache-bwi5174-BWI, cache-hhn4073-HHN
server: AmazonS3
x-timer: S1633702303.016239,VS0,VE1
etag: "3813aba0274244941c060a0cba29c5a2"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 UnifySerif_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 20 KB
20 KB 8ms
7ms Font
binary/octet-stream 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySerif_W_Rg.woff2

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 22842
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 20664
x-served-by: cache-bwi5179-BWI, cache-hhn4073-HHN
server: AmazonS3
x-timer: S1633702303.027997,VS0,VE1
etag: "b7f3cbc37e81dca80a0ddc3a6da81245"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 UnifySerif_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 20 KB
21 KB 8ms
7ms Font
binary/octet-stream 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySerif_W_SBd.woff2

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a894750a0d7f13755770ebda4cd08d29327207a2a3ff714525cbf6627009590b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 35108
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 20764
x-served-by: cache-bwi5173-BWI, cache-hhn4073-HHN
server: AmazonS3
x-timer: S1633702303.044326,VS0,VE1
etag: "1f36047001b5ac137b1c3e3c25f53b79"
vary: Origin
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 18ms
18ms Script
application/javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 2016812
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Mon, 13 Sep 2021 02:46:47 GMT
server: cloudflare
etag: 0x8D97660BAC2AEE4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7f929448-b01e-0044-68f0-a9048a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c23fa4fae5-DUS
expires: Sat, 16 Oct 2021 14:11:43 GMT

GET
H2 200 webcomponents-hi.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/ 11 KB
4 KB 8ms
8ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 702550
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3650
x-served-by: cache-bwi5136-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.070326,VS0,VE1
etag: "2e02d950c1c199919a375acfd1fbc108"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2

200

analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/
Redirect Chain

https://cdn.keywee.co/dist/analytics.min.js
https://cdn.keywee.co/dist/analytics-1.5.12.min.js

22 KB
23 KB

8ms
8ms

Script
application/javascript

13.224.193.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 19:41:10 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
age: 169836
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-pop: FRA2-C1
content-length: 22739
x-amz-cf-id: h5c0psMLLdAL0h4rXsCardvHJlUURVKc0T3HJP-_MVxhXM-kv9IF9w==

Redirect headers

date: Fri, 08 Oct 2021 07:56:19 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
server: AmazonS3
age: 22525
x-cache: RefreshHit from cloudfront
location: /dist/analytics-1.5.12.min.js
x-amz-cf-pop: FRA2-C1
content-length: 0
x-amz-cf-id: G9Fd2EkGi-n7mCE3sl6arD_3xijRsfVoFwTx2OyLoI-zQnURpS93IA==

GET
H2 200 10 Show response
api.gannett-cdn.com/thorium/popular/PDEM/ 17 KB
4 KB 9ms
8ms Fetch
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/PDEM/10?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&searchtype=socialReferrals

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

deda65f2c2d923079263d3387f9472fa7fd9d0661f8bf40a601a817dcad0acad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 364
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 3763
x-served-by: cache-bwi5076-BWI, cache-bwi5181-BWI, cache-hhn4073-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-dfc4969c4270359fd1795546725b6d2d
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1633702303.105907,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 3, 1

GET
H2 200 / Show response
api.gannett-cdn.com/argon/navigation/3817/top_nav_primary/ 7 KB
2 KB 9ms
9ms Fetch
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/argon/navigation/3817/top_nav_primary/?apiKey=f6YYPA1hPnB9Y9chky5GOmrZKmaguLVh

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

ab37b352053e31600411e412fce0cfdd9174a82159875c6b1f8934f8e758db0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 976
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 1586
x-served-by: cache-bwi5020-BWI, cache-bwi5175-BWI, cache-hhn4073-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-dfc4969c4270359fd1795546725b6d2d
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1633702303.106035,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 5 Show response
api.gannett-cdn.com/thorium/popular/PDEM/ 3 KB
1 KB 7ms
7ms Fetch
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/popular/PDEM/5?searchtype=pageViews&ssts=money%2Fagriculture&apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

f8c64a0c120ee6693befc2053965b39c86ac91f65b0448197ebea09e67678321

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 358
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 1057
x-served-by: cache-bwi5046-BWI, cache-bwi5163-BWI, cache-hhn4073-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-dfc4969c4270359fd1795546725b6d2d
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
x-timer: S1633702303.110357,VS0,VE1
fam-ttl: 120.000
x-cache-hits: 0, 1, 1

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 131 KB
41 KB 7ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c7b4a150637e3339cf7665c1f405fa244241de4e123584637a831ed477c5e6e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=/9jvJw==, md5=vb1iRGSjhGcWhpH/21GV9A==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 158
x-amz-meta-goog-reserved-file-mtime: 1633452127
x-guploader-uploadid: ADPycdvrDMUp26MomtVqkDYp67bYVKr1dMuiRVrhPQDvTEjDpRWcD1w_N17nZ-bZOXnLoOV-bFI2vU-saBqXGbW2wBw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 41762
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5125-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
last-modified: Tue, 05 Oct 2021 16:42:31 GMT
server: UploadServer
x-timer: S1633702303.118256,VS0,VE0
etag: "bdbd624464a38467168691ffdb5195f4"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 08 Oct 2021 12:19:02 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 4

GET
H2 200 / Show response
user.desmoinesregister.com/PDEM-GUP/user/ 680 B
1 KB 134ms
128ms Fetch
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://user.desmoinesregister.com/PDEM-GUP/user/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

80a2258536b7794f4094148f91bf454314ce0e325f6ea8d371bfab439d99623c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
via: 1.1 varnish
x-content-type-options: nosniff
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
x-cache-hits: 0
content-length: 680
x-served-by: cache-hhn4023-HHN
referrer-policy: same-origin
server: nginx
x-frame-options: DENY
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: https://eu.desmoinesregister.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 08 Oct 2021 14:11:43 GMT

GET
H2 200 / Show response
api.gannett-cdn.com/thorium/breaking-news/ 56 B
236 B 8ms
7ms Fetch
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gannett-cdn.com/thorium/breaking-news/?apiKey=TGgXAxAcR3ktiGl6cRsHSGsLS6ySi6yz&site-code=PDEM

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.15.2 /

Resource Hash

380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 323
x-cache: MISS, HIT, HIT
access-control-max-age: 3628800
content-encoding: gzip
content-length: 65
x-served-by: cache-bwi5077-BWI, cache-bwi5152-BWI, cache-hhn4073-HHN
access-control-allow-headers: Origin, Content-Type
server: nginx/1.15.2
vcl_data: 5jy3cmThFRbRJtLjNvaUEi.198_0-dfc4969c4270359fd1795546725b6d2d
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: accept-encoding,Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
x-timer: S1633702303.126240,VS0,VE1
fam-ttl: 300.000
x-cache-hits: 0, 2, 1

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/gannett-network/ 1 MB
93 KB 36ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/bundles/story.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b6018f1b931dba69e08d59fa9ec94d231f73005cf3f646bc6f29457ec4f3274

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: LgXAn9Z_EpJCgqae98lX.OQYaY37naDI
content-encoding: gzip
etag: "156d4fee381db8cf79e72cb89157fdcb"
age: 105
x-cache: HIT
content-length: 94606
x-amz-id-2: DGGbDLlNCml30IdxAqns04UZw0O8zxXwEDlQdvZJG7iqOjaLHN4ge4bDk8sy8D47/7vwDH0f10A=
x-served-by: cache-hhn4072-HHN
last-modified: Thu, 07 Oct 2021 09:10:59 GMT
server: AmazonS3
x-timer: S1633702303.175277,VS0,VE1
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding
x-amz-request-id: 0XJ993EEJGPYW7M2
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 86
x-cache-hits: 1

GET
H2 200 72abff80-58f3-423e-afa6-0f534ca6e428-1017_harvest-colors_00006.JPG
www.gannett-cdn.com/presto/2018/10/17/PDEM/ 389 KB
390 KB 19ms
18ms Image
image/webp 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2018/10/17/PDEM/72abff80-58f3-423e-afa6-0f534ca6e428-1017_harvest-colors_00006.JPG?width=2560
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27d8d5c2481a7e5b18cfb56ffaae9a9060bd4e386676bb96aa99f7d27828ba4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=3d79hw==, md5=/uSYvvy957NZpzbQdmtYlg==
date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 774909
x-guploader-uploadid: ADPycdv5r6LoZB2XcpC_lzKon747rZ0eekEKXNS5gfw8b7Amd5EO0xX03QBMHkhOgMjGf5XEl4cFmfrLn30JVcane-FnyUT0dQ
x-cache: HIT, HIT
fastly-io-info: ifsz=2255274 idim=4922x2811 ifmt=jpeg ofsz=398738 odim=2560x1462 ofmt=webp
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 398738
x-served-by: cache-bwi5151-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702303.151031,VS0,VE2
etag: "5Wtg915g6KRTiG2tm5RGhTohUl+M17zcs6xkey+bnbQ"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 29 Sep 2021 14:56:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 2aac0250-e4b8-4455-804c-db486de402d5-1017_harvest-colors_00007.JPG
www.gannett-cdn.com/presto/2018/10/17/PDEM/ 260 KB
260 KB 8ms
8ms Image
image/webp 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2018/10/17/PDEM/2aac0250-e4b8-4455-804c-db486de402d5-1017_harvest-colors_00007.JPG?width=2560
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ebb30e6ee04e954391c5fce3321d205935fee47a5fe84626e871de4779876e14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=FX/j6A==, md5=430MeFnkcfNWyGuqPByq4A==
date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1301052
x-guploader-uploadid: ADPycduABXkerTBasaZjqatys1HUlAXFl56M2TjE1lBnrcDkFaYSYnDZtFY0jEYG9GmfufWrjwif7ODeIV3i4RMeBHHf8Z4Mnw
x-cache: HIT, HIT
fastly-io-info: ifsz=764256 idim=3500x2043 ifmt=jpeg ofsz=266062 odim=2560x1494 ofmt=webp
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 266062
x-served-by: cache-bwi5139-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702303.151165,VS0,VE1
etag: "iBMGMNZVgB+fiTzMuYLdAEC16h24jq0uEWnyZo/hGjQ"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 23 Sep 2021 12:47:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

POST
H2 200 geoip Show response
dcinfos-cache.abtasty.com/v1/ 499 B
421 B 59ms
30ms Fetch
application/json 34.107.143.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/geoip

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

Resource Hash

ea2bcf5701d87d34f0a156017a0c4464952c7bb21b03997c17b6e9283b459517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 0
x-cache: miss uncacheable
x-retry: 0
grpc-metadata-content-type: application/grpc
alt-svc: clear
content-length: 299
grpc-metadata-grpc-accept-encoding: gzip
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
cache-control: private
accept-ranges: bytes

POST
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 118 B
361 B 52ms
24ms Fetch
application/json 34.107.143.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

Resource Hash

89e8c7062fe9ea6578c0854ded9bd9914046cc6bbf7ae76ae67d001484630440

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Oct 2021 14:10:34 GMT
content-encoding: gzip
age: 68
x-cache: hit cached
x-retry: 0
grpc-metadata-content-type: application/grpc
alt-svc: clear
content-length: 111
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
cache-control: max-age=120, public
accept-ranges: bytes
expires: Fri, 08 Oct 2021 14:12:34 GMT

POST
H2 200 / Show response
ariane.abtasty.com/ 43 B
342 B 55ms
23ms Fetch
image/gif 34.102.161.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Fri, 08 Oct 2021 14:11:43 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://eu.desmoinesregister.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

GET
H2 200 get_site_js Show response
sp.desmoinesregister.com/mms/ 972 B
1 KB 49ms
7ms XHR
application/javascript 18.195.43.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.desmoinesregister.com/mms/get_site_js?v=1&account_id=308&abp=false&referrer=&session_referrer=&session_message_count=1&jv=2.0.1110&cdc=window._sp_.msg._internal.cdc1&href=https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.195.43.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-195-43-183.eu-central-1.compute.amazonaws.com

Software

Jetty(9.4.2.v20170220) /

Resource Hash

b61583a6667f9ec6bad0cd4b6910b6c02ce4864898c9f96c089f9f495df22079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 14:11:43 GMT
x-sp-mms-node: ip-10-128-32-117
server: Jetty(9.4.2.v20170220)
strict-transport-security: max-age=15552000; includeSubdomains
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://eu.desmoinesregister.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-sp-mms-env: 1
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/45e29b99-6e34-4a9d-ab94-5c6d56bfac9e/2a0c61d2-1191-420c-a4e2-c1b469d21a35/ 170 KB
29 KB 29ms
29ms Fetch
application/x-javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/45e29b99-6e34-4a9d-ab94-5c6d56bfac9e/2a0c61d2-1191-420c-a4e2-c1b469d21a35/en.json

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292d3967cfc2aaad496dcefe2e99d2e644bf19ca001674164b4b1ceb88003206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 46KFwuF+WqP9TwEBJ+d0Ng==
vary: Accept-Encoding
content-length: 29598
x-ms-lease-status: unlocked
last-modified: Wed, 29 Sep 2021 09:34:26 GMT
server: cloudflare
etag: 0x8D9832C53F603DF
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 81af69e4-f01e-0147-5d22-b541d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c35876c49f-DUS

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 258 KB
36 KB 18ms
18ms Fetch
application/x-javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccb18ad16f68562f5a296fab2c167544182186ad8db167dbc45eaae16865a102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: nRO9sMiSClkozj9lOIG1eA==
age: 5339924
vary: Accept-Encoding
content-length: 36545
x-ms-lease-status: unlocked
last-modified: Sat, 07 Aug 2021 13:00:05 GMT
server: cloudflare
etag: 0x8D959A34729F806
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f1ec99cf-d01e-0032-41bd-8b8036000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c3587bc49f-DUS

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 68 KB
15 KB 16ms
16ms Script
application/javascript 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YWYJyC7v39x7IuEj8ZuoGA==
age: 1570454
vary: Accept-Encoding
content-length: 14952
x-ms-lease-status: unlocked
last-modified: Mon, 13 Sep 2021 02:46:49 GMT
server: cloudflare
etag: 0x8D97660BBE25C09
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c8d3a0fe-a01e-0154-5805-ae7439000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c359abfae5-DUS
expires: Sat, 16 Oct 2021 14:11:43 GMT

GET
H2 200 universal.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/ 25 KB
6 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/universal.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

