www.reuters.com Open in urlscan Pro
13.226.155.46 Public Scan

URL: https://www.facebook.com/Reuters

URL: https://www.linkedin.com/company/10256858/

URL: https://stockscreener.us.reuters.com/Stock/US/Index?quickscreen=gaarp
Title: Stock Screener

URL: https://funds.us.reuters.com/US/screener/screener.asp
Title: Fund Screener

URL: https://graphics.reuters.com/USA-POLLING-TRUMP/0100422Q4HZ/index.html
Title: Polling on the President

URL: http://widerimage.reuters.com/
Title: The Wider Image

URL: http://widerimage.reuters.com/photographer
Title: Photographers

URL: https://af.reuters.com/
Title: Africa

URL: https://lta.reuters.com/
Title: América Latina

URL: https://ara.reuters.com/
Title: عربي

URL: https://ar.reuters.com/
Title: Argentina

URL: https://br.reuters.com/
Title: Brasil

URL: https://ca.reuters.com/
Title: Canada

URL: https://cn.reuters.com/
Title: 中国

URL: https://de.reuters.com/
Title: Deutschland

URL: https://es.reuters.com/
Title: España

URL: https://fr.reuters.com/
Title: France

URL: https://in.reuters.com/
Title: India

URL: https://it.reuters.com/
Title: Italia

URL: https://jp.reuters.com/
Title: 日本

URL: https://mx.reuters.com/
Title: México

URL: https://ru.reuters.com/
Title: РОССИЯ

URL: https://uk.reuters.com/
Title: United Kingdom

URL: http://newslink.reuters.com/join/subscribe
Title: OUR NEWSLETTERS

URL: https://www.twitter.com/reuters
Title: Follow Us On Twitter

URL: https://instagram.com/reuters/
Title: Follow Us On Instagram

URL: https://www.youtube.com/user/ReutersVideo
Title: Follow Us On YouTube

URL: https://newslink.reuters.com/join/subscribe
Title: Newsletters

URL: https://www.reutersagency.com/?utm_source=website&utm_medium=reuters&utm_campaign=site-referral&utm_content=us&utm_term=0
Title: Reuters News Agency

URL: https://www.reutersagency.com/en/about/brand-attribution-guidelines/
Title: Brand Attribution Guidelines

URL: https://sales.reuters.com/en
Title: Advertise with Us

URL: https://thomsonreuters.com/en/careers.html
Title: Careers

URL: https://thomsonreuters.com/
Title: Thomson Reuters

URL: https://www.refinitiv.com/en/products/eikon-trading-software
Title: Eikon Information, analytics and exclusive news on financial markets - delivered in an intuitive desktop and mobile interface

URL: https://www.refinitiv.com/en/products/elektron-enterprise-data-management
Title: Elektron Everything you need to empower your workflow and enhance your enterprise data management

URL: https://www.refinitiv.com/en/products/world-check-kyc-screening
Title: World-Check Screen for heightened risk individuals and entities globally to help uncover hidden risks in business relationships and human networks

URL: https://legalsolutions.thomsonreuters.com/law-products/westlaw-legal-research/
Title: Westlaw Build the strongest argument relying on authoritative content, attorney-editor expertise, and industry defining technology

URL: https://tax.thomsonreuters.com/products/brands/onesource/
Title: ONESOURCE The most comprehensive solution to manage all your complex and ever-expanding tax and compliance needs

URL: https://tax.thomsonreuters.com/products/brands/checkpoint/
Title: CHECKPOINT The industry leader for online information for tax, accounting and finance professionals

URL: https://www.thomsonreuters.com/en/policies/copyright.html
Title: © 2020 Reuters. All Rights Reserved.

URL: https://reuters.zendesk.com/
Title: Site Feedback

URL: https://reuters.zendesk.com/hc/en-us/requests/new
Title: Corrections

URL: https://info.evidon.com/pub_info/285
Title: Cookies

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: Privacy Policy

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&gjid=953242767&_gid=1349971867.1597271373&_u=aGDAgEAjQ~&z=2000278550 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&_v=j83&z=2000278550 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&_v=j83&z=2000278550&slf_rd=1&random=2795327319

Request Chain 64

https://sb.scorecardresearch.com/b?c1=2&c2=6035630&ns__t=1597271373629&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271373629&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&c9=&cs_ak_ss=1

158 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request pay= Show response
www.reuters.com/article/us-cyber-cwt-ransom/ 150 KB
34 KB 294ms
249ms Document
text/html 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c4bd3b2e22078b7dd6694df2e5f33051456f8b47605c56c682cbe95a6e583e04

Request headers

:method: GET
:authority: www.reuters.com
:scheme: https
:path: /article/us-cyber-cwt-ransom/pay=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
content-type: text/html;charset=UTF-8
content-length: 34683
content-encoding: gzip
date: Wed, 12 Aug 2020 22:29:32 GMT
expires: Wed, 12 Aug 2020 22:34:32 GMT
last-updatedl: Wed, 12 Aug 2020 22:25:29 GMT
server: nginx
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Is9ExDpSNY1njCP-_5LswZu8DsOUNXM8kESi-4_zSrK2pmJPrrLV0Q==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 70ms
22ms Script
application/javascript 13.226.155.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 01:13:50 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 76550
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 50f438df6dbb947f3e4702890bc9cc06.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 97AFBESXLGJQtiXlLDEJV0M4GdZ8-Rc4KJe3e032bt81nE3-pw_5KA==

GET
H2 200 reuters_bootstrap.js Show response
www.reuters.com/ 21 KB
5 KB 65ms
62ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/reuters_bootstrap.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 22fcd7f43a6991fc5aba362660e9e663cffe967c89f282c59e88df9ad5e810ff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:32 GMT
content-encoding: gzip
server: nginx
age: 178
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 4747
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-id: 4CyqGL2ihw69mwnEzameSpRal6w8Qh9srwBXgT72lL67TnlMNz08hQ==
expires: Wed, 12 Aug 2020 22:26:34 GMT

GET
H2 200 reuters_gpt_bootstrap.js Show response
www.reuters.com/ 49 KB
13 KB 63ms
60ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 22d5918d37b94e4552789480cf9784b05f558bd9e9e9eafae8dff9c383c5c2c2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:32 GMT
content-encoding: gzip
server: nginx
age: 37
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 12956
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-id: MLJKha7qWtqOJpHIdX1ur7hIwhQZIBIH4MOS3uIXvVB7wu53ejxjbA==
expires: Wed, 12 Aug 2020 22:28:55 GMT

GET
H2 200 px.js Show response
s4.reutersmedia.net/resources_v2/js/ 316 B
606 B 102ms
26ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/px.js?ch=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0117695b46b2a986ae9653c89ec1ca81c108ee388b41a1e875fb006cd87accef

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:21:17 GMT
content-encoding: gzip
age: 543
x-cache: Hit from cloudfront
status: 200
content-length: 229
last-modified: Fri, 02 Jun 2017 00:58:04 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 7MbItrNQYV7KMb2DiS5xhEDgB_COEthfaExGt9EHu_bE--lJMjtEHw==
expires: Thu, 13 Aug 2020 00:20:30 GMT

GET
H2 200 px.js Show response
s4.reutersmedia.net/resources_v2/js/ 316 B
605 B 102ms
26ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/px.js?ch=2
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0117695b46b2a986ae9653c89ec1ca81c108ee388b41a1e875fb006cd87accef

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 20:34:55 GMT
content-encoding: gzip
age: 6883
x-cache: Hit from cloudfront
status: 200
content-length: 229
last-modified: Fri, 02 Jun 2017 00:58:04 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: hUVPbQcjplnmyglrRO0SFcxsoBG39Qe-iczlkoCZ_yOPed4o46ZaqQ==
expires: Wed, 12 Aug 2020 22:34:50 GMT

GET
H2 200 core.css
s2.reutersmedia.net/resources_v2/css/ 29 KB
6 KB 95ms
27ms Stylesheet
text/css 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/css/core.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0094fb88b35d7af1bb06790d931e0565f41a965828d0f5cc9479f41716d5f801

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:15:50 GMT
content-encoding: gzip
age: 4471
x-cache: Hit from cloudfront
status: 200
content-length: 5808
last-modified: Mon, 06 Apr 2020 20:45:29 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: jr_8oSD4-rvdCKpRkkd6UMVSIhv0VJ5zZZ1uR3_ckMURUEjCAYm-8w==
expires: Wed, 12 Aug 2020 23:15:02 GMT

GET
H2 200 core-modules.css
s4.reutersmedia.net/resources_v2/css/ 80 KB
13 KB 103ms
27ms Stylesheet
text/css 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/css/core-modules.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: af7b47cb891dac23f49e8711c253bf388f35c9efc0bf379cf9d2bda005d8ed1a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:12:34 GMT
content-encoding: gzip
age: 1038
x-cache: Hit from cloudfront
status: 200
content-length: 12926
last-modified: Thu, 21 Nov 2019 22:07:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: yv1UplDVCEsp0eLEuvoFznxr2ptp40EsPpV-U-d9yM9JRsz7xPpagA==
expires: Thu, 13 Aug 2020 00:12:15 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
s3.reutersmedia.net/resources_v2/js/libraries/ 85 KB
30 KB 86ms
34ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.reutersmedia.net/resources_v2/js/libraries/jquery-2.2.4.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 97eace3bede10fcac04259174542f1192c3fd47b9a17380b12d407cd39983b85

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 00:30:23 GMT
content-encoding: gzip
age: 424875
x-cache: Hit from cloudfront
status: 200
content-length: 30707
last-modified: Thu, 14 Jul 2016 21:23:16 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Gutmy0Yyrh1WAQu5VUu7zdH_Jejp_fk2u92ht1o26Um9dir0uHx9qQ==
expires: Sat, 15 Aug 2020 00:28:18 GMT

GET
H2 200 rcom-search-result.css
www.reuters.com/resources_v2/css/ 12 KB
3 KB 26ms
24ms Stylesheet
text/css 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/resources_v2/css/rcom-search-result.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0ffc6faf5e0661a7eb88f3804ab8e23388de4685474c32f661d2ed1d65bbff96

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 20:39:16 GMT
content-encoding: gzip
age: 6616
x-cache: Hit from cloudfront
status: 200
content-length: 2754
last-modified: Thu, 27 Jul 2017 09:48:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: ryDglh1fArIxFNDmYEZ_vk9rViyWhiarJgmVo98glXzCuUgQi0yeAA==
expires: Wed, 12 Aug 2020 22:39:16 GMT

GET
H2 200 cookie.js Show response
s2.reutersmedia.net/resources_v2/js/libraries/ 2 KB
1 KB 95ms
27ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/libraries/cookie.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c4177b2d65f97ec701dffd86eb6695b742b8a1cc8ffe2a64c1913478ee3c7c78

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 21:16:18 GMT
content-encoding: gzip
age: 90810
x-cache: Hit from cloudfront
status: 200
content-length: 867
last-modified: Fri, 15 Apr 2016 01:03:32 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 4HbXQoC68y9FfPZJLaGLhmMXNoDb6LFddC1jMizG85i0zVEldEO82Q==
expires: Tue, 18 Aug 2020 21:16:03 GMT

GET
H2 200 core.js Show response
s2.reutersmedia.net/resources_v2/js/ 5 KB
2 KB 95ms
28ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/core.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6ab8fd59b244067c23f4bcb9a6bc85edd153bb44f8fd63f8bb90b2e94c7043d0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:12:12 GMT
content-encoding: gzip
age: 4664
x-cache: Hit from cloudfront
status: 200
content-length: 1749
last-modified: Fri, 02 Jun 2017 01:03:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: L3OClw1Cc5amQKTlzI19GSo6LdquobhD4O02I3PpcU8ZTAitCr9SLw==
expires: Wed, 12 Aug 2020 23:11:49 GMT

GET
H2 200 search.js Show response
s2.reutersmedia.net/resources_v2/js/ 9 KB
3 KB 95ms
28ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/search.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b1e7c0988fe58052a50f9f16d8ca71ef607816c3f8fbf059b31d6caccd99d95a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:06:51 GMT
content-encoding: gzip
age: 5892
x-cache: Hit from cloudfront
status: 200
content-length: 2895
last-modified: Mon, 26 Nov 2018 03:24:39 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: wRo1Lh1EyRqEmB-lJj3eVTIrAFdwbvXypU3YVc8iMPhOmhwYknzEoA==
expires: Wed, 12 Aug 2020 22:51:21 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 10ms
9ms Script
application/x-javascript 2600:9000:2182:400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:02:33 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 5219
etag: W/"5d53676c-4a99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: SgLsxaQmjACgJsjqkfL_CCn6ogXBv8bZFZTNa70N10chK4ULH4tMkg==
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
expires: Wed, 12 Aug 2020 23:02:33 GMT

GET
H2 200 core-markets.css
s2.reutersmedia.net/resources_v2/css/ 14 KB
3 KB 95ms
27ms Stylesheet
text/css 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/css/core-markets.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5b88974c8423c217006395b78b5c4158621eea9878954d9207d298db39a52db6

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:13:29 GMT
content-encoding: gzip
age: 4618
x-cache: Hit from cloudfront
status: 200
content-length: 3009
last-modified: Mon, 25 Mar 2019 22:10:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: nEruhOzLIFDjiabHBN_IK3CydmQuGRT0_19xf0zAc0LOJCjLB9vT-A==
expires: Wed, 12 Aug 2020 23:12:35 GMT

GET
H2 200 chartworks.min.js Show response
content.markitcdn.com/www.chartworks.io/content/chartworks/dist/1.4.8/js/ 201 KB
42 KB 172ms
18ms Script
application/javascript 23.34.184.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.markitcdn.com/www.chartworks.io/content/chartworks/dist/1.4.8/js/chartworks.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.34.184.248 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-184-248.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 0b9e118360dd88369b7e0ab5fdd7ef936894bb28b66830acee714156d3d7c81a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
last-modified: Thu, 16 Jul 2020 17:30:22 GMT
server: Akamai Resource Optimizer
status: 200
etag: "5e3906acf9fd51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=1314000
accept-ranges: bytes
content-length: 42769

GET
H2 200 modtoken Show response
apiservice.reuters.com/api/service/ 104 B
432 B 123ms
38ms Script
application/json 13.226.155.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apiservice.reuters.com/api/service/modtoken?method=get&format=json&callback=getChartData&apikey=72461C50B1CEAD3135BA6BDA53B203D3&deviceid=E7CDD293-9C3A-5AB9-9181-58E1B572DD44
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.29 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-29.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: bc86f02e611361fe18b2ff38b4522e1b611a106760283816139b7debe230af0d

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:18 GMT
content-encoding: gzip
server: nginx
age: 15
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
status: 200
reuters-content-api: Spotlight/2.0
x-amz-cf-pop: DUS51-C1
content-length: 117
via: 1.1 375e9ad5042f2098d2251daf2e517c52.cloudfront.net (CloudFront)
x-amz-cf-id: jkj3y2oL82x_fcA_tGhf6sBpmjlWHzUV9hp8JQex7OBth-GGnFSykg==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 456 KB
96 KB 94ms
44ms Script
text/javascript 13.226.145.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.149 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-149.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d2fe32d253b1c23c584887a2d05bba8d56ad3b233081d190be436c70209ead2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: YOeClGqZQucGhTexskvvImiIs1YTWvjr
content-encoding: gzip
etag: "b571ddcfce959fdfb468fd0182ffb999"
age: 161
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 98102
access-control-allow-origin: *
last-modified: Fri, 31 Jul 2020 18:21:37 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 22:26:53 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: jSzLBHd-0luoA4k1lMA-sPeZpxxQztCaOk8eT56cmJrFKeQUFKru2g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
91 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05570487bb3f6249f82ffaaf817889dc909225f80ae76d6f0e6c864465b8304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:32 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93256
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 22:14:25 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 22:29:32 GMT

GET
H2 200 core-header.js Show response
s4.reutersmedia.net/resources_v2/js/ 12 KB
3 KB 95ms
26ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-header.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9d4dfd664b730a77673d24b98d34b3cdce3aa3cbb017c021c6319067ed69ead2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:44:02 GMT
content-encoding: gzip
age: 2765
x-cache: Hit from cloudfront
status: 200
content-length: 2520
last-modified: Mon, 06 Apr 2020 20:45:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: qrMeQw4EuELS9rbUR7VPQPqUmeazyaba8fKMR2CVLxPk1NfvFYMMpQ==
expires: Wed, 12 Aug 2020 23:43:28 GMT

GET
H2 200 core-login.js Show response
s3.reutersmedia.net/resources_v2/js/ 13 KB
2 KB 84ms
39ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.reutersmedia.net/resources_v2/js/core-login.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1aa705b81190551f8bd280dd5d39a29eb654a03ba45282343667bf69eb4b4456

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:07:27 GMT
content-encoding: gzip
age: 1329
x-cache: Hit from cloudfront
status: 200
content-length: 1196
last-modified: Tue, 14 Apr 2020 18:12:01 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: ndBOf7p10GX2uVz4yRM9lEKKJRpd_PVef-m0SkV-uPivGgZSkd9e_A==
expires: Thu, 13 Aug 2020 00:07:24 GMT

GET
H2 200 core-tracking.js Show response
s2.reutersmedia.net/resources_v2/js/ 23 KB
3 KB 89ms
28ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/core-tracking.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9355ad0b5ef8906fbbdec701d87e705460e0011bd3e8ed4231e0b25381e0b6cf

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:02:58 GMT
content-encoding: gzip
age: 1649
x-cache: Hit from cloudfront
status: 200
content-length: 2673
last-modified: Wed, 18 Dec 2019 21:58:22 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Sg8kPcYXx0Ae1v4mLs4jviiCN2BIMztH5yw4lItG9_ns5tn_xQj2iQ==
expires: Thu, 13 Aug 2020 00:02:04 GMT

GET
H2 200 rcom-social-share.js Show response
s2.reutersmedia.net/resources_v2/js/ 17 KB
4 KB 89ms
28ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/rcom-social-share.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 88a461f663347f3a4ce21231f5da1033e8d83d1bae7e083cca1b69fa0bb3b019

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:23:44 GMT
content-encoding: gzip
age: 398
x-cache: Hit from cloudfront
status: 200
content-length: 3541
last-modified: Mon, 26 Nov 2018 03:24:37 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: dwOJOuIgUut5FjU0iymAZi4Q_WPc2W5Y_qZ6BnkS49bO6houaZaTpA==
expires: Thu, 13 Aug 2020 00:22:55 GMT

GET
H2 200 core-lib.js Show response
s2.reutersmedia.net/resources_v2/js/libraries/ 44 KB
13 KB 100ms
40ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/libraries/core-lib.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9268c1faede9be036d0596edf7a2d220e5384bcff038d1f80e3856e2eee46b9e