796aa828e35628a03ccbd1585f5b579d365d33cb24e95567d4bc43c79fa6f63a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5507
x-served-by: cache-bwi5171-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.260679,VS0,VE1
etag: "f0dca25501354da3db6cb5a69bee8ab3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
717 B 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 566
x-served-by: cache-bwi5128-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.261040,VS0,VE1
etag: "59e5636d674dc205ed0f95606d4ad938"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 story-emphasis.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/story/story-emphasis/ 5 KB
2 KB 8ms
8ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/story/story-emphasis/story-emphasis.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0767e2ab2440f261df5380fa8e42627d602bc78be339b8dbebfc436cc60e139d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 700767
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1689
x-served-by: cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.261507,VS0,VE1
etag: "83ade60c22cfa7e210560ad73d9d3654"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 61 KB
16 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8eb0f44b72ffada10a3d8ed5cf63b711671a5f637efd4536b1df740b3d54aec4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 703744
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 16446
x-served-by: cache-bwi5149-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.261638,VS0,VE1
etag: "738bd9cc2cf9498a9b8143c401677106"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 420.js Show response
cdn.keywee.co/config/ 215 B
546 B 15ms
14ms Script
application/javascript 13.224.193.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/420.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 803f4ef9c766e43bd1d8ff0978e9cf5cbab24d80989c627badeea3e2325c3aa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified: Fri, 25 Jan 2019 18:09:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "5628b4e0991836910ac356d736139219"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 215
x-amz-cf-id: tZbXFY3NRa7bdwDiMnEKtdnD0YdTFTGuB-GIradAoEGIuZBuU_mZoQ==

GET
H2 200 4b89a93d-9c35-43a3-b82c-7b664d3ed628-0928-Algona-004.JPG
www.gannett-cdn.com/presto/2021/09/29/PDEM/ 8 KB
9 KB 9ms
8ms Image
image/jpeg 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2021/09/29/PDEM/4b89a93d-9c35-43a3-b82c-7b664d3ed628-0928-Algona-004.JPG?crop=2999,1687,x0,y0&width=448&height=252&quality=50
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c5f600809257ac740a49f6c0ae29d8b670ceaed5334566c31b99aa2304c3004e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=mBU2Hw==, md5=2XY0TWI1zlhPBkk+6h3lyA==
date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 763270
x-guploader-uploadid: ADPycdsxJMfJFZHxFHTILqxmtJT-D4CshTZuU719aHRPMQXlZUbrEEu0XYLu6MxxqCsahB5uMgkath3h_YiXb4DPaZjsJrCvhw
x-cache: HIT, HIT
fastly-io-info: ifsz=732285 idim=3000x2000 ifmt=jpeg ofsz=8650 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 8650
x-served-by: cache-bwi5171-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702303.282865,VS0,VE1
etag: "o/hjgt0RFX3eL3517H4qRmdLunBH4x/EkGqP1J6ZKVA"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 29 Sep 2021 18:10:32 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 72abff80-58f3-423e-afa6-0f534ca6e428-1017_harvest-colors_00006.JPG
www.gannett-cdn.com/presto/2018/10/17/PDEM/ 11 KB
11 KB 9ms
9ms Image
image/jpeg 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/presto/2018/10/17/PDEM/72abff80-58f3-423e-afa6-0f534ca6e428-1017_harvest-colors_00006.JPG?crop=4921,2753,x0,y0&width=448&height=252&quality=50
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b9979acdf6a0c20788a1fc868e1ddda082bc06eba32a9fa2eb0a0110c3f259c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=3d79hw==, md5=/uSYvvy957NZpzbQdmtYlg==
date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 774911
x-guploader-uploadid: ADPycdv5r6LoZB2XcpC_lzKon747rZ0eekEKXNS5gfw8b7Amd5EO0xX03QBMHkhOgMjGf5XEl4cFmfrLn30JVcane-FnyUT0dQ
x-cache: HIT, HIT
fastly-io-info: ifsz=2255274 idim=4922x2811 ifmt=jpeg ofsz=10946 odim=448x252 ofmt=jpeg
x-goog-storage-class: NEARLINE
fastly-stats: io=1
content-length: 10946
x-served-by: cache-bwi5160-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702303.283031,VS0,VE1
etag: "0fukU8k3CBUoRF9Nqk2ddf+G9pAIdsQ+raAc/Gc8mPY"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 29 Sep 2021 14:56:31 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 PDEM-TEALIUM-UW.json Show response
www.gannett-cdn.com/dcc/prod/ 53 KB
7 KB 8ms
7ms XHR
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/PDEM-TEALIUM-UW.json

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

80ed13e95ea2c1db7dfd4b45c82e1fadd25699d8a953464083737b59a5e6a192

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VCmCUg==, md5=DlmSXo2KlXw+APYdo4uSdg==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 293
x-amz-meta-goog-reserved-file-mtime: 1633099975
x-guploader-uploadid: ADPycduD7GPciU3waq7QALcyMZ7igPMl_s-jDt13iESnUYkRNQzo71FtH93uhyXFb401mvJJ6fZuVawkr1laeTZGRkg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 6717
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5145-BWI, cache-hhn4073-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
last-modified: Fri, 01 Oct 2021 15:10:15 GMT
server: UploadServer
x-timer: S1633702303.299409,VS0,VE1
etag: "0e59925e8d8a957c3e00f61da38b9276"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
expires: Tue, 05 Oct 2021 02:51:35 GMT
cache-control: max-age=300
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 custom-style.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 5 KB
2 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/custom-style.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2149
x-served-by: cache-bwi5125-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.302864,VS0,VE1
etag: "fcbc04a6dd50b1732b8fc9eb59e7a0af"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 legacy-element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 37 KB
9 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/legacy-element-mixin.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9579
x-served-by: cache-bwi5163-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.304121,VS0,VE1
etag: "e182a618aa069c09654ed09ef890b38f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer-fn.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 2 KB
948 B 10ms
9ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer-fn.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 788
x-served-by: cache-bwi5128-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.304307,VS0,VE1
etag: "f69a78f7e6b1f490c8a66bdfeed9b755"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 templatizer-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 6 KB
2 KB 9ms
9ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/templatizer-behavior.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2150
x-served-by: cache-bwi5174-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.304758,VS0,VE1
etag: "5108bed49f7d2059e843190568827c78"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-bind.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 6 KB
2 KB 8ms
8ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-bind.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2102
x-served-by: cache-bwi5129-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.304987,VS0,VE1
etag: "b4a48e966b782a29f9eb97504fbd2534"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-repeat.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 26 KB
8 KB 8ms
8ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-repeat.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 8310
x-served-by: cache-bwi5132-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.305103,VS0,VE1
etag: "637b0dc7b05af8208e9feec11b1820b8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-if.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 10 KB
4 KB 10ms
9ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-if.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3950
x-served-by: cache-bwi5154-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.306833,VS0,VE1
etag: "af73511b80cee1662a0de4cc9dff63d1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 array-selector.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 14 KB
4 KB 10ms
10ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/array-selector.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3976
x-served-by: cache-bwi5160-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.306936,VS0,VE1
etag: "a1595b639d74f3050eb026b41a74091a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 mutable-data-behavior.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 7 KB
2 KB 10ms
10ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/mutable-data-behavior.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1897
x-served-by: cache-bwi5122-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.307028,VS0,VE1
etag: "196d340215322974470d1fa62c847bad"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 html-tag.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 5 KB
2 KB 10ms
10ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/html-tag.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1878
x-served-by: cache-bwi5145-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.307086,VS0,VE1
etag: "80e4a3f100498961955505681bfd17b9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer-element.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/ 1 KB
826 B 8ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/polymer-element.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22672
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 690
x-served-by: cache-bwi5145-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.308830,VS0,VE1
etag: "28a69955a42d52a754d86372a315c278"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 render-status.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 8ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/render-status.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22672
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1242
x-served-by: cache-bwi5139-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.308991,VS0,VE1
etag: "ceba86ff1e6d164821527d112d1893ee"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 flattened-nodes-observer.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 10 KB
3 KB 28ms
28ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flattened-nodes-observer.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22672
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2997
x-served-by: cache-bwi5151-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.309636,VS0,VE1
etag: "33a1eb7852b67088b2381b83208022e4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 util-post-messaging.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-post-messaging/ 986 B
712 B 28ms
28ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-post-messaging/util-post-messaging.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

df2891b4f41145bb4e71719541ae314e9c165613fd3c370108e36a93e71b2970

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 703744
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 536
x-served-by: cache-bwi5178-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.309723,VS0,VE1
etag: "84c29dd6948b10e147955f3eb870cfe9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 util-analytics.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-analytics/ 12 KB
4 KB 29ms
28ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/util/util-analytics/util-analytics.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

73ccbbd024488d0056e7ba47321d4061fd5b36f49c771780b5806ec20a60dece

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 35094
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3452
x-served-by: cache-bwi5144-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.330827,VS0,VE1
etag: "826b945f72aa91bdfe2cb9df9294a9d3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 ui-icon.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/ui/ui-icon/ 47 KB
18 KB 29ms
27ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/ui/ui-icon/ui-icon.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

72bb073808a89194c0d30db9f290a41c55a69567815dd0efcb55dc59dd49ba17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 306410
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 17820
x-served-by: cache-bwi5175-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.330939,VS0,VE1
etag: "6cbc75e2b8762384cb812144d8ba03d7"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 media-video-base.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 9 KB
3 KB 28ms
26ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video-base.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5cb0ec6f37176f991593f90ed0759c2a859a52af31a891416ce3d30d83d7c803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 706449
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3392
x-served-by: cache-bwi5122-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.330995,VS0,VE1
etag: "e1a5f19c6802d70e2ca841f392db4dee"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 preroll.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 28 KB
9 KB 28ms
26ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/preroll.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2954c7d63a63926bee415b6b26491c0dfaba635b2fe73aad5e2795afc20e09c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 703744
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9145
x-served-by: cache-bwi5126-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.331076,VS0,VE1
etag: "da4591ac0469b2a660c1ffcfa7c745ca"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 media-video-partner.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/ 3 KB
1 KB 29ms
28ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/media/media-video/media-video-partner.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

82c74d3934bf6786f9b9eea2bf4021f2bf52ebeb7bf238175740da4f458fdc60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 703744
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1342
x-served-by: cache-bwi5133-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.331215,VS0,VE1
etag: "17c6b7105e613c770eaaff655ff05a24"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 gallium-i18n.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 8 KB
3 KB 29ms
28ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/gallium-i18n.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ed0db7069f82e411f3927a349141d8ef3b878250fe9d6d0ec9d4c96b5a406362

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 139575
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3017
x-served-by: cache-bwi5144-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.331238,VS0,VE1
etag: "05edb13808a8e2225d833440a5e3943c"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 promo-premium-indicator.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/promo/promo-premium-indicator/ 3 KB
1 KB 29ms
29ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/promo/promo-premium-indicator/promo-premium-indicator.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0837e1d9531e45205299c505173d4e16ac60a1903b0bd951e2b807a72b031ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 700765
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1027
x-served-by: cache-bwi5148-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702303.331338,VS0,VE1
etag: "abc97739b0fa2b0bce88d34975a6e04b"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 load.js Show response
widget.perfectmarket.com/gannett-network/ 4 KB
2 KB 28ms
7ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gannett-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 024f01d45739e9da991c4b69d20974d373b02a9a9136ea9238d41225ffdf240a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: FtrzjpCo_R4NwjFNAxfvQq7wmHdrSMEE
content-encoding: gzip
etag: "6741cf7eaf54542e80e7ba010ed407e6"
age: 137
x-cache: HIT, HIT
content-length: 1488
x-amz-id-2: gzxQEZ3/tyJPPQ3TfWKvacVxhRMVa53+KbqtHA7O65ZofxzluZgP3d03o34ShL/vsvS0JExx0ss=
x-served-by: cache-lax10621-LGB, cache-hhn4023-HHN
last-modified: Tue, 17 Mar 2020 06:51:52 GMT
server: AmazonS3
x-timer: S1633702303.392639,VS0,VE1
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding,,
x-amz-request-id: GEB9RCYDS6CKQNVZ
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20211007-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 538 KB
119 KB 9ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20211007-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7c7dbc6d5a6b4a7798d5b4136fb162a6aa9919b8ad7ea7562172990bd73fea11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: VXnonkUVL4w1gvNHxE7tccw6I6ytSuww
content-encoding: br
etag: "346c5b8922db6b24ee20a2a287a79406"
age: 19793
x-cache: HIT
content-length: 121489
x-amz-id-2: 5l8LHrFOY6IfkeHeLYek7As89aqz4WAzKJq5y+yA4bSxDEnlL+tkrEcjttJmb1ODbCdbLELJTDA=
x-served-by: cache-hhn4072-HHN
last-modified: Thu, 07 Oct 2021 08:33:41 GMT
server: AmazonS3-br
x-timer: S1633702303.373530,VS0,VE0
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding
x-amz-request-id: X01CBRGAKTXCN3S5
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 41
x-cache-hits: 15646

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 26ms
8ms Script
application/javascript 13.225.87.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-89.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 02:06:13 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 43563
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -QcMAIXegYKZM8882eV-KksdQ4LvOKKYd-ZYQgA8fqQO2bjdh8vo3g==

GET
H2 200 bcn
www.summerhamster.com/ 43 B
182 B 33ms
7ms Image
image/gif 3.125.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.summerhamster.com/bcn?fe=1576077515548&y=2.0.1110&elg=1993252&flg=308&x=kwwsv://hx.ghvprlqhvuhjlvwhu.frp/vwrub/prqhb/djulfxowxuh/2021/10/06/lrzd-judlq-frrshudwlyh-uhfryhulqj-fbehudwwdfn-uhpdlqv-pxp-udqvrp/6007123001/&vqwo=1&deo=0&hu=0&g2=1%3A%3A1%3A%3A0%3A%3A0%3A%3A1&requestUUID=5a6c0b29-b4dd-42db-9cae-6d30bb369176-1576077511066
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.147.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-147-59.eu-central-1.compute.amazonaws.com
Software: Jetty(9.2.10.v20150310) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Oct 2021 14:11:43 GMT
server: Jetty(9.2.10.v20150310)
content-length: 43
access-control-allow-methods: *
content-type: image/gif

GET
H2 200 p.js Show response
cdn.parsely.com/keys/desmoinesregister.com/ 71 KB
25 KB 48ms
7ms Script
application/javascript 13.225.85.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/desmoinesregister.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-39.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 000ab241f9cfb670e00b22283a470727d3c5fe42d32e94d6e7cb4dcf8024de4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: public
date: Fri, 08 Oct 2021 03:52:51 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 17:08:16 GMT
server: nginx
age: 37132
etag: W/"603d1f80-11db0"
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -nL6IFYsb80UiFg0en-imLDslubykdAxO7agoG5oNHboqbj9U1wVaQ==
expires: Sat, 09 Oct 2021 03:52:51 GMT

GET
H2 200 gannett-atoms-library.js Show response
atoms.desmoinesregister.com/atoms-library/prod/dist/ 54 KB
16 KB 18ms
8ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-library/prod/dist/gannett-atoms-library.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/core/scripts/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 08e23afc203048890ee07b7a24d846212e263a72a04497dfb88cd8f29d9c981b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=wwdkeA==, md5=bKRO9nB+QgA3ewxDk8Amtg==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 3265087
x-amz-meta-goog-reserved-file-mtime: 1630437190
x-guploader-uploadid: ADPycduD3wtMzuZtT0B0_ggq97SvGzviKUBCZhFlxLOqhvCQkUy21JNHyNI5K3jo3RYGiCzT5LNUimH3g6xrtgS6nZta0k9h9w
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 15283
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Tue, 31 Aug 2021 19:13:29 GMT
x-timer: S1633702303.397436,VS0,VE1
etag: "6ca44ef6707e4200377b0c4393c026b6"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Aug 2021 19:13:36 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 9 KB
3 KB 21ms
21ms Fetch
application/json 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCenterRounded.json

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FNyxpIt5ExRRMGYfAjVUrQ==
age: 787023
vary: Accept-Encoding
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Thu, 23 Sep 2021 19:22:14 GMT
server: cloudflare
etag: 0x8D97EC772F4A24E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3aa90a9c-101e-000d-1221-b537ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 69aff5c4eaf9c49f-DUS
expires: Sat, 16 Oct 2021 14:11:43 GMT

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 20ms
20ms Fetch
text/css 104.16.149.64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.149.64 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 787023
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 23 Sep 2021 19:22:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5d905bff-301e-0137-1121-b5321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 69aff5c4eafcc49f-DUS
expires: Sat, 16 Oct 2021 14:11:43 GMT

GET
H2 200 custom-style-interface.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 567 B
641 B 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 326
x-served-by: cache-bwi5135-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.509694,VS0,VE1
etag: "ceb0842ff6c53d8d13d6cf2345f41490"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 style-gather.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 9 KB
3 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/style-gather.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2463
x-served-by: cache-bwi5179-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.510155,VS0,VE1
etag: "69dbd531aa8cfa3ce4d98be353c255b9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 apply-shim.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 555 B
480 B 24ms
24ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 320
x-served-by: cache-bwi5173-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.512850,VS0,VE1
etag: "75f54922d2507d0c43bdf946149c38b1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 element-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 31 KB
9 KB 24ms
24ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/element-mixin.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 9312
x-served-by: cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.513069,VS0,VE1
etag: "06d1ac177cb051cec8015d7380f651e1"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 gesture-event-listeners.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 5 KB
2 KB 23ms
23ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/gesture-event-listeners.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1652
x-served-by: cache-bwi5136-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.513470,VS0,VE1
etag: "81aec249ab16ecd66d87185d1af24db5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dir-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 7 KB
3 KB 26ms
25ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/dir-mixin.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2583
x-served-by: cache-bwi5169-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.529620,VS0,VE1
etag: "7b05eec04633200f3f7f2fd916cc3886"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
1 KB 25ms
25ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/mixin.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1003
x-served-by: cache-bwi5169-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.529714,VS0,VE1
etag: "6a6416522b85e5f0febd7a1dde74b24a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 import-href.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
2 KB 24ms
24ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/import-href.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1503
x-served-by: cache-bwi5180-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.529797,VS0,VE1
etag: "b683689a8b2889b362fe6bd8e688d820"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 unresolved.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 867 B
589 B 26ms
26ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/unresolved.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 465
x-served-by: cache-bwi5160-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.529882,VS0,VE1
etag: "39488a6f062edf87128458154f8d385d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 polymer.dom.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 11 KB
4 KB 26ms
26ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/polymer.dom.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3648
x-served-by: cache-bwi5144-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.529940,VS0,VE1
etag: "5c6f8ed3d9de31616650d0749dd15004"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 class.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/ 19 KB
6 KB 24ms
23ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/legacy/class.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 6083
x-served-by: cache-bwi5132-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.529989,VS0,VE1
etag: "d81a318152a45625200636de2f23065e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 templatize.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 25 KB
8 KB 23ms
23ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/templatize.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7544
x-served-by: cache-bwi5178-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530077,VS0,VE1
etag: "2be0b54f4f601653616444827efb1bd3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 boot.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
1 KB 22ms
22ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/boot.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1030
x-served-by: cache-bwi5135-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530165,VS0,VE1
etag: "3baffbfb6ca8cfe5930d91fcb388b077"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 property-effects.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 99 KB
25 KB 21ms
21ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-effects.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 25739
x-served-by: cache-bwi5129-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530344,VS0,VE1
etag: "450f1e748a1b9f8db370847325ef559d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 mutable-data.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 21ms
21ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/mutable-data.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22652
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2938
x-served-by: cache-bwi5144-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530372,VS0,VE1
etag: "05940a4653c18c7be3a3ba99f347399f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 debounce.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 19ms
19ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/debounce.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1639
x-served-by: cache-bwi5159-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530451,VS0,VE1
etag: "cf0a53fd3761cf764a0fc5fbc8e63ce3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 flush.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
846 B 19ms
18ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/flush.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 723
x-served-by: cache-bwi5125-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530523,VS0,VE1
etag: "e006b92de5a57141c12c7391366b1f80"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 array-splice.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 8 KB
3 KB 16ms
16ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/array-splice.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2909
x-served-by: cache-bwi5158-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.530593,VS0,VE1
etag: "938a97f298390ce029cece727c84d823"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 async.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 6 KB
2 KB 12ms
12ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/async.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 139521
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1666
x-served-by: cache-bwi5134-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.531262,VS0,VE1
etag: "a132e7f672cffc216d420d202cf26b14"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 video-utils.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/ 10 KB
4 KB 13ms
13ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b6b25bbbefeb9a6afec64319648852588d196a7f247e5ecd25e81df093ef988

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 40359
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3564
x-served-by: cache-bwi5120-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.533732,VS0,VE1
etag: "51dc5f47226a5eed4907de52e691c842"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 partner-utils.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 9 KB
3 KB 13ms
13ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/partner-utils.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

052d47f24b5376d900219fdc4e8b90655d184d34bdccf168c0896e9007e95776

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 701535
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3141
x-served-by: cache-bwi5163-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.533816,VS0,VE1
etag: "2559755e03fbdac357374dccb5ac5901"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 partner-bid.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 31 KB
8 KB 12ms
12ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/partner-bid.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6964c09b11b06df05cc4d2d066c65afa88992c32590f3f565c17c6aecd490896

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 701535
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7550
x-served-by: cache-bwi5138-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.533884,VS0,VE1
etag: "cf69f793d3cf3fbe2d8b45454e653b7f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 iron-ajax.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/ 16 KB
5 KB 10ms
10ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/iron-ajax.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9308791f3878ea22e6ac4a7a725cb1999fc9a68ab99292ed40e7e30a6852fba5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 655127
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4702
x-served-by: cache-bwi5120-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.535687,VS0,VE1
etag: "0a043135287b43ad3a26480b1bd6c65c"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 gallium-element.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/ 1 KB
895 B 10ms
9ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/behaviors/gallium-element.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b4a351678ab9f8db1aab05ffa577c6a7b53b4a37fc18caa10cead337730257d7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 35094
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 731
x-served-by: cache-bwi5137-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.538157,VS0,VE1
etag: "ee12cca6f58ebc072b0b9652b54d0ee9"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 resolve-url.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 3 KB
2 KB 12ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/resolve-url.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1295
x-served-by: cache-bwi5144-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.548091,VS0,VE1
etag: "75c1476d2c704094aa9e0a2ad4fb8e1f"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 sp-2.9.1.js Show response
cdn.keywee.co/dist/ 75 KB
26 KB 10ms
7ms Script
application/x-javascript 13.224.193.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-46.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 02:25:59 GMT
content-encoding: gzip
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
age: 21383144
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 62nX-j1K_i_6_z9yVaOpbiGvnZCFu15lxHEEex-cRncgHJ3Pmg1EtQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: XS4SsZJPICFjvg36URtxCydezXr39KBbZNSsA6e1jQQQQTqLSvyeAWiWm6Ftm49oTFkpGjpvAxQxmjntwvhYfQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Oct 2021 14:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1633702303568&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=https...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633702303568&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=http...

64 B
327 B

9ms
9ms

Image
image/gif

13.225.87.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633702303568&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&c9=
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-89.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: Q_4OiWY1bD4ttohKMd2addumdXDYNPZKcyQ97t1-vcP4ilPmsmfeyg==

Redirect headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1633702303568&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&c9=
content-length: 387
x-amz-cf-id: CaO1fMD9BUqpkUUwrZvu4jc1CmLgIdf-0JPvuD0Qo0vfDMbel0uQWA==

GET
H2 200 pmk-202002191.14.js Show response
widget.perfectmarket.com/gannett-network/ 111 KB
30 KB 7ms
7ms Script
application/javascript 151.101.193.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/gannett-network/pmk-202002191.14.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/gannett-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 044e5e12c5d8acb617f82fbf006eef3c85d9f294e35daeeadd06c2d198e8314f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: xyKz_RLl7smUmPgMbGCWupo.4ZsJKTnJ
content-encoding: gzip
etag: "6767ebadd6c9cec6e81b63a25d0f06e6"
age: 3734971
x-cache: HIT, HIT
content-length: 30945
x-amz-id-2: bbsJkKk/xjlMc5AyXgiUywa+YqdvwUdAUufS6fL4zRG1Y6fj/AINtwEe844+/JMFN5aFc1nA8Jw=
x-served-by: cache-lax10648-LGB, cache-hhn4023-HHN
last-modified: Tue, 17 Mar 2020 06:51:52 GMT
server: AmazonS3
x-timer: S1633702304.572411,VS0,VE1
date: Fri, 08 Oct 2021 14:11:43 GMT
vary: Accept-Encoding,,
x-amz-request-id: E1VJWYJXA49JJHG3
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 16745, 1

GET
H2 200 gestures.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 27 KB
8 KB 8ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/gestures.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 7889
x-served-by: cache-bwi5174-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.574242,VS0,VE1
etag: "ab9b79dd0eccf903828ccc487b6b1c05"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 settings.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 4 KB
2 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/settings.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1503
x-served-by: cache-bwi5130-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.576603,VS0,VE1
etag: "15942810acd52ae2b0eb80847a8f5471"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 dom-module.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/ 7 KB
3 KB 8ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/elements/dom-module.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2659
x-served-by: cache-bwi5160-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.576769,VS0,VE1
etag: "650e85c88657ad6543f5c6878e2a79fc"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 properties-mixin.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 10 KB
3 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-mixin.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 3113
x-served-by: cache-bwi5168-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.576815,VS0,VE1
etag: "a6fa00d9cf48430838a3e13e02b2b3b8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 property-accessors.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 13 KB
5 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/property-accessors.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4317
x-served-by: cache-bwi5175-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.579748,VS0,VE1
etag: "f784aae56fbe41ef5c3cafca76aaf990"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 iron-request.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/ 14 KB
4 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/iron-ajax/iron-request.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2b63b3bee4bb1876f2c43ec5decb408dc8e29c928623b7f60094865c4ad2a4a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 460659
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4329
x-served-by: cache-bwi5162-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.596411,VS0,VE1
etag: "5388f28a0fd05ffd14616fd925b9c901"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2

200

journey.json Show response
atoms.desmoinesregister.com/atoms-configs/prod/dist/uw/pdem/control/
Redirect Chain

https://atoms.desmoinesregister.com/atoms-configs/prod/dist/uw/PDEM/(null)/journey.json
https://atoms.desmoinesregister.com/atoms-configs/prod/dist/uw/pdem/control/journey.json?originalSegment=(null)

15 KB
3 KB

7ms
7ms

Fetch
application/json

151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-configs/prod/dist/uw/pdem/control/journey.json?originalSegment=(null)
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6a96bc98689e0ae762c7541e49d9b2a7608040f3048396449e1514554599c1e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=q08sNA==, md5=2GIw8pnD/vsxELTJP9lWcw==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 60
x-amz-meta-goog-reserved-file-mtime: 1633423952
x-guploader-uploadid: ADPycdsHwESEofQbug110TuP-vXOQI4Kr0urCcvLDeQk8JGh__xriB8B-NWhmxkd0R6dHthJBQ9Yt2FTWEdwiRZYDl8
x-cache: MISS, HIT
x-goog-storage-class: REGIONAL
content-length: 2350
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Tue, 05 Oct 2021 08:53:35 GMT
x-timer: S1633702304.683642,VS0,VE1
etag: "d86230f299c3fefb3110b4c93fd95673"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Oct 2021 08:59:48 GMT

Redirect headers

vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
timing-allow-origin: *
date: Fri, 08 Oct 2021 14:11:43 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 105
vary
x-cache: HIT, HIT
location: /atoms-configs/prod/dist/uw/pdem/control/journey.json?originalSegment=(null)
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=900
accept-ranges: bytes
x-timer: S1633702304.613661,VS0,VE1
access-control-allow-origin: *
content-length: 0
retry-after: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 path.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 7 KB
2 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/path.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 2048
x-served-by: cache-bwi5154-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.654310,VS0,VE1
etag: "9c50ebf02f5695e8e561d999a38130b5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 case-map.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
954 B 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/case-map.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 784
x-served-by: cache-bwi5132-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.654451,VS0,VE1
etag: "6c6b9837ece12100d4cf4ed763989b68"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 template-stamp.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 20 KB
6 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/template-stamp.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22673
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 6028
x-served-by: cache-bwi5152-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.654631,VS0,VE1
etag: "c6a88631bee700a9d0ea4929ac7d7c94"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 telemetry.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/ 2 KB
904 B 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/utils/telemetry.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22672
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 776
x-served-by: cache-bwi5133-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.670790,VS0,VE1
etag: "863322f656542c1dd71e0580cc5c6106"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 properties-changed.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/ 21 KB
6 KB 8ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/polymer/lib/mixins/properties-changed.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 22672
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5554
x-served-by: cache-bwi5146-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.670914,VS0,VE1
etag: "cb0b7819ecf4cbd8c49f86bdeb7b4803"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.47