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 01:33:41 GMT
content-encoding: gzip
age: 593946
x-cache: Hit from cloudfront
status: 200
content-length: 13069
last-modified: Fri, 15 Apr 2016 01:03:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: KLahmi1xdloakoOG5d_UMDuaGZS_r2kUt75Qsa8pp3vjzF3FcWe7Sg==
expires: Thu, 13 Aug 2020 01:30:27 GMT

GET
H2 200 core-modules.js Show response
s4.reutersmedia.net/resources_v2/js/ 7 KB
3 KB 93ms
25ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-modules.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a8f98adb683fc4da002ae7e1831c4f5142a53481135d1a1ec5bc5f085b89e317

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:05:31 GMT
content-encoding: gzip
age: 1481
x-cache: Hit from cloudfront
status: 200
content-length: 2270
last-modified: Fri, 02 Jun 2017 00:56:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 5XUNZS2TWt78k9cJFaQPPEdeIrbOpImH5567uDTEYYRnwt0OTI0AAg==
expires: Thu, 13 Aug 2020 00:04:52 GMT

GET
H2 200 reuters_gpt_bootstrap_footer.js Show response
www.reuters.com/ 1 B
428 B 57ms
55ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/reuters_gpt_bootstrap_footer.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:32 GMT
content-encoding: gzip
server: nginx
age: 67
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 21
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-id: R-lmWoXh8n_Zk_R0qZXX7yN8haST_MB1zlXfV5BUXrMTao9Yuf_CNA==
expires: Wed, 12 Aug 2020 22:28:25 GMT

GET
H2 200 core-rivet.js Show response
s4.reutersmedia.net/resources_v2/js/ 2 KB
1 KB 104ms
36ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-rivet.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 013a2895b9256f25522ed80084bf130e2ab32dcf0c9244439479cd547cb801bf

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:00:31 GMT
content-encoding: gzip
age: 5351
x-cache: Hit from cloudfront
status: 200
content-length: 972
last-modified: Thu, 21 Nov 2019 22:07:08 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: a3p56x_oXsRMeABEoazJwrFfOB8sVsw3imVKRbbYrNcnC3wG4W_16w==
expires: Wed, 12 Aug 2020 23:00:22 GMT

GET
H2 200 core-rage.js Show response
s4.reutersmedia.net/resources_v2/js/ 2 KB
1 KB 95ms
28ms Script
application/javascript 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-rage.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5780e3e9ddef741fb88c5384e025d45d00478732610f1d20555bdc721ea9d19e

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:30:59 GMT
content-encoding: gzip
age: 3583
x-cache: Hit from cloudfront
status: 200
content-length: 744
last-modified: Thu, 21 Nov 2019 22:07:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: pqg3bH17gMZul3_8bzeuyaYaDWVtR9v6mB4UvXh3BR63sWMoGgSBiw==
expires: Wed, 12 Aug 2020 23:29:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4432
date: Wed, 12 Aug 2020 21:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 12 Aug 2020 23:15:40 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 74 KB
29 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TBBXQQ&t=gtm2&cid=262564930.1597271373

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5275e53dca9e7f8cb2741c3e11050df06b6d9167b088dbd8e0ce59052aa97556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:52:18 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 22:29:33 GMT

GET
H2 200 sprites-arrows.png
s4.reutersmedia.net/resources_v2/images/ 28 KB
11 KB 30ms
29ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.reutersmedia.net/resources_v2/images/sprites-arrows.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b6d07224613ccebc5e94e0fbf7a5ede63c955cacbf1373ee8a3119ac4db98a9f

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:49:37 GMT
content-encoding: gzip
age: 78169
x-cache: Hit from cloudfront
status: 200
content-length: 10521
last-modified: Wed, 12 Apr 2017 02:55:02 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Xeo2OTZRWFwGEA48HgrGcFislE7BiS-pGwZk1nHs981M7cLAL49q9g==
expires: Thu, 13 Aug 2020 00:46:44 GMT

GET
H2 200 r-logo.png
s3.reutersmedia.net/resources_v2/images/ 33 KB
31 KB 27ms
26ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/r-logo.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 63b1ebf0de23fce0a5b2a746d6fd5f9e88bf4a69d73f146448a3a88b0a0e3b29

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 20:57:18 GMT
content-encoding: gzip
age: 5546
x-cache: Hit from cloudfront
status: 200
content-length: 31511
last-modified: Fri, 04 Nov 2016 12:33:53 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 2RQz3050ViX4q8rGECP5g4kVDA30owpGNwdHfS-K-48UFHpAipdekA==
expires: Thu, 13 Aug 2020 20:57:07 GMT

GET
H2 200 r-logo-sm.png
s3.reutersmedia.net/resources_v2/images/ 18 KB
17 KB 41ms
40ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/r-logo-sm.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c0072073b75cc3c79adcbe1c8c395a42ac4b9c567da70802d772e087d5e08873

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 12:29:37 GMT
content-encoding: gzip
age: 35997
x-cache: Hit from cloudfront
status: 200
content-length: 17410
last-modified: Fri, 15 Apr 2016 01:03:28 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: nc2xcnILzIjKUozZUVUGNrV4X5Og11oUlqrs1S48mA85fHlcsSpiQA==
expires: Thu, 13 Aug 2020 12:29:36 GMT

GET
H2 200 sprites-icons.png
s4.reutersmedia.net/resources_v2/images/ 7 KB
7 KB 31ms
30ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.reutersmedia.net/resources_v2/images/sprites-icons.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e4976438d6fc94da31bcd73c3ad1368e08dbcdb94143162e6a2e0748da7cffb0

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 23:11:44 GMT
content-encoding: gzip
age: 83869
x-cache: Hit from cloudfront
status: 200
content-length: 7066
last-modified: Fri, 15 Apr 2016 01:03:29 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: rFH1K-Oiu8ipuEKbBKgckjm5_UGHo-gJFq3jpkIgzDOg4j8EOyfLow==
expires: Wed, 12 Aug 2020 23:11:44 GMT

GET
H2 200 Knowledge-Regular.woff
static.reutersmedia.net/resources_v2/fonts/ 24 KB
24 KB 78ms
27ms Font
application/x-font-woff 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Regular.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Origin: https://www.reuters.com

Response headers

date: Tue, 11 Aug 2020 21:17:09 GMT
content-encoding: gzip
age: 250487
x-cache: Hit from cloudfront
status: 200
content-length: 24249
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 59ilbY9AVBRw8_rx64eyy5LMZuNNq8JTJ1HSIdlbD6eawJ0pNmOojA==
expires: Mon, 17 Aug 2020 00:54:46 GMT

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ 24 KB
24 KB 83ms
40ms Font
application/x-font-woff 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Origin: https://www.reuters.com

Response headers

date: Wed, 12 Aug 2020 00:20:51 GMT
content-encoding: gzip
age: 80240
x-cache: Hit from cloudfront
status: 200
content-length: 24497
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: s39AkvXTFadnAXe76REDG2OMnYMynOw4ETwGqXencx_fCV3WY5X4cA==
expires: Wed, 19 Aug 2020 00:12:13 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
929 B 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:23:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 345
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 12 Aug 2020 23:23:48 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
141 B 523ms
173ms XHR
application/json 54.68.229.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.229.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-229-68.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 12 Aug 2020 22:29:33 GMT
access-control-allow-origin: https://www.reuters.com
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 187 B
267 B 106ms
105ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=reuters.com&domain=reuters.com&path=%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d97c5813043974dfa32893162403858a3dc1476ceba3dbd0ae03d5512c090e78

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 147
x-served-by: cache-hhn4070-HHN
access-control-allow-origin: *
x-timer: S1597271373.263019,VS0,VE99
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 10 Aug 2020 22:29:33 GMT

GET
H2 200 rcom-sprite.png
s2.reutersmedia.net/resources_v2/images/ 26 KB
26 KB 26ms
25ms Image
image/png 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.reutersmedia.net/resources_v2/images/rcom-sprite.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b53885cc9721ff3334410434e3c0f81fc745d258b461fb31aca1843b5d9559d1

Request headers

Referer: https://www.reuters.com/resources_v2/css/rcom-search-result.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:05:09 GMT
content-encoding: gzip
age: 80664
x-cache: Hit from cloudfront
status: 200
content-length: 26022
last-modified: Mon, 29 Jun 2015 03:07:14 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 821feb380ab4aeca6ae9157aa1190ff2.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: DokzwNA4qlcRVy7B2gN-ya3fN5f1Eygs7qxWI3HaxIiVd80E9mxzKw==
expires: Thu, 13 Aug 2020 00:05:09 GMT

GET
H2 200 Knowledge-Light.woff
static.reutersmedia.net/resources_v2/fonts/ 24 KB
24 KB 26ms
26ms Font
application/x-font-woff 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Light.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 41d8a4b3ea02cd01fa69fef7e72e23a996d65aa85bf6864c0c8a3d18cb0c2466

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Origin: https://www.reuters.com

Response headers

date: Wed, 12 Aug 2020 00:49:47 GMT
content-encoding: gzip
age: 78137
x-cache: Hit from cloudfront
status: 200
content-length: 24424
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 9Ozw4E_zn52vCUnreWg91NfSur7XEyBLMJTS4-BdJsZC5aXwofP4FQ==
expires: Wed, 19 Aug 2020 00:47:16 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 74 KB
29 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KBK7743&cid=262564930.1597271373