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: 6KMu4rVl7bhMpoP8fC65xapMSGzkizyZjUG1y8zW6aV5AxRe+0I9XpFJX4rY5Uk0NBKflBJoVGXvMhs/17tz9A==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 08 Oct 2021 14:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2114787895257392 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 9ms
9ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2114787895257392?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

a4976a488f31582f99a364b903b3d921a65ca8df41c437ec17bfdd4aeb6224ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 146950
x-xss-protection: 0
pragma: public
x-fb-debug: KmR3aetZlaCHc4w2gZ1IR2+aLkHcXkfXqTTzq0g9N8Y7Q2EcSYxHhuKsos5JdBLLiqrolQG9f2Z5ipfrU+pLtg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 08 Oct 2021 14:11:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i
pixel.keywee.co/ 43 B
295 B 292ms
93ms Image
image/gif 18.210.181.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1633702303691&e=pv&url=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&page=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&tv=js-2.9.1&tna=cf&aid=420&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=245c6a3d-6ba0-4592-8ff8-7c8033b0aedd&dtm=1633702303690&vp=1600x1200&ds=1600x5698&vid=1&sid=1d65b0db-af75-4f16-bb93-2181463f46d9&duid=d5a7b78a-0739-4c04-a6d2-a2fafa37f49c&fp=560948675

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.210.181.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-181-188.compute-1.amazonaws.com

Software

nginx/1.17.6 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

status: 200 OK
date: Fri, 08 Oct 2021 14:11:43 GMT
x-content-type-options: nosniff
server: nginx/1.17.6
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

POST
H2 200 / Show response
ariane.abtasty.com/ 43 B
106 B 23ms
23ms Fetch
image/gif 34.102.161.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Fri, 08 Oct 2021 14:11:43 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://eu.desmoinesregister.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

GET
H2 200 custom-style-interface.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 3 KB
2 KB 7ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/custom-style-interface.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 702339
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1346
x-served-by: cache-bwi5135-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.726510,VS0,VE1
etag: "0bcf779c48ca31aad51499609f591fac"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
336 B 9ms
9ms Image
text/plain 13.225.87.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c2=6035223&c1=2&templatetype=story%20pages&category=money&comscorekw=money&name=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&ns__t=1633702303724&ns_c=UTF-8&cv=3.5&c8=Iowa%20grain%20cooperative%20recovering%20from%20cyberattack%20remains%20mum%20on%20ransom&c7=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&c9=
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-89.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 0m4NYmyq3F92uteD6mMDDAIlUeQX7iN62xswt3CRqJQ3cR8oP6UtPQ==
x-cache: Miss from cloudfront

GET
H2 200 gannett-atoms-components.esm.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 18 KB
4 KB 7ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/gannett-atoms-components.esm.js
Requested by: Host: atoms.desmoinesregister.com
URL: https://atoms.desmoinesregister.com/atoms-library/prod/dist/gannett-atoms-library.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 671dda10766b9b5d818f541dcd16539e237e2537c3716980edbd5bad027272ef

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=XyaJHQ==, md5=JaKa5hEVhR7Z1A8dC0F+nA==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1536878
x-amz-meta-goog-reserved-file-mtime: 1632165387
x-guploader-uploadid: ADPycdt5nWS9NJgQt63P4FY2Upz1PpkbZUNo1jlY_P-QTDHdWWn7fa-mzabfIafNY0ONucyWtjO42Xy3lHgsRL9IJKh7kPkH2g
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 3472
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Mon, 20 Sep 2021 19:16:45 GMT
x-timer: S1633702304.752140,VS0,VE1
etag: "25a29ae61115851ed9d40f1d0b417e9c"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Sep 2021 19:17:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 24ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2114787895257392&ev=KWCEPV&dl=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&rl=&if=false&ts=1633702303774&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633702303773.456532238&it=1633702303678&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&exp=p0&rqm=GET

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 14:11:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 24ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2114787895257392&ev=PageView&dl=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&rl=&if=false&ts=1633702303777&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1633702303773.456532238&it=1633702303678&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&exp=p0&rqm=GET

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 08 Oct 2021 14:11:43 GMT

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 p-bc1b1fc0.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 12 KB
6 KB 8ms
8ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-bc1b1fc0.js
Requested by: Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ae61bb20f2a7cb9d81ec399533958ae065afaaaf78fb03eedfd5f11aee5c3bad

Request headers

Referer: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/gannett-atoms-components.esm.js
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EqKBig==, md5=33Bn9M5XnTU/iky11W9Elw==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 788728
x-amz-meta-goog-reserved-file-mtime: 1632165387
x-guploader-uploadid: ADPycduLw_WsSlqT2pOAQYdwKa4XjFIbtkSkqjQgya-TIMyV74BXpkpaTSIg-ZJwLmm1mwF9wkg2HhcwuIPY6bQnhw
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 5743
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Mon, 20 Sep 2021 19:16:46 GMT
x-timer: S1633702304.789678,VS0,VE1
etag: "df7067f4ce579d353f8a4cb5d56f4497"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Sep 2021 11:06:15 GMT

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 361 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 apply-shim.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/ 10 KB
4 KB 7ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/shadycss/apply-shim.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 702541
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 4252
x-served-by: cache-bwi5133-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.793316,VS0,VE1
etag: "8d4108ef1d5493eee40467d1e426a693"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 p-qb3ovp0k.entry.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 11 KB
3 KB 7ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-qb3ovp0k.entry.js
Requested by: Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cc4b8c8d7a3701e2c10c0c568b0f8f8e3060f81183880d91c9555b1ffe75466f

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=5NNahQ==, md5=QB3oVP0KLiNvP4F/OE7SgA==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1536855
x-amz-meta-goog-reserved-file-mtime: 1632165387
x-guploader-uploadid: ADPycdu-OgzkDgtkh3Lk78zpI5bM1-KKrS28iFRMuGN6S0dfexI23I-e-offEWRrPPG-bihS9HC1QxjBoJIMZuJs79A
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 2951
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Mon, 20 Sep 2021 19:16:47 GMT
x-timer: S1633702304.812721,VS0,VE1
etag: "401de854fd0a2e236f3f817f384ed280"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Sep 2021 19:17:28 GMT

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 20 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 99 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 p-46677dbb.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 3 KB
2 KB 11ms
11ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-46677dbb.js
Requested by: Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cc53b6af73e4bfe95ebb6620be5e23c433a65738ce48b440dadf5c5ce5e7a78a

Request headers

Referer: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-qb3ovp0k.entry.js
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=kvC6cw==, md5=oDNySNlvWJckCtoC8ACIyA==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1536879
x-amz-meta-goog-reserved-file-mtime: 1632165387
x-guploader-uploadid: ADPycdut9WTn8Q6bcsAeChQxJXexDvzxZXeUTbbsAQM97uJU22HYQYpJW_AwJRT3UgFVjl7gYIF9kMBqbr8vCZLzkUfaokRCqQ
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 1315
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Mon, 20 Sep 2021 19:16:46 GMT
x-timer: S1633702304.835096,VS0,VE1
etag: "a0337248d96f5897240ada02f00088c8"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Sep 2021 19:17:05 GMT

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 30 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 26 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 4 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 480 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 / Show response
user.desmoinesregister.com/PDEM-GUP/user/newsletters/ 6 KB
6 KB 185ms
185ms Fetch
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://user.desmoinesregister.com/PDEM-GUP/user/newsletters/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

76ce92514882ec0a74c4e5a1252adeea459f8ebb999ebbda2dda35595967b9bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
via: 1.1 varnish
x-content-type-options: nosniff
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
x-cache-hits: 0
content-length: 5947
x-served-by: cache-hhn4023-HHN
referrer-policy: same-origin
server: nginx
x-frame-options: DENY
date: Fri, 08 Oct 2021 14:11:44 GMT
vary: Origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: https://eu.desmoinesregister.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
accept-ranges: bytes
expires: Fri, 08 Oct 2021 14:11:43 GMT

GET
H2 200 p-7vxvuaqv.entry.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 2 KB
663 B 8ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-7vxvuaqv.entry.js
Requested by: Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3ce3c975da7d7aa9a3cb368207cb47716506536dd2820b941002275f4d4a0a64

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=Vi5Uzw==, md5=7VXvuAQvuFQEgDr3c1e7tQ==
date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 59
x-amz-meta-goog-reserved-file-mtime: 1630701384
x-guploader-uploadid: ADPycdshkcRgYOn-GhsoWAIH_iNBM4ruyRsQT4N9zbkc1Js1pOl1_nV-MJePQKkd0A8WcAjxJrmLaEdnjCVbSMqNBc8
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 398
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Fri, 03 Sep 2021 20:36:45 GMT
x-timer: S1633702304.847251,VS0,VE1
etag: "ed55efb8042fb85404803af77357bbb5"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 08:10:37 GMT

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 36 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 19 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 24 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 939 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 25 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 13 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 7 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 314 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 14 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f12a7e83b53174324fb3ac6b4851779470b088584f3d4349eb66bdf2c2222de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 15 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efc3a7ac965ff7be8e6d03a67307eecd8b48a564a98dfd853fe03a8e1d702f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 intl-messageformat.min.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/intl-messageformat/dist/ 16 KB
5 KB 7ms
7ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/intl-messageformat/dist/intl-messageformat.min.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/components/webcomponentsjs/webcomponents-hi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e631f1c56b5510adac402270a3a80f7167fa6638124ed750ce16c744a5c1dadf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:43 GMT
content-encoding: gzip
age: 722368
x-cache: MISS, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 5013
x-served-by: cache-bwi5125-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.893462,VS0,VE1
etag: "7399b33d4036b8fbaf5e7c780923501e"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 1

GET
DATA 200
OK truncated Show response
/ 6 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f75181e1a1c64f818084a3ec430594411c68db51959008f6e25da7236a02a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba6c90f846b5777c20df35c917e3864d7ed59ff51a9f7a530306663e6fffd0d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44c92f78e9c922a19975b0d15fc19ebf609b0d61f9fa6366bc1647c3e45f6981

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1f61e9ba17a692d70e92eae847d1ed6133faa72178e5204a30e2c5a298fd1b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f927c2faf7ebe9fe3e39e541b98c715c285069883b498f2ebe045cc08550f2cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 847 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08deecbce56cfb8222d8b2f89d9ba7fb6abc73c11c250815ed6d7eacfc0a48d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0cfa4d00fe7e4849620bd1c5ff226eecc401a33da94ee7dbfbcd6d302dd80df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8f4e08f037f1fb8fa4498115fa7ca7e9446f5285a0cd85729ab6f1e7bbfd428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ed8d0045848e95d94e7d2313dc632dd66e9aa47d8a0584a363618435991123a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 31 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42d56c575238ae892422ba924887ad3355a7be13cddef8ee674db58aba10d454

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 9 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4537e8cfa8357f0271a2c535eb058ff2d9d157626c3b51aa294d14a41338db4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 28 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b1ba99d1781e097938ae0b9d751eaf41d13bbb2a813da5ed8d1174973850988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 3 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1304fd03c5abacb5d5bd8fe8a03f6f2a725b05f268b69cdee74bbb84557e5779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 46 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfc0988ee6e593bdc6e877ed6dc01eac07844f21126876401232a3ae904035b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 dfe68c75-8331-4bc5-89d4-b6eb78b3c521_poster.jpg
www.gannett-cdn.com/authoring/video-thumbnails/ 49 KB
50 KB 8ms
8ms Image
image/webp 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/authoring/video-thumbnails/dfe68c75-8331-4bc5-89d4-b6eb78b3c521_poster.jpg?height=576
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 99472e151cb316977b13d9aac3e660a95a9392eee60b9c9a55141fa1cb98d577

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=77Y8Mw==, md5=ry9NRyWxo6l3D0jrflcblw==
date: Fri, 08 Oct 2021 14:11:44 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1431285
x-guploader-uploadid: ADPycduLL2Hs1PhzDRVr2YbII9j8jWp7ronEztLnF-c2qRooe8EqC43p8ydlyuuVZB2XLcOcIApMNE23RM8Dgui2Kqqf6uThog
x-cache: HIT, HIT
fastly-io-info: ifsz=192615 idim=1920x1080 ifmt=jpeg ofsz=50168 odim=1024x576 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 50168
x-served-by: cache-bwi5122-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702304.010443,VS0,VE1
etag: "APcmN0e4JNyzGv8bcuQ6Fh96MGspoGGWgyBHtjW6ucc"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 00:36:58 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ 19 KB
7 KB 44ms
7ms Script
application/javascript 13.225.87.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-97.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding: gzip
etag: W/"8ec0c211dda60907ae57f46e621bc794"
age: 433376
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
last-modified: Thu, 08 Jul 2021 19:25:58 GMT
server: AmazonS3
date: Sun, 03 Oct 2021 13:48:49 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: KTM7ENHXcN1hqOtDsyOZgK-tzq8Gd0yv_eVU-LVPeH_9D28lJ1GPew==

GET
H2 200 hls@0.8.9.light.js Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/ 166 KB
49 KB 11ms
11ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/vendor/hls/hls@0.8.9.light.js

Requested by

Host: cpt-static.gannettdigital.com
URL: https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/mixins/video-utils.html.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd2cd8ef74975ca9c35d691765ff028c6f91410a5d426d36c9aa439cfa893be8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:44 GMT
content-encoding: gzip
age: 724172
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 49496
x-served-by: cache-bwi5153-BWI, cache-hhn4023-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.022488,VS0,VE1
etag: "f7d1c3ede971ad1ef90faabf06aeaab2"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 partner-taboola-api-media-video.html Show response
cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-taboola-api-media-video/ 5 KB
2 KB 7ms
7ms XHR
text/html 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/elements/partner/partner-taboola-api-media-video/partner-taboola-api-media-video.html

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7dd84be45fe88777f6353bc5c87a7d431f24eecd2d34c7e696b0db89221e6907

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:44 GMT
content-encoding: gzip
age: 139430
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=600
content-length: 1964
x-served-by: cache-bwi5177-BWI, cache-hhn4073-HHN
access-control-allow-origin: *
server: AmazonS3
x-timer: S1633702304.023310,VS0,VE1
etag: "88182b459f596a0dc6611325c56776c8"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: text/html
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Location
cache-control: max-age=3600
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 1