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27e82c492f540e004c53ca737312f529855e6cccc41b96a5f9661f662156e620

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29824
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:52:18 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 22:29:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: tOow3KZ6OfZO4McBbEg5hX/5NV0UTwK+NCCRDGIiY0RQLCxpb0YI4pZIL/GxOQFs7yHBgvNqidJNx7NE0QFiJQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 12 Aug 2020 22:29:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK price
api.markitondemand.com/apiman-gateway/MOD/chartworks-image/1/Chart/ 15 KB
15 KB 637ms
168ms Image
image/png 209.234.234.15
WALLSTREET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.markitondemand.com/apiman-gateway/MOD/chartworks-image/1/Chart/price?inputs=%7B%22symbol%22%3A%22.SPX%22%2C%22realTime%22%3Afalse%2C%22cultureCode%22%3A%22en-US%22%2C%22fontColor%22%3A%22%23999999%22%2C%22fontSize%22%3A18%2C%22upperPanelHeight%22%3A144%2C%22lowerPanelHeight%22%3A0%2C%22numDays%22%3A1%2C%22priceLineColor%22%3A%22%23ff8000%22%2C%22priceLineWidth%22%3A3%2C%22showVolume%22%3Afalse%2C%22volumeColor%22%3A%22%23ff8000%22%2C%22width%22%3A556%2C%22xGridLineColor%22%3A%22%23ffffff%22%2C%22xGridLineWidth%22%3A1%2C%22yGridLineColor%22%3A%22%23dddddd%22%2C%22yGridLineWidth%22%3A1%7D&access_token=HqkbTe2fkFBGz4buvSbnznfq6f3F

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.234.234.15 , United States, ASN7334 (WALLSTREET, US),

Reverse DNS

Software

Resource Hash

c8c328a290022020d5d1c7fb4e8443b2afafaa72fa253d26053d3fad082ebf40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:29:33 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: private
Connection: keep-alive
Content-Length: 15525

GET
H2 200 breakingNews Show response
www.reuters.com/assets/ 67 B
469 B 126ms
126ms Script
application/json 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/assets/breakingNews?view=json&sp=drawBreakingNews
Requested by: Host: s2.reutersmedia.net
URL: https://s2.reutersmedia.net/resources_v2/js/search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 951a8278d3c8c2ab5de7d8b59a922638b513e32e4dc1dd76e3911fb6090d9789

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
browser-expires: Wed, 12 Aug 2020 22:29:33 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 67
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-id: gaDHE7jTT65_rppfmjI8Y9KJpjACLbkQqe5CGq70GmDSdZWsWuhGww==
expires: Wed, 12 Aug 2020 22:34:33 GMT

GET
H2 200 breakingNews Show response
www.reuters.com/assets/ 70 B
441 B 56ms
55ms Script
application/json 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/assets/breakingNews?view=json&sp=drawNonEditBanner
Requested by: Host: s2.reutersmedia.net
URL: https://s2.reutersmedia.net/resources_v2/js/search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5d1b68ddb0016d3c2a2608da629aa23f7e5347bcda824e2555f0184a5bd62b2f

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
server: nginx
age: 7
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 70
x-amz-cf-id: 4ALQMktipmGnB_4C7nE_wupLJX_dGmzjTYhGbMOfOKEQe3hu9OCd7g==
expires: Wed, 12 Aug 2020 22:29:26 GMT

GET
H2 200 sprites-social-sm.png
s3.reutersmedia.net/resources_v2/images/ 18 KB
18 KB 25ms
24ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/sprites-social-sm.png
Requested by: Host: s3.reutersmedia.net
URL: https://s3.reutersmedia.net/resources_v2/js/libraries/jquery-2.2.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2b21fd1e6c9e4098735e7fbc5d68fe033f4a26563370ccab1537c186999f762f

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:54:06 GMT
content-encoding: gzip
age: 77727
x-cache: Hit from cloudfront
status: 200
content-length: 18216
last-modified: Fri, 15 Apr 2016 01:03:29 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: un0nUuVNuhUG9HmxILhPfCIVYJjeNkkqv1ahH5dBqy-5O__ap546Zw==
expires: Thu, 13 Aug 2020 00:54:06 GMT

GET
H2 200 sprites-social.png
s3.reutersmedia.net/resources_v2/images/ 14 KB
14 KB 26ms
26ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/sprites-social.png
Requested by: Host: s3.reutersmedia.net
URL: https://s3.reutersmedia.net/resources_v2/js/libraries/jquery-2.2.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1cbc284ea3e3c890ea3c373cb7fb7472568453c018baefb44ae8a652da1445a0

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:49:37 GMT
content-encoding: gzip
age: 80425
x-cache: Hit from cloudfront
status: 200
content-length: 13541
last-modified: Fri, 15 Apr 2016 01:03:29 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: o8Zmqlf5bzv3Qq0gC4O7JRj1n4IAGEbn8JEW9-L3MTJz3x98UxihzQ==
expires: Thu, 13 Aug 2020 00:09:08 GMT

GET
H/1.1 200
OK service Show response
async01.admantx.com/admantx/ 62 B
257 B 131ms
34ms Script
text/plain 54.247.116.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async01.admantx.com/admantx/service?request=%7B%22key%22%3A%22234330834c41105ad5ed794fa036e085b40225c44f9228bb9e2692f427917605%22%2C%20%22decorator%22%3A%22template.reuters%22%2C%20%22filter%22%3A%5B%22default%22%5D%2C%20%22method%22%3A%22descriptor%22%2C%20%22mode%22%3A%22async%22%2C%20%22type%22%3A%22URL%22%2C%20%22body%22%3A%22https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpay%253D%22%7D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.116.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-116-142.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: b68ef84092a1b0e218c39af2a4133261f35e2f68c80378a322653922fa5fdc50

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 12 Aug 2020 22:29:33 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 62
Content-Type: text/plain; charset=UTF-8

GET
H2 200 312961195854690 Show response
connect.facebook.net/signals/config/ 525 KB
132 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312961195854690?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

887acf8d48deb6cf8681da13ee39f83b4692d894caf76d56ddcb4ab10cd5fbc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135382
x-xss-protection: 0
pragma: public
x-fb-debug: BkyfJIcIcEOgNOTKKIxl/ywayJM1WQyDg+y3y/Bp4J0Dw0WJhRm3SFr5YUzm9VXlxxufQnHhPauvLvBykM0b1g==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 12 Aug 2020 22:29:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 reuters.js Show response
tru.am/scripts/custom/ 1 KB
606 B 21ms
20ms Script
application/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/reuters.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f23d93c9b8e3ca26f6fcc6be6a8d087e43a3f5795daa3c61017071642f66f3c

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 2231724
x-guploader-uploadid: AAANsUlK-rhqWIaSronpM69LDK3tSKdIlWTr545LHnYUXX1YBJwnHqKhyvJA1BK1p6ChhuoYauFsuyxDZP87axzJFw
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0486640e7e00009ab05c1af200000001
last-modified: Fri, 19 Apr 2019 06:14:57 GMT
server: cloudflare
etag: W/"40b7d4de06dae04ec0d6537ef2f54db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=e3JHUg==, md5=QLfU3gba4E7A1lN+8vVNuA==
x-goog-generation: 1555654497328861
content-type: application/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 1056
cf-ray: 5c1da2c3ff339ab0-FRA
expires: Sat, 18 Jul 2020 03:34:09 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 26ms
26ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tinypass.com/xbuilder/experience/load?aid=TIDovF4cqC
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1dc64fac45e75fffefbd76f176c6ea118ab79b88b3efddc5642d4e7c76d4fe

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 1798
p3p: CP="NON DSP COR OUR IND"
status: 200
x-forwarded-https: on
cf-request-id: 0486640e7f0000061447383200000001
x-request-id: Cb31zeqkEsp
wn: prod-exp-10-0-113-165
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 5c1da2c3ff020614-FRA
expires: Wed, 12 Aug 2020 22:59:33 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=97206452&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&dp=%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Reuters.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjQ~&jid=1152565570&gjid=953242767&cid=262564930.1597271373&tid=UA-24152976-22&_gid=1349971867.1597271373&cd8=0&cd9=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd3=%20-%20&z=2134620896

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jul 2020 21:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1817816
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&gjid=953242767&_gid=1349971867.1597271373&_u=aGDAgEAjQ~&z=2000278550
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&_v=j83&z=2000278550
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&_v=j83&z=2000278550&slf_rd=1&random=2795327319

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&_v=j83&z=2000278550&slf_rd=1&random=2795327319

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=262564930.1597271373&jid=1152565570&_v=j83&z=2000278550&slf_rd=1&random=2795327319
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 35 KB
12 KB 17ms
16ms Script
application/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 2231738
x-guploader-uploadid: AAANsUlz9Yip85RfgS4jGavu6PDS8YEyP7WdDck7YcMKysD_x9qSJ9Qiyi4E5v-ygmEAlwDD_aGRLlN8Bnsmjdj3lw
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0486640e9f00009ab05c1b2200000001
last-modified: Fri, 19 Apr 2019 06:14:55 GMT
server: cloudflare
etag: W/"942d5ae1e512ccdf18813550428dd002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=O7AZFg==, md5=lC1a4eUSzN8YgTVQQo3QAg==
x-goog-generation: 1555654495662585
content-type: application/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 35540
cf-ray: 5c1da2c43f509ab0-FRA
expires: Sat, 18 Jul 2020 03:33:55 GMT