GET
H2 200 dfe68c75-8331-4bc5-89d4-b6eb78b3c521_poster.jpg
www.gannett-cdn.com/authoring/video-thumbnails/ 110 KB
111 KB 10ms
10ms Image
image/jpeg 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/authoring/video-thumbnails/dfe68c75-8331-4bc5-89d4-b6eb78b3c521_poster.jpg?quality=50
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3cd37ca051db452b61eae15e3c5f5504de787fb92ed20c33f778443377f2641c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=77Y8Mw==, md5=ry9NRyWxo6l3D0jrflcblw==
date: Fri, 08 Oct 2021 14:11:44 GMT
via: 1.1 varnish, 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1431285
x-guploader-uploadid: ADPycduLL2Hs1PhzDRVr2YbII9j8jWp7ronEztLnF-c2qRooe8EqC43p8ydlyuuVZB2XLcOcIApMNE23RM8Dgui2Kqqf6uThog
x-cache: HIT, HIT
fastly-io-info: ifsz=192615 idim=1920x1080 ifmt=jpeg ofsz=112922 odim=1920x1080 ofmt=jpeg
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 112922
x-served-by: cache-bwi5123-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.252_19-d397a52a14486e014427a441611bdf8c
server: UploadServer
x-timer: S1633702304.025475,VS0,VE1
etag: "3FRlBiRcJaX7x1eETvoQQuekZdbkU6S+AoRQ6hPQuTw"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 00:36:58 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
DATA 200
OK truncated Show response
/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d110981142c4eed17687001dbc7ec6be3346f43d45f205afa0274ec791308ee5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 p-aheii2hv.entry.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 7 KB
2 KB 10ms
10ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-aheii2hv.entry.js
Requested by: Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 03e0ad90b9e79768eeec8ec02df89617479ba23d527ba3148e5d431d3a03f3f8

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=p+IP/w==, md5=/AhEII2hV4Dg+AiU16288g==
date: Fri, 08 Oct 2021 14:11:44 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1315613
x-amz-meta-goog-reserved-file-mtime: 1632165387
x-guploader-uploadid: ADPycdu94Llv3Ey-ohHMFjEM5rf7u8rqktY6FfYr_OaCcksCJAlW1nWaGoWai3maPySP5Mbw_pNk7uvldwIebRr9ZL8U8J1Wbg
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 1852
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Mon, 20 Sep 2021 19:16:46 GMT
x-timer: S1633702304.065463,VS0,VE1
etag: "fc0844208da15780e0f80894d7adbcf2"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Sep 2021 08:44:50 GMT

GET
H2 200 p-166o4qo8.entry.js Show response
atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/ 8 KB
4 KB 9ms
9ms Script
application/javascript 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://atoms.desmoinesregister.com/atoms-components/prod/dist/gannett-atoms-components/p-166o4qo8.entry.js
Requested by: Host: d11dxp04.na1.hubspotlinks.com
URL: https://d11dxp04.na1.hubspotlinks.com/Btc/2M+113/d11DXp04/VVzs5v9599bxW377pgC546qJnW37H_hZ4ypPhKN13dgpL5nKv_V3Zsc37CgW41W1yZQFN7GGzgbN5jLRF-BcKH9MKbtqFKb-QfN38x36zbKx_6W4sWrnc1DfkwMW2rZBWZ4fhPQsW5cccXK6fhkl7VM16Sx6Y44TVMqDf7Z5Wp4QVV1kPh6cnl0wW3gjjcW4h0H37VJw5lh5Xs_PvW6QtQ7L90WTsvW8ZwNgb7xKNBbW1Xcn626J1VwgW45bF3J4zRL82W8v9m569cTk1_N4g5FMsXjlt9VNrvSk8C_5vFW9b9ST758p5BjW40n3Xh5J1N3JVSKL-f31Vq1vW17mf2X5GwSxbW7KNWBh6XqRy6W1vht4v4DDHgDW45Yw7_13380tW3H1HmF5Nfw4ZW1Pf7nQ3fSzhNW5ZCVHB7-VfPmW95GlX32DvMy5W65RhBP5ncKZNN64JQ5jFB1wjW8lGtPv7QWZWSW2LxWSg57fjNLN4wBvHFHbXfQN66Kd7l9DSmWN64qxggxdGXJW6lx7ZQ71f-W7380h1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb07c2face5cc6c304e2c50246c6c5fdb266c7b2f5a98c2c71d43c80f136b99c

Request headers

Referer: https://eu.desmoinesregister.com/
Origin: https://eu.desmoinesregister.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=zLWUxQ==, md5=166o4qO8E/LQkGulbkqufg==
date: Fri, 08 Oct 2021 14:11:44 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 58
x-amz-meta-goog-reserved-file-mtime: 1630701384
x-guploader-uploadid: ADPycduP2nDO64gBh4-DNYe2QBQ0U7vF08_1LI2tFVgLArupARCIw9c4ErnvhCvmvAbp-ir8IvZIJrCd_JWcqDeAhBMcO5CRuQ
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
content-length: 3692
vcl_data: 7RUKok4TzOApzCcB2cEWJm.51_5-02339070fd067b2ad5328c0cc947d429
last-modified: Fri, 03 Sep 2021 20:36:45 GMT
x-timer: S1633702304.065580,VS0,VE1
etag: "d7aea8e2a3bc13f2d0906ba56e4aae7e"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Sep 2021 20:37:05 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame CC7D 0
18 B 15ms
7ms Document
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3593
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://eu.desmoinesregister.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.desmoinesregister.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://eu.desmoinesregister.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://eu.desmoinesregister.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Fri, 08 Oct 2021 14:11:44 GMT

GET
H2 200 nr-spa-1044.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 22ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "ecc4d675754da137f5dacbc99541e133"
x-amz-request-id: SJ0CC3PN1X89MSQ9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11929
x-amz-id-2: KsBKfJqD8QzSaxPUm19Aao7B39K9M9ycdnEWHLsrJvQncwKzhCtbTCW1TwI6PgBCbgDVys32EEY=
x-served-by: cache-hhn4069-HHN
last-modified: Wed, 28 Feb 2018 23:35:17 GMT
server: AmazonS3
x-timer: S1633702305.243473,VS0,VE0
date: Fri, 08 Oct 2021 14:11:45 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 79

GET
H3 200 bridge3.484.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0CD4 577 KB
189 KB 50ms
22ms Document
text/html 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.484.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

sffe /

Resource Hash

761ea54485ab01bc9eb7acd2d566c84f66a572339921b48d0b90164d060d9a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.484.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://eu.desmoinesregister.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 193785
date: Fri, 08 Oct 2021 11:23:59 GMT
expires: Sat, 08 Oct 2022 11:23:59 GMT
last-modified: Thu, 07 Oct 2021 15:06:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 125ms
37ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 14:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Oct 2021 14:11:45 GMT

GET
H/1.1 200
OK b7ac0e2ada Show response
bam.nr-data.net/1/ 57 B
322 B 728ms
105ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b7ac0e2ada?a=20128261&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=2847&ref=https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/&be=565&fe=2820&dc=2820&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1633702302405,%22n%22:0,%22f%22:463,%22dn%22:463,%22dne%22:463,%22c%22:463,%22ce%22:463,%22rq%22:474,%22rp%22:481,%22rpe%22:483,%22dl%22:486,%22di%22:662,%22ds%22:2819,%22de%22:2819,%22dc%22:2819,%22l%22:2819,%22le%22:2820%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1044.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK b7ac0e2ada Show response
bam.nr-data.net/events/1/ 24 B
191 B 211ms
210ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/b7ac0e2ada?a=20128261&sa=1&v=1044.a6554e7&t=Unnamed%20Transaction&rst=4675&ref=https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://eu.desmoinesregister.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H2 200 json Show response
trc.taboola.com/gannettcompany-desmoinesregister/trc/3/ 12 KB
5 KB 402ms
396ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/trc/3/json?tim=14%3A11%3A48.580&lti=deflated&data=%7B%22id%22%3A379%2C%22ii%22%3A%22%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1633597846663%2C%22vi%22%3A1633702308577%2C%22cv%22%3A%2220211007-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPNwzA6PNwzA6AcABBENBmCgAAAAAH_AACiQAAAQUgGAA4AKcAZ8BggDcQG5gN8AdiA7YB3IDvAIKAJggAQCogHyhILIACAAFwAUABUADIAHIAPABAADAAGUANAA1AB5AEMARQAmABPgCqAKwAWAA3gBzAD0AH4AQkAhgCJAEdAJYAlwBNAClAFuAMMAZAAy4BqAGqANkAd8A9gD4gH2AfsBAAEDgIuAjEBGgEcAJSAUEApYBTwCrgFzAMUAawA2kBuAG8AOIAegA-UCGwIdAReAkQBMQCZQE2AJ2AUOApEBTQCxQFoALYAXIAu8BeYDAgGDAMJAYaAw8BkQDJAGTgMuAZyAz4BpADToGsAayA28BusDkQOVAcuA6MB1gDxwHtAPlCANoAHAAeACQALYAfwBIgDNAG1AOYA6gCDgE_AKGAaIA6oCHwEegJCASKAlYBNoCnwFRALCAXQAuoBdoC8gGIAMWAZCAyMBkwDPwGhANGAaUA1MBtADbgG6AOCAdIA7AB2YDugHgQPJA8oB7oD5AH2AP3AgIBAwCCIEEwwBEAKgAWwBSADmANkAdQBIQCRQFRAL6AZGA0IBugDiQHZgPdAfKGgUABWAC4AIYAZAAywBqADZAHYAPwAgABBQCMAFLAKeAVeAtAC0gGsAN4AdUA-QCHQEVAIvASIAmwBOwCkQFyAMCAYSAw8BjADJwGcgM8AZ8A5IBygDrAH4CABwAJAAtgCkAHMAbwBIQCRQFRANCAboA4kB2YD3QHyiIEIAVgBDADIAGWANQAbIA7AB-AEAAIwAUsAp4BVwDWAHVAPkAh0BF4CRAE2AJ2AUiAuQBgQDCQGHgMnAZyAz4ByQDlAHWAPwFQIAAKABDACYAFwARwAywBqADsAH4ARgAjgBSwCrwFoAWkA3gCQQExAJsAU2AtgBcgC8wGBAMPAZEAzkBngDPgG5AOSAcoA_AUARAEyAKQAbQA5gB4AEFAOrAjsCPQEigKiAX0A0IBrwDbwHEgPsAgeMgPAAUACGAEwARwAywBqADsgH2AfgBGACOAFLAKuAVsA3gCTgExAJsAWiAtgBeYDAgGHgMiAZyAzwBnwDkgHKAPiAfgMAHgCZAFIANoAcwA8ACxAHVgR2BHoCRQFRALyAaEA28BxID7BwFsABEADgAPAAuACQAHIAPwAtgBkADQAH8AQgAkQBSACzgGWAZoA2oBzAHUAOwAdwBAACCwEHAQgAiIBNoCfAJ-AUsAqABbQC9QGAAYEAzIBrADXgG8AOOAdIA6oB5AD5AIQAQ-Aj0BIQCRYErASuAmIBMoCbQFCgKQAUmApgBUwCqgFbAK7AWUAtQBcUC6ALqAX0AwIBiADFgGQgMmAZeAz8BoUDRQNGAaUA00BqYDXgG0ANsAbcA4mBx4HIAOkAdgA7MB2oDwIHkgeUA90B8QD7IH7AfuBA8CCI6DoAAuACgAKgAZAA5AB8AIAAXQAwADKAGgAagA8AB9AEMARQAmABPgCqAKwAWIAuAC6AF8AMQAZgA3gBzAD0AH6AQwBEgCOgEsATAAmgBRgClAFiALeAYQBhwDIAMoAaIA1ABsgDfAHeAPaAfYB-gD_AIHARYBGACOQEpASoAoIBTwCrgFigLQAtMBcwF1ALyAYoA2gBuADiQHTAdQA9ECGwIdAREAioBF4CQQEiAJUATIAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAaqA1gBsYDbwG6gOLgckByoDlwHRgOsAeOA9IB6oD2gHygPrgfgB-IEAQIJEAGoACAAfgBoAD-AJEAUgAywBtQDmAOcAdgA8ACCgE-AKWAWIAwABmQDeAHVAO2Ah-BHYEegJCASKAlcBMQCbQFCgKQAUmAqIBWwC6AF5AL6AYEAz8BoQDRQGlANTAbYA24BxIDsIHkgeUA9EB7oD4gH2AP2AfwBA8hBDAAWABQADIALgAYgBDACYAFMAKoAXAAvgBiADMAG8APQAjgBYgDCAGUANQAb4A74B9gH4AP8AjABHACUwFBAUMAp4BV4C0ALSAXMAxQBtADqAHoASCAkQBJwCVAE2AKaAWKAtGBbAFtALgAXIAu0Bh4DEgGRAMnAZyAzwBnwDRAGkgNLAaqA4AByQDowHWAO1AeOA_ACCRKB-AAgABYAFAAMgAcgBgAGIAPAAiABMACqAFwAL4AYgAzABtgEMARIAjgBRgClAFuAMIAZQA1QBsgDvAH4ARgAjgBJwCngFXgLQAtIBdQDFAG4AOoAfIBDoCKgEXgJEATYAsUBbAC7QF5gMPAZEAycBlgDOQGeAM-AaQA1gBt4DgAHWAO1Ae0A_ACB4EEiQC0ABwAFwAQgA5ACWAFQAMgAhABIgCkAFyAMsAagA2gBzADuAIAAQkAnwBUADMgGvAN4AdUA-0COwI9ASKAlYBNoCkwFlALoAX0AxYBn4DQgGlANyAcSA6QB2ADygH2QP3A_gCCJSCiAAuACgAKgAZAA5AB8AIIAYABlADQANQAeQBDAEUAJgATwApABVACwAF8AMQAZgA5gB-gEMARIAowBSgCxAFuAMIAZQA0QBqgDZAHfAPsA_QCLAEYAI4ASmAoIChgFXAK2AXMAvIBigDaAG4APQAh0BF4CRAEnAJsATsAocBYoC0AFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MBt4DdYHJgcoA5cB1gDtQHjgPaAfKA_AoBNAAuACEAEgAOQAfgBUACsAGQANoAhABHACRAEyAKQAXIAywBqADXAG1AOYA6gB3ADwAIAAQkAioBIgCTgE2AJ3AT4BPwClgFiALqAYAA14BvADqgHbAPIAf8BHoCRQExAJlATaApABTACnwFRAKmAVsArsBdAC8gF9AMCAYsAyYBn4DQgGiANKAabA1IDUwGvAOCAcSA7AB2YDygHugPiAfZA_YD-AIGAQPAgm.YAAAD_gAAAAA%22%2C%22gwto%22%3Atrue%2C%22ccpa_dns%22%3A%22none%22%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5102%2C%22nsid%22%3A%22gannett-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-u%3Apub%3Dgannett-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-%20New%20Design%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-%20New%20Design%22%2C%22cd%22%3A4904.96875%2C%22mw%22%3A710%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b70e7b5ba094cd2551535efe31bf83bfeacd539ecbf822ddb3fce0453e39fc07

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 387
date: Fri, 08 Oct 2021 14:11:48 GMT
content-encoding: gzip
server: nginx
x-timer: S1633702309.591505,VS0,VE387
x-served-by: cache-hhn4072-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://eu.desmoinesregister.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

POST
H2 200 / Show response
ariane.abtasty.com/ 43 B
106 B 23ms
23ms Fetch
image/gif 34.102.161.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: eu.desmoinesregister.com
URL: https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://eu.desmoinesregister.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Fri, 08 Oct 2021 14:11:48 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://eu.desmoinesregister.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
alt-svc: clear
content-length: 43

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 6ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211007-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6843ebbc25aab2ea0a89c3941516fe680ef1c8e24f0cc679cfded40613fac3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: EXXeY0x5KsfcYGZ_pU0T0nnlw5SBMrLo
content-encoding: gzip
etag: "710c3d899a609dd58f4c5ec9617e7b53"
age: 11929
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5995
x-amz-id-2: j1F9uPcq7zIx9SY3Mpt5Mqwy+Z330RNHlUytFxTNECJga6DrlPCyzvzd4gsOCISljhoxBB/UEGE=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 05 Oct 2021 10:52:45 GMT
server: AmazonS3
x-timer: S1633702309.993654,VS0,VE0
date: Fri, 08 Oct 2021 14:11:48 GMT
vary: Accept-Encoding
x-amz-request-id: MV83Q552Z5RV0YXV
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 41
x-cache-hits: 10344

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
940 B 7ms
6ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20211007-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: xNHw6tYbIMmRvQuUVymAr__rbKgbLLLL
content-encoding: gzip
etag: "978cfe7fd9cd031786ca00806b338a40"
age: 11932
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 714
x-amz-id-2: rwI9CmESGYiDCHBAPEGcqEcvpkhqje+qVFBpYvirqQZEUATSG51igkBJJednmKCVc7DNfS5o934=
x-served-by: cache-hhn4072-HHN
last-modified: Tue, 05 Oct 2021 10:52:45 GMT
server: AmazonS3
x-timer: S1633702309.993815,VS0,VE0
date: Fri, 08 Oct 2021 14:11:48 GMT
vary: Accept-Encoding
x-amz-request-id: 7865JBD9W8V2407T
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 41
x-cache-hits: 10383

GET
H2 200 userx.20211007-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20211007-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/gannett-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 555c83018778fa246ac35c3c39a256b8de861f0cb5df566afc09341874396e9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: 2_Mbnc9qUSDxMfp4vihReNOY86_fqvPb
content-encoding: gzip
etag: "f7619ffd6a933bbdef210ca12d02c69b"
age: 114
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5338
x-amz-id-2: lsFVu/JryeIqPEL0Ua294kegvzIu+ND9sd8xWjxA+FvU1edRV1h4bT3kbnbH9QAAKs+5+p7yBz0=
x-served-by: cache-hhn4072-HHN
last-modified: Thu, 07 Oct 2021 08:55:58 GMT
server: AmazonS3
x-timer: S1633702309.008664,VS0,VE0
date: Fri, 08 Oct 2021 14:11:49 GMT
vary: Accept-Encoding
x-amz-request-id: 8AN31EVS47KRKM9M
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 41
x-cache-hits: 23

GET
H2 204 social
am-trc-events.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
230 B 109ms
13ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gannettcompany-desmoinesregister/log/3/social?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Iowa%20grain%20cooperative%20says%20it%27s%20working%20to%20restore%20automated%20operations%2C%20but%20remains%20silent%20on%20cyberattack%20ransom%22%2C%22sec%22%3A%22money%22%2C%22aut%22%3A%5B%22Donnelle%20Eller%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2018%2F10%2F17%2FPDEM%2F72abff80-58f3-423e-afa6-0f534ca6e428-1017_harvest-colors_00006.JPG%3Fauto%3Dwebp%26crop%3D4921%2C2753%2Cx0%2Cy0%26format%3Dpjpg%26width%3D1200%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=14%3A11%3A49.014&id=8904&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
231 B 108ms
13ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gannettcompany-desmoinesregister/log/3/social?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22top%22%2C%22lx%22%3A689%2C%22ly%22%3A216%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=14%3A11%3A49.014&id=7141&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
230 B 108ms
13ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/gannettcompany-desmoinesregister/log/3/social?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Iowa%20grain%20cooperative%20says%20it%27s%20working%20to%20restore%20automated%20operations%2C%20but%20remains%20silent%20on%20cyberattack%20ransom%22%2C%22sec%22%3A%22money%22%2C%22aut%22%3A%5B%22Donnelle%20Eller%22%5D%2C%22img%22%3A%22https%3A%2F%2Fwww.gannett-cdn.com%2Fpresto%2F2018%2F10%2F17%2FPDEM%2F72abff80-58f3-423e-afa6-0f534ca6e428-1017_harvest-colors_00006.JPG%3Fauto%3Dwebp%26crop%3D4921%2C2753%2Cx0%2Cy0%26format%3Dpjpg%26width%3D1200%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=14%3A11%3A49.014&id=2212&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 65d699a931db90ebd0b6df214d625f19.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 7ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65d699a931db90ebd0b6df214d625f19.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 74654f0f55a8a6b84274e98fb968b32d392c6fc36d42ed021408e3920d476341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
age: 2522813
edge-cache-tag: 602710386895806844295396609016075829982,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 87
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65d699a931db90ebd0b6df214d625f19.jpeg
content-length: 15374
x-request-id: a18c13add4837a7c742381167f449353
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Sun, 05 Sep 2021 07:47:08 GMT
server: nginx
x-timer: S1633702309.023322,VS0,VE0
etag: "d5321dbdc750374887b8b9b9b7ec0069"
x-served-by: cache-wdc5548-WDC, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2

GET
H2 200 b92e99f663d9279272685bab6be91b9d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 9ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b92e99f663d9279272685bab6be91b9d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 020a358dd2294ed0656577aa904a333e70d37b581cc20044b8ae7ed91d4758d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 1631255
edge-cache-tag: 424370456968951801931539548530375270959,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 324
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b92e99f663d9279272685bab6be91b9d.jpg
content-length: 17696
x-request-id: 22b21515b972a5f5add596da2d17cada
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 19 Sep 2021 12:42:19 GMT
server: nginx
x-timer: S1633702309.023436,VS0,VE1
etag: "401a949dc8a57b31427b0a3c44fad8a4"
x-served-by: cache-wdc5555-WDC, cache-dca17763-DCA, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 2f0dd84061f78e25e40ab433103f30c7.png
images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_493,y_258/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 7ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_493,y_258/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f0dd84061f78e25e40ab433103f30c7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f4ca9ce816368d7c4880e395d67f845e1b56363fcb5f94a632400c0b2b8a6d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 3090440
edge-cache-tag: 391876971122374417242123758966328262776,311900876760312621380896550686312028822,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 89
expiration: expiry-date="Mon, 27 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_493,y_258/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f0dd84061f78e25e40ab433103f30c7.png
content-length: 7594
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 27 Aug 2021 16:53:57 GMT
server: nginx
x-timer: S1633702309.023129,VS0,VE1
etag: "22e1c14527ce188d741658f3e2f36142"
x-served-by: cache-wdc5576-WDC, cache-dca17724-DCA, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 028f588d11777d47224a2b72fff74110.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 8ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/028f588d11777d47224a2b72fff74110.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef8dde69d9880f6c6068b3c41ee9496f9962b36fe50bc1a20512523de5afd7d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
age: 1225454
edge-cache-tag: 552738642770015802205810197407586531588,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 82
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/028f588d11777d47224a2b72fff74110.jpg
content-length: 14786
x-request-id: deb31bd5d91163d065c17d2cfd5f61c2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Fri, 24 Sep 2021 08:27:17 GMT
server: nginx
x-timer: S1633702309.023223,VS0,VE1
etag: "dc22f178ca44e97b1766f6ab983769d2"
x-served-by: cache-wdc5565-WDC, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 50dc7025430fa9837813f07a966c929d.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
16 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50dc7025430fa9837813f07a966c929d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0cc2b76cef5666f7b673e4e85592de1ac19cd8f49f85444753135855ef97c9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
age: 1581179
edge-cache-tag: 471562055844396347451635186498791535252,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 93
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50dc7025430fa9837813f07a966c929d.jpeg
content-length: 15888
x-request-id: fc9954a9966af176b9bec4a5ec203b09
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Fri, 10 Sep 2021 06:37:32 GMT
server: nginx
x-timer: S1633702309.024349,VS0,VE1
etag: "5769f6d8691b14d7532234ce38d586e7"
x-served-by: cache-wdc5578-WDC, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 35df42cb0a4af4211675ed18653064ff.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
5 KB 7ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35df42cb0a4af4211675ed18653064ff.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56492fa16525e8be0166327e3725b2eb4b8af0427d23b35d11fee4dda36c86db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 635974
edge-cache-tag: 384438203264824426221524354823202133392,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 31
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35df42cb0a4af4211675ed18653064ff.jpg
content-length: 4824
x-request-id: 6d1a2bf91e45a7304d11c160dd49f87d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 29 Sep 2021 09:15:41 GMT
server: nginx
x-timer: S1633702309.024565,VS0,VE0
etag: "c1e9c7ea7fd117d8b5bcf1f1ba05d177"
x-served-by: cache-wdc5520-WDC, cache-dca17721-DCA, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 6

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65d699a931db90ebd0b6df214d625f19.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 74654f0f55a8a6b84274e98fb968b32d392c6fc36d42ed021408e3920d476341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
age: 2522813
edge-cache-tag: 602710386895806844295396609016075829982,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 87
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/65d699a931db90ebd0b6df214d625f19.jpeg
content-length: 15374
x-request-id: a18c13add4837a7c742381167f449353
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Sun, 05 Sep 2021 07:47:08 GMT
server: nginx
x-timer: S1633702309.050446,VS0,VE0
etag: "d5321dbdc750374887b8b9b9b7ec0069"
x-served-by: cache-wdc5548-WDC, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b92e99f663d9279272685bab6be91b9d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 020a358dd2294ed0656577aa904a333e70d37b581cc20044b8ae7ed91d4758d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 1631255
edge-cache-tag: 424370456968951801931539548530375270959,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 324
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b92e99f663d9279272685bab6be91b9d.jpg
content-length: 17696
x-request-id: 22b21515b972a5f5add596da2d17cada
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 19 Sep 2021 12:42:19 GMT
server: nginx
x-timer: S1633702309.050538,VS0,VE0
etag: "401a949dc8a57b31427b0a3c44fad8a4"
x-served-by: cache-wdc5555-WDC, cache-dca17763-DCA, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_493,y_258/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f0dd84061f78e25e40ab433103f30c7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f4ca9ce816368d7c4880e395d67f845e1b56363fcb5f94a632400c0b2b8a6d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 3090440
edge-cache-tag: 391876971122374417242123758966328262776,311900876760312621380896550686312028822,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 89
expiration: expiry-date="Mon, 27 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_234,w_280,c_fill,g_xy_center,x_493,y_258/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f0dd84061f78e25e40ab433103f30c7.png
content-length: 7594
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 27 Aug 2021 16:53:57 GMT
server: nginx
x-timer: S1633702309.050593,VS0,VE0
etag: "22e1c14527ce188d741658f3e2f36142"
x-served-by: cache-wdc5576-WDC, cache-dca17724-DCA, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/028f588d11777d47224a2b72fff74110.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef8dde69d9880f6c6068b3c41ee9496f9962b36fe50bc1a20512523de5afd7d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
age: 1225454
edge-cache-tag: 552738642770015802205810197407586531588,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 82
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/028f588d11777d47224a2b72fff74110.jpg
content-length: 14786
x-request-id: deb31bd5d91163d065c17d2cfd5f61c2
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Fri, 24 Sep 2021 08:27:17 GMT
server: nginx
x-timer: S1633702309.050666,VS0,VE0
etag: "dc22f178ca44e97b1766f6ab983769d2"
x-served-by: cache-wdc5565-WDC, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50dc7025430fa9837813f07a966c929d.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0cc2b76cef5666f7b673e4e85592de1ac19cd8f49f85444753135855ef97c9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
age: 1581179
edge-cache-tag: 471562055844396347451635186498791535252,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 93
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50dc7025430fa9837813f07a966c929d.jpeg
content-length: 15888
x-request-id: fc9954a9966af176b9bec4a5ec203b09
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified: Fri, 10 Sep 2021 06:37:32 GMT
server: nginx
x-timer: S1633702309.050730,VS0,VE0
etag: "5769f6d8691b14d7532234ce38d586e7"
x-served-by: cache-wdc5578-WDC, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35df42cb0a4af4211675ed18653064ff.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 56492fa16525e8be0166327e3725b2eb4b8af0427d23b35d11fee4dda36c86db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 635974
edge-cache-tag: 384438203264824426221524354823202133392,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 31
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/35df42cb0a4af4211675ed18653064ff.jpg
content-length: 4824
x-request-id: 6d1a2bf91e45a7304d11c160dd49f87d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 29 Sep 2021 09:15:41 GMT
server: nginx
x-timer: S1633702309.050796,VS0,VE0
etag: "c1e9c7ea7fd117d8b5bcf1f1ba05d177"
x-served-by: cache-wdc5520-WDC, cache-dca17721-DCA, cache-hhn4072-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 7