GET
H2 200 ads.js Show response
www.reuters.com/ 112 B
523 B 55ms
55ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/ads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7464555aae6d8d87b77f7170fba1698ff64f7454ded58627ca1819246e9a9969

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
server: nginx
age: 68
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 116
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-id: v8R7II4U0UlDVOuz7uRUJ0-OjpqEwVd-hnQ4e-4T2H_-Q5GV89jWhQ==
expires: Wed, 12 Aug 2020 22:28:25 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 385 KB
121 KB 26ms
26ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tinypass.com/api/tinypass.min.js
Requested by: Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=TIDovF4cqC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad590c30e8e0ef2b2539b0f1a7e4e4da38a6a7b2a8b3f88048338c22da590253

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 239
p3p: CP="NON DSP COR OUR IND"
status: 200
x-forwarded-https: on
cf-request-id: 0486640ea10000061447386200000001
wn: prod-dash-10-0-127-211
last-modified: Tue, 11 Aug 2020 16:55:24 GMT
server: cloudflare
etag: W/"394506-1597164924000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 5c1da2c43fa40614-FRA
expires: Wed, 12 Aug 2020 22:34:33 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 2 KB
1 KB 137ms
137ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tinypass.com/xbuilder/experience/execute?aid=TIDovF4cqC
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef6bcc89140b19386776633875be0c5ea14c2f52039ec6adca961675ff89e4dc

Request headers

Accept: */*
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
status: 200
x-forwarded-https: on
cf-request-id: 0486640efb000006144738d200000001
x-request-id: C9h2zeqZmAc
pragma: no-cache
wn: prod-exp-10-0-84-86
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c1da2c4c9010614-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 58ms
20ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:29:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H2 200 gwiq.js Show response
gwiqcdn.globalwebindex.net/gwiq/ 6 KB
6 KB 40ms
13ms Script
application/javascript 35.201.93.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.93.216 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 216.93.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:21:21 GMT
age: 492
x-guploader-uploadid: AAANsUkabF2BZfX1SoVIchexhTu-cgx1BPpMSJMlJXu6Ebl6KJ3XPgIvXRhLgdcHy3mJKASNvqwX1MNvcdnGYcRvFPY
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 5766
last-modified: Wed, 15 Apr 2020 08:49:27 GMT
server: UploadServer
etag: "aba61abde9777087262fb27526ba1ef6"
x-goog-hash: crc32c=yYfjgA==, md5=q6Yavel3cIcmL7J1Jroe9g==
x-goog-generation: 1586940567400828
cache-control: public, max-age=3600
x-goog-stored-content-length: 5766
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 Aug 2020 23:21:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312961195854690&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&rl=&if=false&ts=1597271373593&sw=1600&sh=1200&v=2.9.23&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1597271373592.1028739705&it=1597271373423&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 22:29:33 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 56 KB
15 KB 58ms
19ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 731ebb6e8eb86eb45b6e7269a9374d1ac90533bfca3a81774dfe51f84fee2f92

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 14733
last-modified: Wed, 05 Aug 2020 19:47:31 GMT
server: AkamaiNetStorage
etag: "9ed00dc4b4ef73cfa3427a0b9764a8d0:1596656851.752407"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 294 B
477 B 69ms
30ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 39699ef2ff7f4cfc54b00ba69dbc53473370396c94a44cb770e2e6fb09310168

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 23:38:16 GMT
server: AkamaiNetStorage
status: 200
etag: "5dbb6cae5cbc58bc9b615e88f73e0b65:1584229096.969986"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 200

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/1237/ 48 KB
4 KB 70ms
32ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1237/snthemes.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 78d7768fb1213eced669894455aac7c1bfb17452b25ef69859ab7617cb85856f

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 3701
last-modified: Fri, 26 Jun 2020 14:04:50 GMT
server: AkamaiNetStorage
etag: "250e5fd831f93b742b230a49f56ee029:1593180290.533778"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/1237/reuters/ 19 KB
3 KB 71ms
32ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1237/reuters/settings.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7962dce1427363ac8964c27e8a221d2b6f320fa55f7e32df3508b288d99ff915

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 2681
last-modified: Wed, 01 Jul 2020 02:14:34 GMT
server: AkamaiNetStorage
etag: "ab26685e301ed5649625ade2ef42d4cf:1593569674.617377"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035630&ns__t=1597271373629&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271373629&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%...

0
528 B

20ms
20ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271373629&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&c9=&cs_ak_ss=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 22:29:33 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271373629&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 12 Aug 2020 22:29:33 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/1237/translations/ 65 KB
6 KB 19ms
19ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1237/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0301abe27c75fe3b60eff31ce1d31238c9b84d4f36c037bacf0a8656b6a6fb45

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 5633
last-modified: Wed, 01 Jul 2020 01:41:52 GMT
server: AkamaiNetStorage
etag: "e21cd11f7f077dfa60a4974f4e56a950:1593567712.14839"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H2 200 evidon-barrier.js Show response
c.evidon.com/sitenotice/ 14 KB
4 KB 19ms
19ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-barrier.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 33a31901a144a24e7f7153b2ec965007bb58abea0129ec9e7691d468f959569b

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 4195
last-modified: Wed, 05 Aug 2020 19:47:32 GMT
server: AkamaiNetStorage
etag: "7f2ec5e4f730c536377c12dea517d463:1596656852.545031"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H2 200 iabevidonmapping.js Show response
iabmap.evidon.com/ 8 KB
3 KB 9ms
9ms Script
application/javascript 2600:9000:2182:5a00:10:27b4:f500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://iabmap.evidon.com/iabevidonmapping.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:5a00:10:27b4:f500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21a22ffbb31ae72c9efc1970ad750dc83454831721ca163bc6cda04dae21a7d7

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 10:53:59 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 19:37:07 GMT
server: AmazonS3
age: 41735
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: YQ98hvmgS8L4VM_ZetgJmubbg6k5hQq3Pembc81S6JJ_WKS173MxYw==
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)

GET
H2 200 evidon-cmp.js Show response
c.evidon.com/sitenotice/ 22 KB
7 KB 19ms
19ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-cmp.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 15b35c3833a358a2d4da3777fc699f98434d8ad633f05f18b0189ff9425d6ec6

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 6629
last-modified: Wed, 05 Aug 2020 19:47:32 GMT
server: AkamaiNetStorage
etag: "e61a04bf376822e01eb2bff13a2813cd:1596656852.758443"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:29:33 GMT

GET
H2 204 2
l.betrad.com/site/v3/1237/5669/8/1/3/ 0
120 B 334ms
111ms Image
text/plain 34.231.28.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/1237/5669/8/1/3/2?consent=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.28.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-28-41.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js Show response
cdn.permutive.com/ 177 KB
41 KB 59ms
28ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2df439d2fb94c54fe2d14bae4aa14f88cbdb244d7bf6d303d02262e5a91365

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 2902
x-guploader-uploadid: AAANsUn7hj4aX64T-QfiYpkiGwI2kamr7fzPaXYw7tHrh2SvWGutwHvSCqf5N-PLyYzsOUItrGxCkw47V87chkTtP40
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
cf-request-id: 0486640fa100000c213bb05200000001
last-modified: Tue, 11 Aug 2020 18:38:14 GMT
server: cloudflare
etag: W/"ebce3517c2fba4e144934a04441bb645"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WJAUPA==, md5=6841F8L7pOFEk0oERBu2RQ==
x-goog-generation: 1597171094807240
cache-control: public, max-age=300
x-goog-stored-content-length: 44206
cf-ray: 5c1da2c5cd810c21-AMS
expires: Wed, 12 Aug 2020 22:34:33 GMT

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 440 KB
124 KB 104ms
66ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

71b25d199469a6437603c755982ce14d79e8f22170edc880fcb8ab07a011d21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:29:33 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
expires: Wed, 12 Aug 2020 22:59:33 GMT

GET
H2 204 61500
l.betrad.com/site/v3/1237/5669/8/5/3/2/ 0
120 B 324ms
134ms Image
text/plain 34.231.28.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/1237/5669/8/5/3/2/61500?consent=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.28.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-28-41.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 61500
l.betrad.com/site/v3/1237/5669/8/1/3/2/ 0
120 B 302ms
112ms Image
text/plain 34.231.28.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/1237/5669/8/1/3/2/61500?consent=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.28.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-28-41.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 vendorlist.json Show response
www.reuters.com/json/api/ 89 KB
89 KB 56ms
56ms XHR
application/json 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/json/api/vendorlist.json
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 61c564503fd8c3d2e54685465eaac1999b423c7a7c85fc40f6ac16fc95b44110

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
server: nginx
age: 50
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 90787
x-amz-cf-id: dJc3jsvf7wReHiGVOCi8aXSSc8EP3EBeLS8dxBqAu17Rn8t69Tf7Ng==
expires: Wed, 12 Aug 2020 22:28:43 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 99 KB
18 KB 11ms
10ms XHR
application/json 2600:9000:2182:6a00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:6a00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca16dd3adebfcc177d21d8fe9fa1f3f1659479394e1c142b27d96cba5bf85058

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 16:11:52 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 541062
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 06 Aug 2020 16:00:36 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: iUD8pa64KfvldrKJx93Vo4wA6Cnzn4uC
via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: VsSmqptTzoeXNL3jox56U3IG8LR-V9hJEECtgmUuFRBU-3tkDrnCeg==