GET
H2 204 abtests
trc.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
251 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/log/3/abtests?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~5408864694157204135~~hVIJlMB7MLO3v%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.78%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_custom%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20New%20Design%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Dieser%20Rechner%20zeigt%20in%203%20Minuten%2C%20wie%20viel%20Ihr%20Haus%20wert%20ist%5C%5CnHausfrage.de%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1633702309106%7D&tim=14%3A11%3A49.107&id=843&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633702309.120730,VS0,VE9
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
61 B 16ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/log/3/abtests?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~5408864694157204135~~hVIJlMB7MLO3v%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.78%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_global%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20New%20Design%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Dieser%20Rechner%20zeigt%20in%203%20Minuten%2C%20wie%20viel%20Ihr%20Haus%20wert%20ist%5C%5CnHausfrage.de%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1633702309107%7D&tim=14%3A11%3A49.107&id=344&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633702309.120979,VS0,VE9
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
58 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/log/3/abtests?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~7564655993728168116~~W6wgNt9uabndE%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.78%5C%22%2C%5C%22event%5C%22%3A%5C%22has_cta_text%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A1%2C%5C%22index%5C%22%3A1%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20New%20Design%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Nicht%20nur%20Bitcoin%20-%20erfahren%20Sie%20alles%20%C3%BCber%20Cardano%5C%5CneToro%5C%22%2C%5C%22config%5C%22%3A%7B%7D%7D%22%2C%22eventTime%22%3A1633702309107%7D&tim=14%3A11%3A49.107&id=5166&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633702309.121392,VS0,VE8
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
56 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/log/3/abtests?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~7564655993728168116~~W6wgNt9uabndE%5C%22%2C%5C%22text%5C%22%3A%5C%22Mehr%20erfahren%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.78%5C%22%2C%5C%22event%5C%22%3A%5C%22cta_render_candidate%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A1%2C%5C%22index%5C%22%3A1%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20New%20Design%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Nicht%20nur%20Bitcoin%20-%20erfahren%20Sie%20alles%20%C3%BCber%20Cardano%5C%5CneToro%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1633702309108%7D&tim=14%3A11%3A49.108&id=3561&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633702309.121548,VS0,VE8
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
60 B 25ms
25ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/log/3/abtests?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22location%5C%22%3A%5C%22https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~7564655993728168116~~W6wgNt9uabndE%5C%22%2C%5C%22text%5C%22%3A%5C%22Mehr%20erfahren%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.78%5C%22%2C%5C%22event%5C%22%3A%5C%22rendered%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A1%2C%5C%22index%5C%22%3A1%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20-%20New%20Design%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Nicht%20nur%20Bitcoin%20-%20erfahren%20Sie%20alles%20%C3%BCber%20Cardano%5C%5CneToro%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1633702309114%7D&tim=14%3A11%3A49.114&id=7957&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 16
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633702309.121684,VS0,VE16
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 abtests
trc.taboola.com/gannettcompany-desmoinesregister/log/3/ 0
55 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/gannettcompany-desmoinesregister/log/3/abtests?route=AM:AM:V&lti=deflated&ri=8af09e02b4e5ce396871046302661201&sd=v2_b7fb097cc901d0f6268aa7b506da8f7d_3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724_1633702308_1633702308_CNawjgYQ5KI9GOHV-4HGLyABKAEwODib4wlAhIoQSLCG2ANQo-wQWAFgAGjr5LqW88T3vnFwAA&ui=3fe1082e-b17b-45af-af5a-a5132024febf-tuct859d724&pi=/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001&wi=8692404769236281403&pt=text&vi=1633702308577&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA_Title_Not_Black%22%2C%22type%22%3A%22~~V1~~7564655993728168116~~W6wgNt9uabndE%22%2C%22eventTime%22%3A1633702309114%7D&tim=14%3A11%3A49.114&id=8172&llvl=2&cv=20211007-6-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu.desmoinesregister.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Fri, 08 Oct 2021 14:11:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1633702309.121762,VS0,VE8
x-served-by: cache-hhn4072-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.desmoinesregister.com/	1970-01-19 23:14:46	Name: gnt_eid Value: (null)
.desmoinesregister.com/	1970-01-19 21:48:43	Name: gnt_eu Value: true
eu.desmoinesregister.com/	1970-01-20 06:33:58	Name: usprivacy Value: 1---
.desmoinesregister.com/	1970-01-20 06:33:58	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22pjwt%22%3A%20null%2C%20%22updated%22%3A%201633702303%2C%20%223PID%22%3A%20null%7D
.desmoinesregister.com/	1970-01-20 06:33:58	Name: gup_anonid Value: aa02bc3a-2841-11ec-a767-0a6d6c554906
.desmoinesregister.com/	1970-01-20 06:33:58	Name: gup_clientid Value: aa0416d4-2841-11ec-a767-0a6d6c554906
eu.desmoinesregister.com/	1970-01-27 05:00:22	Name: gup_clientid Value: aa0416d4-2841-11ec-a767-0a6d6c554906
.desmoinesregister.com/	1970-01-19 21:48:24	Name: kw.session_ts Value: 1633702303545
.desmoinesregister.com/	1970-01-19 21:49:48	Name: kw.pv_session Value: 1
.scorecardresearch.com/	1970-01-20 15:05:10	Name: UID Value: 1CAO1FMD9BUQPKUUWRZVU4g1633702304
.desmoinesregister.com/	1970-01-19 21:48:24	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/%22%2C%22sref%22:%22%22%2C%22sts%22:1633702303615%2C%22slts%22:0}
.desmoinesregister.com/	1970-01-20 02:07:34	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Oct+08+2021+14%3A11%3A43+GMT%2B0000+(GMT)&version=6.24.0&hosts=&consentId=2ffdfbb8-49af-42ba-8d81-658efad28ef7&interactionCount=0&landingPath=https%3A%2F%2Feu.desmoinesregister.com%2Fstory%2Fmoney%2Fagriculture%2F2021%2F10%2F06%2Fiowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom%2F6007123001%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK1%3A0%2CSTACK24%3A0
.desmoinesregister.com/	1970-01-19 21:48:24	Name: _sp_ses.34de Value: *
.desmoinesregister.com/	1970-01-20 07:09:58	Name: _sp_id.34de Value: d5a7b78a-0739-4c04-a6d2-a2fafa37f49c.1633702304.1.1633702304.1633702304.1d65b0db-af75-4f16-bb93-2181463f46d9
eu.desmoinesregister.com/	1970-01-19 21:48:24	Name: _tb_sess_r Value:
eu.desmoinesregister.com/	1970-01-19 21:48:24	Name: _tb_t_ppg Value: https%3A//eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/
.desmoinesregister.com/	1970-01-19 23:57:58	Name: _fbp Value: fb.1.1633702303773.456532238
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 10de62b92d54f6f4
.desmoinesregister.com/	1970-01-19 21:48:24	Name: ABTastySession Value: mrasn=&lp=https://eu.desmoinesregister.com/story/money/agriculture/2021/10/06/iowa-grain-cooperative-recovering-cyberattack-remains-mum-ransom/6007123001/&sen=2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 77) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am-trc-events.taboola.com
api.gannett-cdn.com
ariane.abtasty.com
atoms.desmoinesregister.com
bam.nr-data.net
cdn.cookielaw.org
cdn.keywee.co
cdn.parsely.com
cdn.polyfill.io
cdn.taboola.com
connect.facebook.net
cpt-static.gannettdigital.com
d11dxp04.na1.hubspotlinks.com
dcinfos-cache.abtasty.com
eu.desmoinesregister.com
geolocation.onetrust.com
images.taboola.com
imasdk.googleapis.com
js-agent.newrelic.com
pixel.keywee.co
s0.2mdn.net
sb.scorecardresearch.com
sp.desmoinesregister.com
static.adsafeprotected.com
trc.taboola.com
try.abtasty.com
user.desmoinesregister.com
widget.perfectmarket.com
www.desmoinesregister.com
www.facebook.com
www.gannett-cdn.com
www.summerhamster.com
104.16.149.64
104.18.31.105
104.20.185.68
13.224.193.46
13.224.193.83
13.225.85.39
13.225.87.89
13.225.87.97
141.226.228.48
142.250.185.106
142.250.185.70
151.101.129.26
151.101.193.181
151.101.194.62
151.101.2.137
151.101.65.44
157.240.236.1
157.240.236.35
162.247.242.19
18.195.43.183
18.210.181.188
3.125.147.59
34.102.161.46
34.107.143.101
000ab241f9cfb670e00b22283a470727d3c5fe42d32e94d6e7cb4dcf8024de4c
020a358dd2294ed0656577aa904a333e70d37b581cc20044b8ae7ed91d4758d2
024f01d45739e9da991c4b69d20974d373b02a9a9136ea9238d41225ffdf240a
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
039462e6ea98c38105a76cc4d911029da12a6adaa5802f3ef28ec9cc7b062c5d
03e0ad90b9e79768eeec8ec02df89617479ba23d527ba3148e5d431d3a03f3f8
044e5e12c5d8acb617f82fbf006eef3c85d9f294e35daeeadd06c2d198e8314f
04c6ef5e48cceec44d94a408d376f8bb62956d8aa5b50cc0b26adf78ad1cbfaa
052d47f24b5376d900219fdc4e8b90655d184d34bdccf168c0896e9007e95776
06103ce43485e865bcb6abc55ff75342dbf58c6e2ec94315ca3057a58e8f6a51
070af9b9cc3a83f9b6ae9238e6d1fef9f1fb840d73b65f65c2a4328fc4e7c729
0767e2ab2440f261df5380fa8e42627d602bc78be339b8dbebfc436cc60e139d
0862d3c8b349b9f7e0d49b4a68573691d390395a020002819d0723d7c5fe562e
08deecbce56cfb8222d8b2f89d9ba7fb6abc73c11c250815ed6d7eacfc0a48d5
08e23afc203048890ee07b7a24d846212e263a72a04497dfb88cd8f29d9c981b
0b6b25bbbefeb9a6afec64319648852588d196a7f247e5ecd25e81df093ef988
0b9979acdf6a0c20788a1fc868e1ddda082bc06eba32a9fa2eb0a0110c3f259c
0c42a7bb6bab2526b60a115423a6c41f003b75705e84b0ae24910d7d0b162c41
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d91883b892841e5140d97e18ed26a8a0f04c27a644f00104655dc94e5d3c13c
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
0f01ef19df758793f58a530b555cc3b838cead0d6730d54cc26ccf168f69d936
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1304fd03c5abacb5d5bd8fe8a03f6f2a725b05f268b69cdee74bbb84557e5779
1c3f29b93d961e02766afc79e1fc7e7bf8510ec831d77aabff63e87aea18d8d8
1e93d1966552e0ec57b358850e3a1bbd4ee91eaf77ecbc665d634fa78cd99f0c
20860cd85b16709e5f98332ecf82297b784da87651bb872006c151501f972cb9
20ba49665bf99f2cc5e23e68536c23ac981329935e9a98f2efca647e1acd8ca3
241155907faff3ddf6df02126069a4fc7f05f77454acef7e1cbd49d8395ea556
27d8d5c2481a7e5b18cfb56ffaae9a9060bd4e386676bb96aa99f7d27828ba4c
292d3967cfc2aaad496dcefe2e99d2e644bf19ca001674164b4b1ceb88003206
2954c7d63a63926bee415b6b26491c0dfaba635b2fe73aad5e2795afc20e09c6
2b63b3bee4bb1876f2c43ec5decb408dc8e29c928623b7f60094865c4ad2a4a7
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2feaea79bf8d0b941dac8dd4508347b6cf19278096180a308f56eaa040235759
32bbc893217eed1f27f02a5f6800e4b6153bfc8d71abb73af9ffcbb53f0307df
32ef7b2c958df422a41169feb6e0dc8a6a149c94957f148ac1f522683bb1522a
371dbda9619cf12162b68749c76b9e9b1692dad84bba175d5718072ae674c559
376710062084ea2165061850fd4e1b66fac2191a1c7f003acd1b9f98dfe4068b
380b59b697189c5e5b22599a8b6ea78be45273dbde8236887d7c140aa11a0ba3
3854294ad0231749f307027820af7903f60f7410054c953cac1f527115daaa2a
3b7a86a7ce0392af890ca11fe6f7ee5746b975cb98204a39ec8cd43d817c389e
3cd37ca051db452b61eae15e3c5f5504de787fb92ed20c33f778443377f2641c