GET
H2 200 getcookie Show response
evidon.mgr.consensu.org/iab/ 169 B
382 B 346ms
125ms Script
text/javascript 3.229.146.249
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://evidon.mgr.consensu.org/iab/getcookie
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.146.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-146-249.compute-1.amazonaws.com
Software: /
Resource Hash: 9b133863146a5f391e8cee0842cafc7498ae89b6f79edbecfc842055342c1fe2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
x-amzn-requestid: caa91bed-2ebc-40e8-818f-50ebdf136df7
status: 200
content-type: text/javascript
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f346d4e-0d9e934927265338b5d9a741;Sampled=0
x-amz-apigw-id: RLYENEEpIAMF1nw=
content-length: 169

GET
H2 200 tc.js Show response
contextual.media.net/ 11 KB
7 KB 30ms
30ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tc.js?&tpkey=TB4M82W&size=300x250&v=19&nat=1&https=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

3c0d27b79bfe51d6abbc99eb79bd7731804fa80823d85bce422ee364185c6126

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:29:33 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=172800
content-length: 6573
expires: Fri, 14 Aug 2020 22:29:33 GMT

GET
H2 200 tc.js Show response
contextual.media.net/ 13 KB
8 KB 29ms
29ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tc.js?&tpkey=T645KQG&size=728x90&v=19&nat=1&https=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

d27b59be0fa35fd199035fb3d095a553cf11e6c7b44d583b2942650fc3da5977

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:29:33 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=172800
content-length: 7712
expires: Fri, 14 Aug 2020 22:29:33 GMT

GET
H2 200 px.gif
contextual.media.net/ 43 B
206 B 19ms
19ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/px.gif?&ch=1&vn=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
last-modified: Wed, 19 Jul 2017 10:11:12 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
status: 200
cache-control: max-age=984063
accept-ranges: bytes
content-length: 43
expires: Mon, 24 Aug 2020 07:50:36 GMT

GET
H/1.1 200
OK px.gif
s.mnet-ad.net/ 43 B
356 B 391ms
128ms Image
image/gif 66.81.204.228
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.mnet-ad.net/px.gif?&ch=2&vn=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.81.204.228 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:29:34 GMT
Last-Modified: Wed, 19 Jul 2017 10:11:12 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=128
Content-Length: 43
Expires: Wed, 26 Aug 2020 22:29:34 GMT

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 49 KB
50 KB 58ms
28ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1---&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=391166652*9%7C300x600%7C8CUD609M7%7C362622121%7C%7C%7C1%40391166652*23%7C300x250~300x600%7C8CUF1VN4G%7C12762257~12762257%7C%7C%7C1%40391166652*29%7C300x250~300x600%7C11384%7C31484_123996_15~31484_123996_10%7C%7C%7C1%40391166652*51%7C300x250~300x600%7C973973%7C11084976~11084976%7C0.07%7C%7C1%40391166652*59%7C300x250~300x600%7C8CUF1VN4G%7C_112891~_112891%7C0.07%7C%7C1%40391166652*74%7C300x250~300x600%7C1113800%7C12209207~12209207%7C%7C%7C1%40391166652*84%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652%7C%7C%7C3%40391166652*97%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C0.63%7C%7C1%40391166652*108%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*117%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*145%7C300x600~300x250%7C100600%7C147215~147215%7C%7C%7C1%40391166652*172%7C300x250~300x600%7C8CUF1VN4G%7C15331955~15331955%7C0.06%7C%7C1%40391166652*175%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C0.01%7C%7C1%40391166652*178%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*201%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*203%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*214%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*222%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*3007%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*3010%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*3015%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652~391166652%7C%7C%7C3%40451439109*9%7C300x250%7C8CUD609M7%7C155187763%7C%7C%7C1%40451439109*23%7C300x250%7C8CUF1VN4G%7C12762293%7C%7C%7C1%40451439109*29%7C300x250%7C11384%7C31484_123998_15%7C%7C%7C1%40451439109*51%7C300x250%7C973973%7C11084979%7C0.07%7C%7C1%40451439109*59%7C300x250%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1%40451439109*84%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109%7C%7C%7C3%40451439109*97%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C0.63%7C%7C1%40451439109*108%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*117%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*145%7C300x250%7C100600%7C147218%7C%7C%7C1%40451439109*172%7C300x250%7C8CUF1VN4G%7C15331958%7C0.06%7C%7C1%40451439109*175%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C0.01%7C%7C1%40451439109*178%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*203%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*214%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*222%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*3007%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*3010%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*3014%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40518121357*9%7C728x90%7C8CUD609M7%7C996968123%7C%7C%7C1%40518121357*23%7C728x90%7C8CUF1VN4G%7C12762293%7C%7C%7C1%40518121357*29%7C728x90%7C11384%7C31484_123998_2%7C%7C%7C1%40518121357*51%7C728x90%7C973973%7C11084978%7C0.69%7C%7C1%40518121357*59%7C728x90%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1%40518121357*84%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357%7C%7C%7C3%40518121357*97%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C0.63%7C%7C1%40518121357*108%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*117%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*145%7C728x90%7C100600%7C147217%7C%7C%7C1%40518121357*172%7C728x90%7C8CUF1VN4G%7C15331957%7C0.06%7C%7C1%40518121357*175%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C0.01%7C%7C1%40518121357*178%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*203%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*214%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*222%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*3007%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*3010%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*3014%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40612341223*23%7C728x90%7C8CUF1VN4G%7C12762257%7C%7C%7C1%40612341223*29%7C728x90~970x250%7C11384%7C31484_123996_2~31484_123996_57%7C%7C%7C1%40612341223*51%7C728x90%7C973973%7C11084975%7C0.69%7C%7C1%40612341223*59%7C728x90~970x250%7C8CUF1VN4G%7C_112891~_112891%7C0.07%7C%7C1%40612341223*74%7C728x90~970x250%7C1113800%7C12209209~12209209%7C%7C%7C1%40612341223*84%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223%7C%7C%7C3&crid=391166652%2C451439109%2C518121357%2C612341223&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=237164109330977271597271373892&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.591479499804257&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1541%7D&itype=HB&cc=NL&ct=AMSTERDAM&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19&isRefresh=0&switch=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5f6be4d20a7bd54db732a72241cf5c7f7f741c3dcd1c66a07c7dce910c7e4c2e

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:33 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:29:33 GMT

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 18 KB
19 KB 80ms
51ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1---&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=612341223*9%7C728x90~970x250%7C8CUD609M7%7C813012502~450341239%7C%7C%7C1%40612341223*97%7C728x90~970x250%7C8CUF1VN4G%7C612341223_8CUF1VN4G~612341223_8CUF1VN4G%7C0.63%7C%7C1%40612341223*108%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*117%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*145%7C728x90~970x250%7C100600%7C147214~147214%7C%7C%7C1%40612341223*172%7C728x90~970x250%7C8CUF1VN4G%7C15303527~15303527%7C0.06%7C%7C1%40612341223*175%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C0.01%7C%7C1%40612341223*178%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C1%40612341223*203%7C728x90~970x250%7C8CUF1VN4G%7C612341223_8CUF1VN4G~612341223_8CUF1VN4G%7C%7C%7C1%40612341223*214%7C970x250~728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G~612341223_8CUF1VN4G%7C%7C%7C1%40612341223*222%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C1%40612341223*3007%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*3010%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*3015%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223~612341223%7C%7C%7C3%40894667540*9%7C300x250%7C8CUD609M7%7C611759711%7C%7C%7C1%40894667540*59%7C300x250%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1%40894667540*97%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C0.63%7C%7C1%40894667540*175%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C0.01%7C%7C1%40894667540*178%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*201%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*203%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*214%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*222%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1&crid=612341223%2C894667540&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=371882309430736911597271373896&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.9656355954158455&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1541%7D&itype=HB&cc=NL&ct=AMSTERDAM&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19&isRefresh=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 151b001c979077dc3715fe6d292746bf2e25fe8efe2801188964c21a522fefb4

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:33 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:29:33 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
18 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e27791fc42d736f641254f4c2d1227f8c6570dd68eed9f6be6c33214b801b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "600 / 78 of 1000 / last-modified: 1597270389"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18767
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:29:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.reuters.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.reuters.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020080501.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 97ms
52ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Aug 2020 08:42:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94052
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312961195854690&ev=Microdata&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&rl=&if=false&ts=1597271374097&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%20%7C%20Reuters.com%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs4.reutersmedia.net%2Fresources_v2%2Fimages%2Frcom-default.png%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22U.S.%22%2C%22og%3Atitle%22%3A%22Page%20Not%20Found%20%7C%20Reuters.com%22%2C%22og%3Atype%22%3A%22section%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Page%20Not%20Found%20%7C%20Reuters.com%22%2C%22url%22%3A%22https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D%22%2C%22thumbnailUrl%22%3A%22%22%2C%22dateCreated%22%3A%22%22%2C%22description%22%3A%22%22%2C%22publisher%22%3A%22Reuters%22%2C%22creator%22%3A%5B%5D%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.23&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1597271373592.1028739705&it=1597271373423&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 476 B
709 B 96ms
36ms XHR
application/json 52.50.154.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10764&slot=%7Bid:div_gpt_lb,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&slot=%7Bid:div_gpt_mpu,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&slot=%7Bid:div_gpt_mpulow,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=33c2d99e-cdba-f069-df25-29aa843ea53a&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpay%253D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.154.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-154-233.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fcefb69ab1573c6dd82f4f62b302548e21864d4c1c2dbc95029f2c58231d1d0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
x-server-name: app19.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 233 B
465 B 94ms
35ms XHR
application/json 52.50.154.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10764&slot=%7Bid:marketslogo,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=33c2d99e-cdba-f069-df25-29aa843ea53a&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpay%253D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.154.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-154-233.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1c0968d629f3f4bf31fed381ee116bc4932ecafdb14173d3586564a629ea12cb

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
x-server-name: app10.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 240 B
473 B 92ms
34ms XHR
application/json 52.50.154.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10764&slot=%7Bid:marketslogo-bottom,s:%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=33c2d99e-cdba-f069-df25-29aa843ea53a&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpay%253D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.154.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-154-233.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f2383e7ee9a672dfda9896f0f35c278fa54e7293f31fcf8b1be85daaee2a140a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
x-server-name: app18.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 11ms
11ms Script
application/x-javascript 2600:9000:2182:400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:33:42 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 00:58:19 GMT
server: nginx
age: 3352
etag: W/"5ea239ab-11347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: _Ca7RlXDi4dZsIJAJZnRbkk2K36YU1do5X9Pk42ZUPu5FbMgKV1NpQ==
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
expires: Wed, 12 Aug 2020 23:33:42 GMT

GET
H2 200 checksync.php
contextual.media.net/ Frame 290F 0
0 25ms
25ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUF1VN4G&prvid=3%2C23%2C28%2C29%2C33%2C38%2C41%2C51%2C54%2C56%2C59%2C69%2C72%2C74%2C76%2C77%2C80%2C82%2C84%2C97%2C106%2C108%2C109%2C113%2C117%2C118%2C122%2C126%2C138%2C139%2C141%2C145%2C147%2C159%2C172%2C173%2C174%2C175%2C178%2C182%2C184%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C3004%2C3007%2C3008%2C3010%2C3012%2C3014%2C3015%2C3017&rtime=445&https=1&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUF1VN4G&prvid=3%2C23%2C28%2C29%2C33%2C38%2C41%2C51%2C54%2C56%2C59%2C69%2C72%2C74%2C76%2C77%2C80%2C82%2C84%2C97%2C106%2C108%2C109%2C113%2C117%2C118%2C122%2C126%2C138%2C139%2C141%2C145%2C147%2C159%2C172%2C173%2C174%2C175%2C178%2C182%2C184%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C3004%2C3007%2C3008%2C3010%2C3012%2C3014%2C3015%2C3017&rtime=445&https=1&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Sat, 13 Feb 2021 22:29:34 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=501208
expires: Tue, 18 Aug 2020 17:43:02 GMT
date: Wed, 12 Aug 2020 22:29:34 GMT
content-length: 4727

GET
H2 200 tag.min.js Show response
get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/ 42 KB
14 KB 185ms
134ms Script
text/javascript 13.226.155.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-76.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f37beed085d2cfdd1386a8942434d8011aa20f2e7afa20d7edfd0d49998da1e7

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 16:33:02 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
date: Wed, 12 Aug 2020 22:29:35 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-id: T1w9hmt0gGBLE5EJiuycejFyZnhXVoe6QLl43xSdPizVVzQm1uMNkA==
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=97206452&t=timing&_s=2&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&dp=%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Reuters.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1654&pdt=16&dns=1&rrt=0&srt=249&tcp=43&dit=769&clt=769&_gst=355&_gbt=384&_cst=304&_cbt=342&_u=aGDAgEAjQ~&jid=&gjid=&cid=262564930.1597271373&tid=UA-24152976-22&_gid=1349971867.1597271373&cd8=0&cd9=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd3=%20-%20&z=867889569

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jul 2020 21:32:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1817817
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
141 B 173ms
172ms XHR
application/json 54.68.229.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/i
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.68.229.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-68-229-68.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 12 Aug 2020 22:29:34 GMT
access-control-allow-origin: https://www.reuters.com
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 2 KB
3 KB 23ms
23ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=1&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1---&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=147677722*203%7C186x24%7C8CUF1VN4G%7C147677722_8CUF1VN4G%7C%7C%7C1%40147677722*214%7C186x24%7C8CUF1VN4G%7C147677722_8CUF1VN4G%7C%7C%7C1%40147677722*222%7C186x24%7C8CUF1VN4G%7C147677722_8CUF1VN4G%7C%7C%7C1&crid=147677722&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=296822001857938651597271374369&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.4113246889770652&ndec=1&scrsize=1600x1200&taginfo=%7B%22147677722%22%3A%7B%22xps%22%3A1336%2C%22yps%22%3A173%2C%22supply_tag_id%22%3A%22marketslogo%22%7D%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1541%7D&itype=HB&cc=NL&ct=AMSTERDAM&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e097bd2afbb2315c17b1c3e4606a7c802d2d969ba3e8176ddc5fc9fc172befc4

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:34 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
content-length: 2415
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 314ms
104ms Image
image/gif 52.87.71.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=reuters.com&p=reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&u=nK2HWCUNgC_DQH-AP&d=reuters.com&g=52639&g0=No%20Section&g1=Reuters%20Editorial&n=1&f=00001&c=0&x=0&m=0&y=1541&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1654&t=DgMtSPDkC-mMD37d9NbRVhbDXVoy6&V=120&i=Page%20Not%20Found%20%7C%20Reuters.com&tz=-120&sn=1&sv=x0s49CXSvu1F3c-WBIwMl6CunCze&sd=2&im=06672ff0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.71.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-71-144.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 12 Aug 2020 22:29:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
22 KB 405ms
405ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3492949826245368&correlator=3543700002587360&output=ldjh&impl=fifs&adsid=NT&eid=21066532&vrg=2020080501&rdp=1&us_privacy=1---&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200812&iu_parts=4735792%2Cus.reuters&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x66%7C970x180%7C940x230%7C1x1%2C300x250%7C1x1%7C300x600%7C300x1050%7C160x600%2C300x250%7C1x1%7C300x600%2C186x24%7C186x34%2C300x30&prev_scp=type%3Dleaderboard%26bidxc%3D1%26template%3Dother%26id%3D4c405113-dceb-11ea-be7c-068792706006%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%26mnetDNB%3D1%26mnetPageID%3D4%26mnetCV%3D3%26mnetCC%3DNL%26mnetUGD%3D4%7Ctype%3Dmpu%26template%3Dother%26id%3D4c405114-dceb-11ea-be7c-068792706006%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%26mnetDNB%3D1%26mnetPageID%3D1%26mnetCV%3D3%26mnetCC%3DNL%26mnetUGD%3D4%7Ctype%3Dmpulow%26template%3Dother%26id%3D4c405115-dceb-11ea-be7c-068792706006%26mnetDNB%3D1%26mnetPageID%3D2%26mnetCV%3D3%26mnetCC%3DNL%26mnetUGD%3D4%7Ctype%3Dmarketslogo%26template%3Dother%26id%3D4c4029fe-dceb-11ea-8bae-0634eb268b40%26vw%3D40%26grm%3D40%26mnetDNB%3D1%26mnetPageID%3D6%26mnetCV%3D3%26mnetCC%3DNL%26mnetUGD%3D4%7Ctype%3Dmarketslogo-bottom%26template%3Dother%26id%3D4c4002a3-dceb-11ea-af54-0ab32f77e5b0%26vw%3D40%26grm%3D40&cust_params=bidxc%3D1%26admant%3Dother%26permutive%3D%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow&cookie_enabled=1&bc=31&abxe=1&lmt=1597271374&dt=1597271374416&dlt=1597271372934&idt=1241&frm=20&biw=1600&bih=1200&oid=3&adxs=250%2C1050%2C1050%2C1150%2C1050&adys=114%2C204%2C1099%2C489%2C773&adks=2357562929%2C1188909309%2C2705124764%2C494809761%2C45201281&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpay%3D&dssz=89&icsg=3307330976399552&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x90%7C300x1165%7C300x1165%7C300x28%7C300x329&msz=1100x90%7C300x250%7C300x250%7C186x24%7C300x30&ga_vid=262564930.1597271373&ga_sid=1597271374&ga_hid=97206452&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02ccd3cc5adae2995dccf273b9cc3f45230856981c814ffdc800d98fec1ff5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22323
x-xss-protection: 0
google-lineitem-id: 5377211436,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138317130054,-1,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
755ac992f1b78f5b464618a4836e20d9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 63ms
38ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://755ac992f1b78f5b464618a4836e20d9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 /
s3.reutersmedia.net/resources/r/ 68 B
458 B 55ms
55ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources/r/?m=02&d=20150325&t=2&i=8255533457&w=760&fh=&fw=&ll=&pl=&sq=&rtn=LYNNXMPEGX5B37&x30y10&r=LIYXPPGG10FT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash: adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:34 GMT
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
server: ADFCDN/5.2.3
x-amz-cf-pop: DUS51-C1
x-powered-by: AdDefend GmbH
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges: bytes
content-length: 68
x-amz-cf-id: 0ckROdv0Wbc9QcALOytAr6rK4pPLX6D-1kTDjtUKI4ut1gmuMl4CfQ==
expires: 0

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 9ms
9ms Script
application/javascript 2600:9000:2182:6200:5:9a4c:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:6200:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d640ed39630d91dec61dcb107b977293ec29fecbb5e74467e017d872bf76b0db