3ce3c975da7d7aa9a3cb368207cb47716506536dd2820b941002275f4d4a0a64
3ed8d0045848e95d94e7d2313dc632dd66e9aa47d8a0584a363618435991123a
3ee14ab9c91eaa98c77adab568df55da8db6fe9aa701e9a869506c3732cea15e
4295341928984eb4a9fe7ebbcb81c91d9f5a56a029a698795b808fdb4f90a6fc
42d56c575238ae892422ba924887ad3355a7be13cddef8ee674db58aba10d454
43fc652db51c181fa1ae056ffde2443db9bce4f6ed0e7c1bd84412235dba2204
44c92f78e9c922a19975b0d15fc19ebf609b0d61f9fa6366bc1647c3e45f6981
4537e8cfa8357f0271a2c535eb058ff2d9d157626c3b51aa294d14a41338db4e
46ea8464d2c3f35b1f5031bf2a9c0e422eaf4e0d45faa9dc5e03f465a6a8c486
4832ef08e9658a2aeb523553ac23a657ed8e554a07690e243424390fe797868a
4b56346abd8ac9a16c8ed3e5723ea0eeed3d8b3a6c0abf035f3f1623994aa75b
4b6018f1b931dba69e08d59fa9ec94d231f73005cf3f646bc6f29457ec4f3274
4dc4fff9aab3a93f787c41e65e7f42e3ce5412f919efd59335d4cd68a30b6561
4f4ca9ce816368d7c4880e395d67f845e1b56363fcb5f94a632400c0b2b8a6d2
5016b1dba1d21a7f05a7e3d17a9c4b0b43222056c729c6c653df72377f400ef4
50b151128e92bf38325fab38896be2f5c6c78d557e10e649bb764dad42188e75
511f127a1868984cf9d3d9545da20d1c43222d656515a2ee13737a38ba30c791
51d1f220e6b2184a1d55b715797a89377333709de7bf7c8ab12dbef2fec50faf
538f323e6385179ce2f6bb76f3df4e1bbeb5564131685997e539d8c06754f88d
5438244d57a2d3f821c38f0d3331c123567c53325cf995beab127b76966c8f7c
555c83018778fa246ac35c3c39a256b8de861f0cb5df566afc09341874396e9a
56492fa16525e8be0166327e3725b2eb4b8af0427d23b35d11fee4dda36c86db
5680984cafd03b7ffac79009300c94b135354bd7741d6ebd8e13f010be38c50a
58f5cc90322a4e8b5eca28354006d80483685dfd55622c442aba2c4a2b3f00ae
59aba2008cdd8c0a3a24fef082e01c1cacdcc6cadd939396166eab475c1e925d
5b529448eb68dc6a434e58709ade0b8d9458f4a0082ef03dae87ccbd9f7d8ce8
5cb0ec6f37176f991593f90ed0759c2a859a52af31a891416ce3d30d83d7c803
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5efaa2ccf201122813b7fce67ad176f86437b34b57425cd55375fda10e52daed
5f12a7e83b53174324fb3ac6b4851779470b088584f3d4349eb66bdf2c2222de
5f65a0f11dfb663a620dde743cab6c8434307b9aedea52c0f4c3f9ba52e5d706
60756645bbed6ad3cc3e8be0a057dff15132f22b5b60cbe14e48250980043653
6177996af84c4e9e810c240e4f7fb1efa82ba95862fa36b3aae360e0568cecca
63ebd809b2988be498b87eadffc18b32f301c477d58128e508b7268e1df4b105
669a45b4165bb5c155e16b7e5656bdc8a05ce60062c9a8dabe3d9e3869eb75a5
671dda10766b9b5d818f541dcd16539e237e2537c3716980edbd5bad027272ef
692ae4751ee9cf34c8a76a91f1d8df47bf098da4b9b2fb10e9181d9cf4dc81f7
6964c09b11b06df05cc4d2d066c65afa88992c32590f3f565c17c6aecd490896
6a96bc98689e0ae762c7541e49d9b2a7608040f3048396449e1514554599c1e9
6c53441d1a937468383d786be79d2e01bdd99af37634a2d883f6d58c8219a79d
6d17f02f855e44c5671557aeea54a29281875098b13c42805020ff577f8a5972
6fa0b93dcc79d1ef847f9bc6650fed0dae8fd91d138ad82b39e534e39391e004
70dac0bff0be690d0fe75181a06e3bc54c470c8491cc9a32e5cf89f5ed9b0179
71e240fc2794b33d8dcb0b5d17ebb19fd9a69c717a1854fa6f4296cd3c9579b7
72594b51b5aee1db06bcda724589ef3d75796bbc9a13abc74e5533b4b06315e5
72bb073808a89194c0d30db9f290a41c55a69567815dd0efcb55dc59dd49ba17
73ccbbd024488d0056e7ba47321d4061fd5b36f49c771780b5806ec20a60dece
74654f0f55a8a6b84274e98fb968b32d392c6fc36d42ed021408e3920d476341
75f26e45a5ecd0855668595b59282d650f87bcf6a3eecc078436df6e9ff0904a
761ea54485ab01bc9eb7acd2d566c84f66a572339921b48d0b90164d060d9a0e
76ce92514882ec0a74c4e5a1252adeea459f8ebb999ebbda2dda35595967b9bd
77f9a1daae58a71c8f58a083690750198203b29d049e67389859009979d8a8c1
796aa828e35628a03ccbd1585f5b579d365d33cb24e95567d4bc43c79fa6f63a
7a8d0a1512a5ecd047a3a9fbb1bdc116de8f6676d580edd9e57867c6fa9bc1bb
7af84b32f2682675dbd41d3a3e3418db9f0b1232d2fbba0ad87c399f792e124f
7c7dbc6d5a6b4a7798d5b4136fb162a6aa9919b8ad7ea7562172990bd73fea11
7da034b7466483840babbef96244488c66aaff1d3caf75815525324194c817e0
7dd84be45fe88777f6353bc5c87a7d431f24eecd2d34c7e696b0db89221e6907
7f3ed53279a8da1ed394cec205e6bcfefa5b5a97509dba76d139f0991c22fca5
7fa26cb73d6d9fe8a70881f90b76deea23af087bfabe86f43b98f6739f0a6622
803f4ef9c766e43bd1d8ff0978e9cf5cbab24d80989c627badeea3e2325c3aa8
80a2258536b7794f4094148f91bf454314ce0e325f6ea8d371bfab439d99623c
80ed13e95ea2c1db7dfd4b45c82e1fadd25699d8a953464083737b59a5e6a192
812761fecf21584ca20e6872a0fce8719749192b09f8d99f20d7628c24861447
82c74d3934bf6786f9b9eea2bf4021f2bf52ebeb7bf238175740da4f458fdc60
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
846d6342d8f911d417bfe3fb9fb865d8d5f4865b304f33b29caa6c760d06417e
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
86943b08e849ab5a8a7357e576b8fedc6ade44e01a5a1bff8d2e110dddd64c06
86fbce59e4f7ec7e30dcea5f3a591c731b2f25988103299857293e45d4be53a2
89e8c7062fe9ea6578c0854ded9bd9914046cc6bbf7ae76ae67d001484630440
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8ce6e59de59ccc4e45c4798434e1e3885a91f5e7b9d916b5085ba91ea27c29d9
8cf78114dc98e5c4843b6e78e6f34758a7864dbd8d14f1db0f2e8090072f1c17
8eb0f44b72ffada10a3d8ed5cf63b711671a5f637efd4536b1df740b3d54aec4
8f75181e1a1c64f818084a3ec430594411c68db51959008f6e25da7236a02a7e
922dea847dca89758d2c87751a24d057bff5a13e08e16c1ee2c397c57e2b7ca2
9308791f3878ea22e6ac4a7a725cb1999fc9a68ab99292ed40e7e30a6852fba5
9484f035f77fcc2a4d231a271e0ba3f8a40dafbf2c1efc5f41f9a95f54a2a613
94bc6474b905706b2f431231534a5f21557716c3be68238a5c7d6f3f5c1a956d
94c78b879e0dd3fabf50b65f350c6b4f1b9e903b9995a1969aa85b570cf8e05f
962017c869448ba8bbb8827cc9262ebd51a03b5ac9957aaba7725f79ebf8d056
99472e151cb316977b13d9aac3e660a95a9392eee60b9c9a55141fa1cb98d577
9abf80d3a46582afb816fc2d86bee64132a685e2dc828c7609403d4e6497e1bd
9abff9995a7362f7796c37d841691e11d27d833726af171353c6d270ea7302ec
9b1ba99d1781e097938ae0b9d751eaf41d13bbb2a813da5ed8d1174973850988
9db75cf3965907df50e6208dd5ff4f447c8bd15d27c7ae6ae59919f5ef1b9251
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a17ed2829e19ecd0a8c2cbb9a3bb66cc12e110ad475b53256f02f65f152019b6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a29a29f34ab64d13ec7d58ccaa268bb7fa78352a9882152d77c4e564af4802ab
a3b7067f00f9a2ac16d847bc12270871523004cf1ac09aa959d0df310070000a
a4976a488f31582f99a364b903b3d921a65ca8df41c437ec17bfdd4aeb6224ec
a73c999d28afd2be114b8c3c0de7c8fc46d07f92213320673f542421aafc149d
a894750a0d7f13755770ebda4cd08d29327207a2a3ff714525cbf6627009590b
a8f4e08f037f1fb8fa4498115fa7ca7e9446f5285a0cd85729ab6f1e7bbfd428
a920c91de5db43e6f6634e5f757541141a31117fd881c848647671fbda83602b
a960c7b4dd3b532e4c31e866e1236bed2ab577a91ed4d2bd255feb0d18631572
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab37b352053e31600411e412fce0cfdd9174a82159875c6b1f8934f8e758db0f
ae61bb20f2a7cb9d81ec399533958ae065afaaaf78fb03eedfd5f11aee5c3bad
b016f0834f6fe219f0a3483029b57170b8b4ff9841b0224d5325b7f8cee1e6f1
b048e87cf82ab73e27b97c3cc5a1568c90089086960978b2a397b0d1408f884e
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b2b6340e3e36ff6d0423b24c8e16528485ce9cb3aeafb1c9c594da12aa7f0113
b4a351678ab9f8db1aab05ffa577c6a7b53b4a37fc18caa10cead337730257d7
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
b5a60a7fff5518b6f07c00d792f50771c5a87d0a876aa533fabfe8890b6cab95
b61583a6667f9ec6bad0cd4b6910b6c02ce4864898c9f96c089f9f495df22079
b70e7b5ba094cd2551535efe31bf83bfeacd539ecbf822ddb3fce0453e39fc07
b92490f0e08edd6e7b5e9704b1208cb9124eeac94841dda895b0dff4854ac956
ba6c90f846b5777c20df35c917e3864d7ed59ff51a9f7a530306663e6fffd0d3
ba7ee0f420d8ea6e8751036a7a6693404676c9e63d66e6eaa2dd352f46d9883f
bb8316121ab1fb502d56b1f8ce3fc3c7047447626255820a01cbedd807363b6b
bcf610c3f2222699d45638201a33934e6a07f37ea5effeb32add9ea6974b3e5f
bd3371cdc79f60cdd3b435f3b8dd3de44e37cb3636e6e193235b87386624652a
bfc0988ee6e593bdc6e877ed6dc01eac07844f21126876401232a3ae904035b2
c0cc2b76cef5666f7b673e4e85592de1ac19cd8f49f85444753135855ef97c9c
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c594a209fcffcfcfa1e70062f7e7ead35bbd20b78e18f1c0d6e8e2ef2de8256e
c5f600809257ac740a49f6c0ae29d8b670ceaed5334566c31b99aa2304c3004e
c745a6114bddb356770c22a8dce7861cff4a1502a81ff222fac8c21efb6b2f85
c77f75f30b8fe3e4a803cb54aed45d1f12f364a03b221240cd77a0abbff6a2ca
c7b4a150637e3339cf7665c1f405fa244241de4e123584637a831ed477c5e6e0
c7dc8b0d0933d7837b3df7d28197f4d2f502b06638ea3bbb1bd7e1ec94cafa9d
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc4b8c8d7a3701e2c10c0c568b0f8f8e3060f81183880d91c9555b1ffe75466f
cc53b6af73e4bfe95ebb6620be5e23c433a65738ce48b440dadf5c5ce5e7a78a
ccb18ad16f68562f5a296fab2c167544182186ad8db167dbc45eaae16865a102
d0837e1d9531e45205299c505173d4e16ac60a1903b0bd951e2b807a72b031ed
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f7c1ea8c0452b0c347c2f5949f8e9ab0936a255ce7615f22979280d60e50a0
d110981142c4eed17687001dbc7ec6be3346f43d45f205afa0274ec791308ee5
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d5411a7ffd764c2db252c2f5d464c5adefef40b9338ee46f2b3a3e43ac61db48
d7427f226caa0100b63c9e234e09acb809896a493126bc9847fc5331f80c7dcb
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dbf62b3d96ab46c2c2c67edec16aca51b6534f8996b6bd8b64182bace59058a7
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de90e56c63d2b963ccc54a00aba3ce82287605c37544a2a43b5a5f2fea65570c
deda65f2c2d923079263d3387f9472fa7fd9d0661f8bf40a601a817dcad0acad
df2891b4f41145bb4e71719541ae314e9c165613fd3c370108e36a93e71b2970
e07224f1f0b0cd61cba9e38292bb340d553bbaa9a35060f1a194166b53982390
e09640705202c275bf9e6e88c9ad5e83a989bd3868721d643f1932bd4875750a
e0cfa4d00fe7e4849620bd1c5ff226eecc401a33da94ee7dbfbcd6d302dd80df
e136ab2c75ae90f9338087e38c15ad5b2d67e883b5e0647f11b71a10a43713c1
e17ef9c7a2b314b65694fcd9975dcc8172f7ead620f5b17441f8f393d69911c4
e1f61e9ba17a692d70e92eae847d1ed6133faa72178e5204a30e2c5a298fd1b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e631f1c56b5510adac402270a3a80f7167fa6638124ed750ce16c744a5c1dadf
e6843ebbc25aab2ea0a89c3941516fe680ef1c8e24f0cc679cfded40613fac3d
ea2bcf5701d87d34f0a156017a0c4464952c7bb21b03997c17b6e9283b459517
eb62b2b321adf59e57b4fe1ac5e1fdcaf7ab8efed640a528c0bb0ab15ab09289
ebb30e6ee04e954391c5fce3321d205935fee47a5fe84626e871de4779876e14
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
ec39b01c46403315b367713b3d38cc5d6ca4375401e0d39e7b38c435fc8327ff
ed0db7069f82e411f3927a349141d8ef3b878250fe9d6d0ec9d4c96b5a406362
ef8dde69d9880f6c6068b3c41ee9496f9962b36fe50bc1a20512523de5afd7d8
efc3a7ac965ff7be8e6d03a67307eecd8b48a564a98dfd853fe03a8e1d702f78
f03395cf944cf755a4be137fb7d0f1d5da26c52ac33fab166b2a3f17b0bf80a5
f07dc3bb776dedc5385377c3b7cd96499a67a41aed91ff11d3a03571daf94a06
f0e432fe6c86105fd5d8d07877aab0ca1cac7559abe56ea3ef28e3d3b328f6ea
f16dbe23bd8fbde489ab6a9dd3cea0a923de345292054587b8304e675b8cd8bd
f24e10919a1f2cc958f78a95f5980b701a7348bf067c2f063823a4efb4184b90
f483a1933a571853edb373ea40fbd8b18d8cd0de0d9f76e9467141da414fcc92
f63ef78fcc7646c3c5ccf1596cdaa893120f8f417924707d1b7816be1fabff91
f73a3c59251f307e963453ffc6dbb715025a2642e0ddbb14eff98f0320e8b995
f8c64a0c120ee6693befc2053965b39c86ac91f65b0448197ebea09e67678321
f8cad28ce143fab883fb3bf04b6ed87e7de84102b2b44c86a60804f82bac8580
f927c2faf7ebe9fe3e39e541b98c715c285069883b498f2ebe045cc08550f2cf
fb07c2face5cc6c304e2c50246c6c5fdb266c7b2f5a98c2c71d43c80f136b99c
fd2cd8ef74975ca9c35d691765ff028c6f91410a5d426d36c9aa439cfa893be8
ff4460fccd65e471cf1af46da8c20b5d14e88cce41a1199cf6932dcc0faf6354

eu.desmoinesregister.com Open in urlscan Pro 151.101.194.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

100 %HTTPS

0 %IPv6

21 Domains

32 Subdomains

25 IPs

3 Countries

2927 kBTransfer

8667 kBSize

19 Cookies

26 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 61 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

eu.desmoinesregister.com Open in urlscan Pro
151.101.194.62 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

32
Subdomains

25
IPs

3
Countries

2927 kB
Transfer

8667 kB
Size

19
Cookies

178 HTTP transactions
61 data transactions