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: iJO00mi5pglap2bW60H1GBGtloYAnC3A
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:07:03 GMT
server: AmazonS3
age: 140926
date: Tue, 11 Aug 2020 07:20:48 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=172800
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 0hRE6_4GkyU9mIXGTVdlAn0Q4Sr_Rzse-9Kxta6Y752ARuAqP6jfaA==
via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)

GET
H2 200 /
s3.reutersmedia.net/resources/r/adinclude/ 68 B
458 B 61ms
60ms Image
image/png 13.226.155.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources/r/adinclude/?m=02&d=20180717&t=2&i=3555489856&w=093&fh=&fw=&ll=&pl=&sq=2&r=IHHD5B37.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.87 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-87.dus51.r.cloudfront.net
Software: ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash: adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:29:34 GMT
via: 1.1 88bc7a9e54e3765a2fd64d3e80cc8217.cloudfront.net (CloudFront)
server: ADFCDN/5.2.3
x-amz-cf-pop: DUS51-C1
x-powered-by: AdDefend GmbH
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges: bytes
content-length: 68
x-amz-cf-id: BICLC0ufDaS171Bcj55F4MPI8l_QyArmQfnAsvgNJ6J0s4ihi4u3TA==
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A50 0
0 55ms
55ms Fetch
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_Ml8U4AhJ-2JyK0TbsPcCBUmET5mn7BKXjQXncvLFT8jAJIH5j24tFxtzglnSrFxauiKeG4mUnsvK2hEWbTnmQ77PdrdSeVE-vkyvBxcYww5Pv4E-Vsja9WfNdTLM79P0oBV__dVfZfF9izPpIgNs6_-F4QHj1jq9HD5KF_54peW0_U8UyrmUAefVVGbsL_D4NlLfyN9oyn5jmGh5Pk93bUnrvVy4WLLvptUcw4naL-ih-u3VmDWD9CtPlkiq6IM3&sai=AMfl-YT_x-y41lZa3MorgZ3uvzEDwnHEEhV-i26ESCC3RYRrrypYMOHFVOlV5j87FMN-y0Q36wDigsee8DyyRsVdKBAZsACKadGzHxqQKUpYJZvpdhc__j2_XzVwzQpWeDcI&sig=Cg0ArKJSzL1xPEmltl6CEAE&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:29:34 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200805/r20110914/ Frame 1A50 17 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200805/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c53a73d64545befe969e606eef1df1c39fef33fe9ee72d34d1889d109fb04156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 05 Aug 2020 20:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 613172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6967
x-xss-protection: 0
server: cafe
etag: 11533007830708205839
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 19 Aug 2020 20:10:02 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200805/r20110914/client/ Frame 1A50 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200805/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 13:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Aug 2020 13:30:23 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1A50 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c516c523ffceafbf9482017d73bbcea30b998c15ca9de148fc00514561daaf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597059737948561"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/reutersdfpcw319687550988/ Frame 1A50 307 KB
103 KB 20ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/reutersdfpcw319687550988/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 11558e1d027dc06afd27bf2613c169508a497d802019b0d97c417097977f00e8

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 14:58:25 GMT
server: AmazonS3
x-amz-request-id: A9E122D2AF64C6E2
etag: "06798e04d86839b070d5ea052c4d21a3"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=54207
accept-ranges: bytes
content-length: 105048
x-amz-id-2: AtqbfV5BfnYBbqaWVCvwe8ixmcNjhJQrRXToCeUNEtyIrydkNy3oIpTd22V3zhpRl8qMsebamvk=

GET
H2 200 8804527049069964313
tpc.googlesyndication.com/simgad/ Frame 1A50 69 KB
69 KB 7ms
6ms Image
image/gif 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8804527049069964313

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae0f195f5e38d451157000fab78a85b07c6697efa89edb352700d28327b3008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 07:06:16 GMT
x-content-type-options: nosniff
age: 55398
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70593
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 16:22:51 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:06:16 GMT

GET
H2 200 5377211436 Show response
dfp-gateway.s-onetag.com/1/4735792/ 110 B
577 B 69ms
22ms XHR
application/json 13.226.155.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dfp-gateway.s-onetag.com/1/4735792/5377211436
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-85.dus51.r.cloudfront.net
Software: /
Resource Hash: c249785389db80243503114f46bee572871297bbe904ebbaf64715ac42432a4d

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:27:56 GMT
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront), 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
age: 3698
x-amzn-requestid: e7feee90-895d-4d2f-ac83-d945f98af317
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-5f345edc-126a61a84b30895881a27778;Sampled=0
x-amz-cf-pop: FRA6-C1, DUS51-C1
x-amz-apigw-id: RLPCgH6OiYcF5oQ=
content-length: 110
x-amz-cf-id: 8d0TusvCuUGGf2reZ6ae0inNIv1FXfxwou7G8T4TwUbQJRWAlgoGKQ==

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
26 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

394415bedb33f0d07d610f1ac10439e12098d7a747aca0510cddabca81a9092d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597059737948561"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame AE38 206 KB
56 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 12293
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 19:04:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 19:04:41 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame AE38 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32265
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5908
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:31:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da3eb6a12045948e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:31:49 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame AE38 96 KB
29 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 12294
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 19:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 19:04:40 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame AE38 4 KB
2 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32265
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1782
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:31:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9975c81b3db44358"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:31:49 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame AE38 48 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32269
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14954
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:31:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "536b0698dfd565aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:31:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AE38 7 KB
833 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 22:07:48 GMT
server: ESF
date: Wed, 12 Aug 2020 22:29:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Aug 2020 22:29:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2842503068116008774/ Frame AE38 192 KB
193 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2842503068116008774/downsize_200k_v1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5e003083f8341433f1eedac2959986773a9c68bb6376c1cfaa309c5852078ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 14:22:00 GMT
x-content-type-options: nosniff
age: 547654
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196934
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 13:50:10 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 14:22:00 GMT

GET
DATA 200
OK truncated
/ Frame AE38 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aff03ce48df0aa149994b271555ab65b1d773aadd402f488a06a2c795101fa4a

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AE38 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50af1aec588aa408da645579ec8b54b14dc38746b22c467eb015f5b3ac24f41c

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AE38 2 KB
3 KB 12ms
9ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40836
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AE38 295 B
368 B 12ms
10ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3756
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AE38 0
0 64ms
59ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cn36LTm00X_6rHYGL7_UPgIuq2AvuhsfLXpCWl6zoC7CRgMjgDhABINqetRVgkYSAgIwYoAGqqPCrAsgBCakC5PSYfonFsz7gAgCoAwHIAwqqBIkCT9DPDLrajlVe-_Gcg-wIZCnYn_cfl7GK-Lpmqq4r6CH_QHM2qffC0KVxloiNUfvvtTE7LphlW16MNrfD6_w8BW6Eto-LQMlK5Z0pDNC-8BvCGJ8Ndx4O9fSG09kWcidTD6WJ0Div7N_FjPFmX6QhNyfGK46Se_rE-OLt0gouGPyoj07VTcBU_f4_IeIAgWLMW-gDXgOLVz0BYQ8bQMDv83GM2ZhHNfRd99CEyENajDv0IqyJPANFtM_TalE1pz8s20pZznkpvtuynjVJJ17UERq_fdackrvTet9SfDOnfeQXo-PueTTLemSDoOabgoIoYxv-sKXc70dk2794MMvrYu1hYNG3HKC828AEvIDhmosD4AQBoAYugAe-14_UAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAPIHBBCA2QzSCAkIgOGAcBABGB2ACgPICwHYEwOIFAE&sigh=lcKeciDpE34&template_id=5000&tpd=AGWhJmvyoIFai0pzYXiXo6Rf7956pZDy8PHdgtdOHVWzQ_0G2w
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7747d417f93ca264361b8abd083c553df06e32af00a580293f0d630231fcd0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6187
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AE38 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Origin: https://www.reuters.com

Response headers

date: Tue, 11 Aug 2020 20:11:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 94699
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Wed, 11 Aug 2021 20:11:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AE38 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Origin: https://www.reuters.com

Response headers

date: Tue, 11 Aug 2020 13:37:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 118323
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Wed, 11 Aug 2021 13:37:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame AE38 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Origin: https://www.reuters.com

Response headers

date: Sat, 08 Aug 2020 07:04:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 401115
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sun, 08 Aug 2021 07:04:19 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A50 0
54 B 57ms
56ms Image
image/gif 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssS4Ln4EtFwwqLmqWZibLxGvrtvwHwJQMqlMcRM_bfIpcEuqA9Vwwh2AY_yKop1GdCrYyPyRuqJpdICZuzpfHcOaJXpNUIXRxUJXh00IJtIZz5AbbnGmM9Viy7ldV-8OiCbQo8fVrN40tVu_mcwNkoc84-G72F1NPLJYmWj92O5wO2AgbsBWn1irNSXoTG8VPRkydnitCieJbPcIRSVrdfJAENeqUCkDbrUyRf5gIP5Lusa9HUhbh88pFJKAceeog8V_nY&sai=AMfl-YSW9L_FwYzkW_S1E3483vIhSkHWRvt4ejj_PZA9ycFsQbP_Mm4NuGcRrIphrr-Z2cdiSAeywP6rOkXz1hxdAT10o9sKBSpTKQUAe2UAaUD7NchTTH2GnxLx0l6DveMk&sig=Cg0ArKJSzGa713pVS3uxEAE&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/pay=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS