www.reuters.com Open in urlscan Pro
13.226.155.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Submission: On August 12 via api (August 12th 2020, 10:28:24 pm UTC) from US

Summary HTTP 176 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 36 domains to perform 176 HTTP transactions. The main IP is 13.226.155.46, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.reuters.com.
TLS certificate: Issued by Amazon on March 4th 2020. Valid for: a year.

This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	13.226.155.46 13.226.155.46	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.99 13.226.155.99	16509 (AMAZON-02) (AMAZON-02)
9	13.226.155.30 13.226.155.30	16509 (AMAZON-02) (AMAZON-02)
9	13.226.155.40 13.226.155.40	16509 (AMAZON-02) (AMAZON-02)
11	13.226.155.12 13.226.155.12	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:218... 2600:9000:2182:6e00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	23.34.184.248 23.34.184.248	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.155.117 13.226.155.117	16509 (AMAZON-02) (AMAZON-02)
1	13.226.145.149 13.226.145.149	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
2	52.36.169.40 52.36.169.40	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:1b:... 2a04:4e42:1b::714	54113 (FASTLY) (FASTLY)
1	209.234.234.15 209.234.234.15	7334 (WALLSTREET) (WALLSTREET)
1	54.247.116.142 54.247.116.142	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:374	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.111.252.228 104.111.252.228	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.201.93.216 35.201.93.216	15169 (GOOGLE) (GOOGLE)
3	34.193.24.72 34.193.24.72	14618 (AMAZON-AES) (AMAZON-AES)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.202.86.190 18.202.86.190	16509 (AMAZON-02) (AMAZON-02)
4	67.221.239.62 67.221.239.62	27467 (RACKMY-ST...) (RACKMY-STL-AS1)
3	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	66.81.204.228 66.81.204.228	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
2	52.30.191.169 52.30.191.169	16509 (AMAZON-02) (AMAZON-02)
6	23.62.140.165 23.62.140.165	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
6	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
3	54.246.208.255 54.246.208.255	16509 (AMAZON-02) (AMAZON-02)
1	13.226.155.37 13.226.155.37	16509 (AMAZON-02) (AMAZON-02)
1	52.201.74.173 52.201.74.173	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:218... 2600:9000:2182:9200:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.155.49 13.226.155.49	16509 (AMAZON-02) (AMAZON-02)
2	13.226.155.105 13.226.155.105	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	76.223.7.58 76.223.7.58	16509 (AMAZON-02) (AMAZON-02)
176	54

8 13.226.155.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-46.dus51.r.cloudfront.net

www.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-99.dus51.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.226.155.30 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-30.dus51.r.cloudfront.net

s4.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.226.155.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-40.dus51.r.cloudfront.net

s2.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.226.155.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-12.dus51.r.cloudfront.net

s3.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:6e00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.184.248 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-184-248.deploy.static.akamaitechnologies.com

content.markitcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-117.dus51.r.cloudfront.net

apiservice.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.149 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-149.dus51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.36.169.40 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-169-40.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.234.234.15 (United States)

ASN7334 (WALLSTREET, US)

api.markitondemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.116.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-116-142.eu-west-1.compute.amazonaws.com

async01.admantx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:374 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.252.228 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-252-228.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.93.216 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 216.93.201.35.bc.googleusercontent.com

gwiqcdn.globalwebindex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.193.24.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-24-72.compute-1.amazonaws.com

l.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.235.93 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cslogger.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.86.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-86-190.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.221.239.62 (United States)

ASN27467 (RACKMY-STL-AS1, US)
PTR: 67-221-239-62.www.allegiancetech.com

siteintercept.allegiancetech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.254.252 (United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.81.204.228 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

s.mnet-ad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.191.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-191-169.eu-west-1.compute.amazonaws.com

reuters.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.62.140.165 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-140-165.deploy.static.akamaitechnologies.com

cdneu-xch.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.246.208.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-208-255.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-37.dus51.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.201.74.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-74-173.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:9200:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

675aa50516f0a82a244221baac5478f8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f230.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.49 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-49.dus51.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-105.dus51.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.14 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.7.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ab51a9e8185f181d0.awsglobalaccelerator.com

metrics-collector.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	reutersmedia.net s4.reutersmedia.net s2.reutersmedia.net s3.reutersmedia.net static.reutersmedia.net	288 KB
27	googlesyndication.com 675aa50516f0a82a244221baac5478f8.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	128 KB
15	ampproject.org cdn.ampproject.org	324 KB
13	media.net contextual.media.net cdneu-xch.media.net cslogger.media.net	253 KB
11	doubleclick.net 2 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	114 KB
9	reuters.com www.reuters.com apiservice.reuters.com	58 KB
6	s-onetag.com get.s-onetag.com beacon.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com metrics-collector.s-onetag.com	22 KB
6	google-analytics.com www.google-analytics.com	78 KB
5	evidon.com c.evidon.com	28 KB
5	google.com 3 redirects www.google.com adservice.google.com	707 B
4	gstatic.com fonts.gstatic.com	44 KB
4	allegiancetech.com siteintercept.allegiancetech.com	135 KB
4	permutive.com cdn.permutive.com api.permutive.com	43 KB
4	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com	8 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	demdex.net dpm.demdex.net reuters.demdex.net	6 KB
3	betrad.com l.betrad.com	360 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	tinypass.com experience.tinypass.com cdn.tinypass.com	124 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	32 KB
2	lijit.com 1 redirects ap.lijit.com	1006 B
2	tru.am tru.am	13 KB
2	facebook.com www.facebook.com	365 B
2	google.de www.google.de adservice.google.de	935 B
2	facebook.net connect.facebook.net	167 KB
2	segment.io api.segment.io	282 B
1	chartbeat.net ping.chartbeat.net	168 B
1	googletagservices.com www.googletagservices.com	19 KB
1	mnet-ad.net s.mnet-ad.net	355 B
1	criteo.com gum.criteo.com	380 B
1	globalwebindex.net gwiqcdn.globalwebindex.net	6 KB
1	admantx.com async01.admantx.com	257 B
1	markitondemand.com api.markitondemand.com	15 KB
1	googletagmanager.com www.googletagmanager.com	91 KB
1	segment.com cdn.segment.com	96 KB
1	markitcdn.com content.markitcdn.com	42 KB
176	36

	Domain	Requested by
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.reuters.com cdn.ampproject.org tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
9	s2.reutersmedia.net	www.reuters.com
9	s4.reutersmedia.net	www.reuters.com
8	s3.reutersmedia.net	www.reuters.com s3.reutersmedia.net
8	www.reuters.com	www.reuters.com s2.reutersmedia.net www.googletagmanager.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.reuters.com
6	cdneu-xch.media.net	www.reuters.com
6	contextual.media.net	www.reuters.com contextual.media.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.reuters.com
5	c.evidon.com	www.reuters.com c.evidon.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	securepubads.g.doubleclick.net www.reuters.com
4	siteintercept.allegiancetech.com	www.googletagmanager.com www.reuters.com
4	www.google.com	3 redirects www.reuters.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net
3	pixel.adsafeprotected.com	cdn.adsafeprotected.com
3	api.permutive.com	cdn.permutive.com
3	l.betrad.com	www.reuters.com
3	sb.scorecardresearch.com	1 redirects www.reuters.com
3	static.reutersmedia.net	www.reuters.com
2	ap.lijit.com	1 redirects
2	onetag-geo-grouping.s-onetag.com	beacon.s-onetag.com
2	googleads.g.doubleclick.net	www.reuters.com
2	ad.doubleclick.net	1 redirects www.reuters.com
2	reuters.demdex.net	www.reuters.com
2	experience.tinypass.com	www.reuters.com cdn.tinypass.com
2	tru.am	www.googletagmanager.com tru.am
2	www.facebook.com	www.reuters.com
2	connect.facebook.net	cdn.segment.com connect.facebook.net
2	api.segment.io	cdn.segment.com
2	static.chartbeat.com	www.reuters.com
1	metrics-collector.s-onetag.com	beacon.s-onetag.com
1	onetag-geo.s-onetag.com	beacon.s-onetag.com
1	675aa50516f0a82a244221baac5478f8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	beacon.s-onetag.com	get.s-onetag.com
1	ping.chartbeat.net
1	get.s-onetag.com	www.googletagmanager.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	contextual.media.net
1	cslogger.media.net	www.reuters.com
1	s.mnet-ad.net	www.reuters.com
1	gum.criteo.com	contextual.media.net
1	dpm.demdex.net	www.reuters.com
1	cdn.permutive.com	www.reuters.com
1	gwiqcdn.globalwebindex.net	www.reuters.com
1	cdn.tinypass.com	experience.tinypass.com
1	async01.admantx.com	www.reuters.com
1	api.markitondemand.com	www.reuters.com
1	mab.chartbeat.com	static.chartbeat.com
1	www.google.de	www.reuters.com
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	www.reuters.com
1	cdn.segment.com	www.reuters.com
1	apiservice.reuters.com	www.reuters.com
1	content.markitcdn.com	www.reuters.com
1	cdn.adsafeprotected.com	www.reuters.com
176	58

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
stockscreener.us.reuters.com
funds.us.reuters.com
graphics.reuters.com
widerimage.reuters.com
af.reuters.com
lta.reuters.com
ara.reuters.com
ar.reuters.com
br.reuters.com
ca.reuters.com
cn.reuters.com
de.reuters.com
es.reuters.com
fr.reuters.com
in.reuters.com
it.reuters.com
jp.reuters.com
mx.reuters.com
ru.reuters.com
uk.reuters.com
newslink.reuters.com
www.twitter.com
instagram.com
www.youtube.com
www.reutersagency.com
sales.reuters.com
thomsonreuters.com
www.refinitiv.com
legalsolutions.thomsonreuters.com
tax.thomsonreuters.com
www.thomsonreuters.com
reuters.zendesk.com
info.evidon.com

Subject Issuer	Validity	Valid
www.reuters.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
*.adsafeprotected.com COMODO RSA Domain Validation Secure Server CA	`2018-08-20` - `2020-09-17`	2 years	crt.sh
static.reuters.com Amazon	`2019-11-25` - `2020-12-25`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
media.wsodcdn.com GeoTrust RSA CA 2018	`2019-08-29` - `2020-11-27`	a year	crt.sh
apiservice.reuters.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-13` - `2021-04-24`	10 months	crt.sh
api.markitondemand.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2022-03-12`	2 years	crt.sh
*.admantx.com SSL.com RSA SSL subCA	`2019-03-29` - `2021-06-25`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-20` - `2021-07-20`	a year	crt.sh
ssl802628.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
*.evidon.com DigiCert Secure Site ECC CA-1	`2020-04-29` - `2021-07-29`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.globalwebindex.net RapidSSL RSA CA 2018	`2017-12-13` - `2020-12-19`	3 years	crt.sh
l.betrad.com Go Daddy Secure Certificate Authority - G2	`2019-04-25` - `2021-06-24`	2 years	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.allegiancetech.com Go Daddy Secure Certificate Authority - G2	`2019-01-08` - `2021-03-07`	2 years	crt.sh
api.permutive.com Let's Encrypt Authority X3	`2020-06-25` - `2020-09-23`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
*.mnet-ad.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-06` - `2021-04-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-03-14` - `2021-04-14`	a year	crt.sh
*.s-onetag.com Amazon	`2020-03-03` - `2021-04-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Frame ID: F771F340A2B53815C9B4978B83F83768
Requests: 122 HTTP requests in this frame

Frame: https://reuters.demdex.net/dest5.html?d_nsid=0
Frame ID: 33F9181939057F4A3E55476F71034130
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUF1VN4G&prvid=3%2C23%2C28%2C29%2C33%2C38%2C41%2C51%2C54%2C56%2C59%2C69%2C72%2C74%2C76%2C77%2C80%2C82%2C84%2C97%2C106%2C108%2C109%2C113%2C117%2C118%2C122%2C126%2C138%2C139%2C141%2C145%2C147%2C159%2C172%2C173%2C174%2C175%2C178%2C182%2C184%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C3004%2C3007%2C3008%2C3010%2C3012%2C3014%2C3015%2C3017&rtime=744&https=1&usp_status=0&usp_consent=1
Frame ID: 596200391E72B954B5D6EB33B1B54F8A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: 5A1BCB38E55546C877978B01B126F7EB
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: 164F1F49239316FC7C3A4D5BDE987E22
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js
Frame ID: 23F527F8E26B4504FF79112FB96FA218
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: C905C6680F64A99E4EE6EA0CE83A2184
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

176
Requests

99 %
HTTPS

41 %
IPv6

36
Domains

58
Subdomains

54
IPs

8
Countries

2140 kB
Transfer

6185 kB
Size

19
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/reuters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10256858/

Search URL Search Domain Scan URL

URL: https://stockscreener.us.reuters.com/Stock/US/Index?quickscreen=gaarp
Title: Stock Screener

Search URL Search Domain Scan URL

URL: https://funds.us.reuters.com/US/screener/screener.asp
Title: Fund Screener

Search URL Search Domain Scan URL

URL: https://graphics.reuters.com/USA-POLLING-TRUMP/0100422Q4HZ/index.html
Title: Polling on the President

Search URL Search Domain Scan URL

URL: http://widerimage.reuters.com/
Title: The Wider Image

Search URL Search Domain Scan URL

URL: http://widerimage.reuters.com/photographer
Title: Photographers

Search URL Search Domain Scan URL

URL: https://af.reuters.com/
Title: Africa

Search URL Search Domain Scan URL

URL: https://lta.reuters.com/
Title: América Latina

Search URL Search Domain Scan URL

URL: https://ara.reuters.com/
Title: عربي

Search URL Search Domain Scan URL

URL: https://ar.reuters.com/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://br.reuters.com/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://ca.reuters.com/
Title: Canada

Search URL Search Domain Scan URL

URL: https://cn.reuters.com/
Title: 中国

Search URL Search Domain Scan URL

URL: https://de.reuters.com/
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://es.reuters.com/
Title: España

Search URL Search Domain Scan URL

URL: https://fr.reuters.com/
Title: France

Search URL Search Domain Scan URL

URL: https://in.reuters.com/
Title: India

Search URL Search Domain Scan URL

URL: https://it.reuters.com/
Title: Italia

Search URL Search Domain Scan URL

URL: https://jp.reuters.com/
Title: 日本

Search URL Search Domain Scan URL

URL: https://mx.reuters.com/
Title: México

Search URL Search Domain Scan URL

URL: https://ru.reuters.com/
Title: РОССИЯ

Search URL Search Domain Scan URL

URL: https://uk.reuters.com/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: http://newslink.reuters.com/join/subscribe
Title: OUR NEWSLETTERS

Search URL Search Domain Scan URL

URL: https://www.twitter.com/reuters
Title: Follow Us On Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/reuters/
Title: Follow Us On Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ReutersVideo
Title: Follow Us On YouTube

Search URL Search Domain Scan URL

URL: https://newslink.reuters.com/join/subscribe
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/?utm_source=website&utm_medium=reuters&utm_campaign=site-referral&utm_content=us&utm_term=0
Title: Reuters News Agency

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/brand-attribution-guidelines/
Title: Brand Attribution Guidelines

Search URL Search Domain Scan URL

URL: https://sales.reuters.com/en
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://thomsonreuters.com/en/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: https://thomsonreuters.com/
Title: Thomson Reuters

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/eikon-trading-software
Title: Eikon Information, analytics and exclusive news on financial markets - delivered in an intuitive desktop and mobile interface

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/elektron-enterprise-data-management
Title: Elektron Everything you need to empower your workflow and enhance your enterprise data management

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/world-check-kyc-screening
Title: World-Check Screen for heightened risk individuals and entities globally to help uncover hidden risks in business relationships and human networks

Search URL Search Domain Scan URL

URL: https://legalsolutions.thomsonreuters.com/law-products/westlaw-legal-research/
Title: Westlaw Build the strongest argument relying on authoritative content, attorney-editor expertise, and industry defining technology

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/products/brands/onesource/
Title: ONESOURCE The most comprehensive solution to manage all your complex and ever-expanding tax and compliance needs

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/products/brands/checkpoint/
Title: CHECKPOINT The industry leader for online information for tax, accounting and finance professionals

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/copyright.html
Title: © 2020 Reuters. All Rights Reserved.

Search URL Search Domain Scan URL

URL: https://reuters.zendesk.com/
Title: Site Feedback

Search URL Search Domain Scan URL

URL: https://reuters.zendesk.com/hc/en-us/requests/new
Title: Corrections

Search URL Search Domain Scan URL

URL: https://info.evidon.com/pub_info/285
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&gjid=1000811186&_gid=1307366483.1597271287&_u=aGDAgEAjQ~&z=924063296 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&_v=j83&z=924063296 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&_v=j83&z=924063296&slf_rd=1&random=3286156027

Request Chain 69

https://sb.scorecardresearch.com/b?c1=2&c2=6035630&ns__t=1597271287726&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271287726&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&c9=&cs_ak_ss=1

Request Chain 152

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23778878.267244363;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23778878.267244363;dc_pre=CPPI4J7blusCFe2Gdwodp4AEZg;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 177

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

176 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request payment-sent-travel-= Show response
www.reuters.com/article/us-cyber-cwt-ransom/ 150 KB
34 KB 391ms
308ms Document
text/html 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: d2a6da3f0a0b2d176b90998f8571f10f1282ebb72812f92689a819a87074d62a

Request headers

:method: GET
:authority: www.reuters.com
:scheme: https
:path: /article/us-cyber-cwt-ransom/payment-sent-travel-=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
content-type: text/html;charset=UTF-8
content-length: 34694
content-encoding: gzip
date: Wed, 12 Aug 2020 22:28:06 GMT
expires: Wed, 12 Aug 2020 22:33:06 GMT
last-updatedl: Wed, 12 Aug 2020 22:25:29 GMT
server: nginx
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: RebksIBiPiPmWyAYOSHzZDbdNWoER0znJ9C0KWTEtWiapw0VSi84Tw==

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 215ms
35ms Script
application/javascript 13.226.155.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-99.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 01:14:11 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 76465
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: yfoRsCj70a3CtPhO-vOFcfNgLtAxydMEWZD0GS5D6h1VLkfyMTeGQQ==

GET
H2 200 reuters_bootstrap.js Show response
www.reuters.com/ 21 KB
5 KB 165ms
149ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/reuters_bootstrap.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 22fcd7f43a6991fc5aba362660e9e663cffe967c89f282c59e88df9ad5e810ff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:06 GMT
browser-expires: Wed, 12 Aug 2020 22:28:06 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 4747
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: uPUAAqQ3qtYlw8GjiIM4OR9GqXe5FBGAHQxHgez8akXcnAQSB07BmA==
expires: Wed, 12 Aug 2020 22:33:06 GMT

GET
H2 200 reuters_gpt_bootstrap.js Show response
www.reuters.com/ 49 KB
13 KB 110ms
95ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 22d5918d37b94e4552789480cf9784b05f558bd9e9e9eafae8dff9c383c5c2c2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:06 GMT
content-encoding: gzip
server: nginx
age: 251
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 12956
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: nEBjLX76fZcXq5W2TT9GyA1TmvuAJHQIIN1i95ibt8DheJ7I7LAy5g==
expires: Wed, 12 Aug 2020 22:23:54 GMT

GET
H2 200 px.js Show response
s4.reutersmedia.net/resources_v2/js/ 316 B
615 B 185ms
34ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/px.js?ch=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0117695b46b2a986ae9653c89ec1ca81c108ee388b41a1e875fb006cd87accef

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:21:17 GMT
content-encoding: gzip
age: 456
x-cache: Hit from cloudfront
status: 200
content-length: 229
last-modified: Fri, 02 Jun 2017 00:58:04 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: pOkVWxhZ9D1InNr79rS5W4bIgCRLYIHvqIM4lhMXPX50EwH36povKg==
expires: Thu, 13 Aug 2020 00:20:30 GMT

GET
H2 200 px.js Show response
s4.reutersmedia.net/resources_v2/js/ 316 B
615 B 185ms
35ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/px.js?ch=2
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0117695b46b2a986ae9653c89ec1ca81c108ee388b41a1e875fb006cd87accef

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 20:34:55 GMT
content-encoding: gzip
age: 6796
x-cache: Hit from cloudfront
status: 200
content-length: 229
last-modified: Fri, 02 Jun 2017 00:58:04 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: or1AjJdNfzyPMD6Bk6-pOKNSJ90OjsBN8F9uqY60RR1zDYbAGE5fOw==
expires: Wed, 12 Aug 2020 22:34:50 GMT

GET
H2 200 core.css
s2.reutersmedia.net/resources_v2/css/ 29 KB
6 KB 204ms
53ms Stylesheet
text/css 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/css/core.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0094fb88b35d7af1bb06790d931e0565f41a965828d0f5cc9479f41716d5f801

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:15:50 GMT
content-encoding: gzip
age: 4384
x-cache: Hit from cloudfront
status: 200
content-length: 5808
last-modified: Mon, 06 Apr 2020 20:45:29 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: yR8saBVqt5sTzkI_jFMrUTV05YYq6wV_fMLY86UBOGfJbDczjqP_Kw==
expires: Wed, 12 Aug 2020 23:15:02 GMT

GET
H2 200 core-modules.css
s4.reutersmedia.net/resources_v2/css/ 80 KB
13 KB 186ms
37ms Stylesheet
text/css 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/css/core-modules.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: af7b47cb891dac23f49e8711c253bf388f35c9efc0bf379cf9d2bda005d8ed1a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:12:34 GMT
content-encoding: gzip
age: 951
x-cache: Hit from cloudfront
status: 200
content-length: 12926
last-modified: Thu, 21 Nov 2019 22:07:06 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: mf16SEtQ3kWp7isUgFgSTFm_WhbVjJ_ummTszfguOjE5oZ2pYvX3qA==
expires: Thu, 13 Aug 2020 00:12:15 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
s3.reutersmedia.net/resources_v2/js/libraries/ 85 KB
30 KB 368ms
218ms Script
application/javascript 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.reutersmedia.net/resources_v2/js/libraries/jquery-2.2.4.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 97eace3bede10fcac04259174542f1192c3fd47b9a17380b12d407cd39983b85

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 00:30:23 GMT
content-encoding: gzip
age: 424789
x-cache: Hit from cloudfront
status: 200
content-length: 30707
last-modified: Thu, 14 Jul 2016 21:23:16 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: rtlhemj22HvxKGBjx7HjN-fcP2a7BMomIcTXrx4xyW9KacK-_fyebw==
expires: Sat, 15 Aug 2020 00:28:18 GMT

GET
H2 200 rcom-search-result.css
www.reuters.com/resources_v2/css/ 12 KB
3 KB 63ms
45ms Stylesheet
text/css 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/resources_v2/css/rcom-search-result.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0ffc6faf5e0661a7eb88f3804ab8e23388de4685474c32f661d2ed1d65bbff96

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 20:39:16 GMT
content-encoding: gzip
age: 6530
x-cache: Hit from cloudfront
status: 200
content-length: 2754
last-modified: Thu, 27 Jul 2017 09:48:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 5ESWDsjINDWV_pC27WGJNxZQLyARzJ8nk0beQDZCrF-IgPSlzMIw1g==
expires: Wed, 12 Aug 2020 22:39:16 GMT

GET
H2 200 cookie.js Show response
s2.reutersmedia.net/resources_v2/js/libraries/ 2 KB
1 KB 186ms
37ms Script
application/javascript 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/libraries/cookie.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c4177b2d65f97ec701dffd86eb6695b742b8a1cc8ffe2a64c1913478ee3c7c78

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 21:16:18 GMT
content-encoding: gzip
age: 90723
x-cache: Hit from cloudfront
status: 200
content-length: 867
last-modified: Fri, 15 Apr 2016 01:03:32 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: _BiOH7wjTUn6Zsn64CQ6zuFEhvTfAhOwDKQMBilMT6LuN5IMxJCroA==
expires: Tue, 18 Aug 2020 21:16:03 GMT

GET
H2 200 core.js Show response
s2.reutersmedia.net/resources_v2/js/ 5 KB
2 KB 186ms
38ms Script
application/javascript 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/core.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 6ab8fd59b244067c23f4bcb9a6bc85edd153bb44f8fd63f8bb90b2e94c7043d0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:12:12 GMT
content-encoding: gzip
age: 4577
x-cache: Hit from cloudfront
status: 200
content-length: 1749
last-modified: Fri, 02 Jun 2017 01:03:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Nr7ox0DJ1zOgb4UCW48VvVLwpzX6hRrUJKaUVqXsYCeeIPet598HUg==
expires: Wed, 12 Aug 2020 23:11:49 GMT

GET
H2 200 search.js Show response
s2.reutersmedia.net/resources_v2/js/ 9 KB
3 KB 187ms
40ms Script
application/javascript 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/search.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b1e7c0988fe58052a50f9f16d8ca71ef607816c3f8fbf059b31d6caccd99d95a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:06:51 GMT
content-encoding: gzip
age: 5805
x-cache: Hit from cloudfront
status: 200
content-length: 2895
last-modified: Mon, 26 Nov 2018 03:24:39 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: S66rErMiV0k-X88RZNIsScSipw7tluucZHWBjYgbYP66wCNd7cjGZg==
expires: Wed, 12 Aug 2020 22:51:21 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 45ms
9ms Script
application/x-javascript 2600:9000:2182:6e00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:6e00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:02:33 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 5133
etag: W/"5d53676c-4a99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: w0OaCYOxi71RI8PhmNiKoGk3OvcTixtDt7Kcu6I09MlGV77I06dfJA==
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
expires: Wed, 12 Aug 2020 23:02:33 GMT

GET
H2 200 core-markets.css
s2.reutersmedia.net/resources_v2/css/ 14 KB
3 KB 183ms
37ms Stylesheet
text/css 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/css/core-markets.css
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5b88974c8423c217006395b78b5c4158621eea9878954d9207d298db39a52db6

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:13:29 GMT
content-encoding: gzip
age: 4531
x-cache: Hit from cloudfront
status: 200
content-length: 3009
last-modified: Mon, 25 Mar 2019 22:10:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: BDyTfE1VlY9G5FqCjaONdnK2puXbWdPQwkb-z9EPb4VYoWIMaR8Pmg==
expires: Wed, 12 Aug 2020 23:12:35 GMT

GET
H2 200 chartworks.min.js Show response
content.markitcdn.com/www.chartworks.io/content/chartworks/dist/1.4.8/js/ 201 KB
42 KB 268ms
40ms Script
application/javascript 23.34.184.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.markitcdn.com/www.chartworks.io/content/chartworks/dist/1.4.8/js/chartworks.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.34.184.248 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-34-184-248.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: 0b9e118360dd88369b7e0ab5fdd7ef936894bb28b66830acee714156d3d7c81a

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
last-modified: Thu, 16 Jul 2020 17:30:22 GMT
server: Akamai Resource Optimizer
status: 200
etag: "5e3906acf9fd51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=1314000
accept-ranges: bytes
content-length: 42769

GET
H2 200 modtoken Show response
apiservice.reuters.com/api/service/ 104 B
424 B 186ms
40ms Script
application/json 13.226.155.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apiservice.reuters.com/api/service/modtoken?method=get&format=json&callback=getChartData&apikey=72461C50B1CEAD3135BA6BDA53B203D3&deviceid=E7CDD293-9C3A-5AB9-9181-58E1B572DD44
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.117 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-117.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0c4dad3997369ebae2c412a2e8048588238b638519aa475a6478615e58c6a24c

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:03 GMT
content-encoding: gzip
server: nginx
age: 3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
status: 200
reuters-content-api: Spotlight/2.0
x-amz-cf-pop: DUS51-C1
content-length: 117
via: 1.1 a608f2055229f2ea193f6b8f15267a71.cloudfront.net (CloudFront)
x-amz-cf-id: jA6s2R5PMI4wqpJzLMcPWqkIElpPL9fTAHyqx4aoU8-tZy6r_jjT6g==

GET
H2 200 core-header.js Show response
s4.reutersmedia.net/resources_v2/js/ 12 KB
3 KB 195ms
51ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-header.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9d4dfd664b730a77673d24b98d34b3cdce3aa3cbb017c021c6319067ed69ead2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:44:02 GMT
content-encoding: gzip
age: 2678
x-cache: Hit from cloudfront
status: 200
content-length: 2520
last-modified: Mon, 06 Apr 2020 20:45:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: DXelQdZZED_8C-Zwzyh0PrUg6IbtfEto3tUYgqV9POWwTM8y_XLt2Q==
expires: Wed, 12 Aug 2020 23:43:28 GMT

GET
H2 200 core-login.js Show response
s3.reutersmedia.net/resources_v2/js/ 13 KB
2 KB 183ms
38ms Script
application/javascript 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.reutersmedia.net/resources_v2/js/core-login.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1aa705b81190551f8bd280dd5d39a29eb654a03ba45282343667bf69eb4b4456

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:07:27 GMT
content-encoding: gzip
age: 1242
x-cache: Hit from cloudfront
status: 200
content-length: 1196
last-modified: Tue, 14 Apr 2020 18:12:01 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: ACJUt5tAfrYwwfmaWaILFPmnIh9uMbiXL-dAfgZw2EVL-Y9FF_8RJw==
expires: Thu, 13 Aug 2020 00:07:24 GMT

GET
H2 200 core-tracking.js Show response
s2.reutersmedia.net/resources_v2/js/ 23 KB
3 KB 205ms
61ms Script
application/javascript 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/core-tracking.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9355ad0b5ef8906fbbdec701d87e705460e0011bd3e8ed4231e0b25381e0b6cf

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:02:58 GMT
content-encoding: gzip
age: 1562
x-cache: Hit from cloudfront
status: 200
content-length: 2673
last-modified: Wed, 18 Dec 2019 21:58:22 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: TXDdgwYaHd1druONXWJ2SLvd-8tdBZCYNVgK2M-Ok0vRd4uKwTMvQA==
expires: Thu, 13 Aug 2020 00:02:04 GMT

GET
H2 200 rcom-social-share.js Show response
s2.reutersmedia.net/resources_v2/js/ 17 KB
4 KB 207ms
63ms Script
application/javascript 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/rcom-social-share.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 88a461f663347f3a4ce21231f5da1033e8d83d1bae7e083cca1b69fa0bb3b019

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:23:44 GMT
content-encoding: gzip
age: 311
x-cache: Hit from cloudfront
status: 200
content-length: 3541
last-modified: Mon, 26 Nov 2018 03:24:37 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 9r4g4eW9YjLfr5R2QIf6NKV__ZAmGV4Choj4os9Pu91fsCW0x6xhbQ==
expires: Thu, 13 Aug 2020 00:22:55 GMT

GET
H2 200 core-lib.js Show response
s2.reutersmedia.net/resources_v2/js/libraries/ 44 KB
13 KB 203ms
60ms Script
application/javascript 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.reutersmedia.net/resources_v2/js/libraries/core-lib.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 9268c1faede9be036d0596edf7a2d220e5384bcff038d1f80e3856e2eee46b9e

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 06 Aug 2020 01:33:41 GMT
content-encoding: gzip
age: 593859
x-cache: Hit from cloudfront
status: 200
content-length: 13069
last-modified: Fri, 15 Apr 2016 01:03:34 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: rTihvhIwdw_p_-vMj3Hu7vGpmFW7pzgEkrVm-qGq84KXB-IwYz5wcQ==
expires: Thu, 13 Aug 2020 01:30:27 GMT

GET
H2 200 core-modules.js Show response
s4.reutersmedia.net/resources_v2/js/ 7 KB
3 KB 192ms
51ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-modules.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a8f98adb683fc4da002ae7e1831c4f5142a53481135d1a1ec5bc5f085b89e317

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:05:31 GMT
content-encoding: gzip
age: 1394
x-cache: Hit from cloudfront
status: 200
content-length: 2270
last-modified: Fri, 02 Jun 2017 00:56:56 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: oSmvgetj1tPck9okKpICW7xJDONoT6qbvG1yQEUapCOW2tB4g-Dw0w==
expires: Thu, 13 Aug 2020 00:04:52 GMT

GET
H2 200 reuters_gpt_bootstrap_footer.js Show response
www.reuters.com/ 1 B
428 B 92ms
80ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/reuters_gpt_bootstrap_footer.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:06 GMT
content-encoding: gzip
server: nginx
age: 280
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 21
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: zR8yILLWy-Ev4eN4VeXbA25s3Z07XDSqMnHAMdJwvVDS-o-Nnm3bNA==
expires: Wed, 12 Aug 2020 22:23:26 GMT

GET
H2 200 core-rivet.js Show response
s4.reutersmedia.net/resources_v2/js/ 2 KB
1 KB 193ms
53ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-rivet.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 013a2895b9256f25522ed80084bf130e2ab32dcf0c9244439479cd547cb801bf

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:00:31 GMT
content-encoding: gzip
age: 5264
x-cache: Hit from cloudfront
status: 200
content-length: 972
last-modified: Thu, 21 Nov 2019 22:07:08 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 4xt-pOHHrQ0GPoCtaQ6swguBJEEkziMl5LTgqKYjp4cnfqU_DGXNPA==
expires: Wed, 12 Aug 2020 23:00:22 GMT

GET
H2 200 core-rage.js Show response
s4.reutersmedia.net/resources_v2/js/ 2 KB
1 KB 193ms
52ms Script
application/javascript 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.reutersmedia.net/resources_v2/js/core-rage.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5780e3e9ddef741fb88c5384e025d45d00478732610f1d20555bdc721ea9d19e

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:30:59 GMT
content-encoding: gzip
age: 3496
x-cache: Hit from cloudfront
status: 200
content-length: 744
last-modified: Thu, 21 Nov 2019 22:07:07 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: tkNtGO7G_QLbY9JmsLBjVz5Jkfiqu52WItGwVlBk3-dmm9i-KVjD9g==
expires: Wed, 12 Aug 2020 23:29:50 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 456 KB
96 KB 174ms
49ms Script
text/javascript 13.226.145.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.149 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-149.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d2fe32d253b1c23c584887a2d05bba8d56ad3b233081d190be436c70209ead2

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: YOeClGqZQucGhTexskvvImiIs1YTWvjr
content-encoding: gzip
etag: "b571ddcfce959fdfb468fd0182ffb999"
age: 74
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 98102
access-control-allow-origin: *
last-modified: Fri, 31 Jul 2020 18:21:37 GMT
server: AmazonS3
date: Wed, 12 Aug 2020 22:26:53 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: enHFFMMjPVrZ9QENhHrhbEPwiKo84GgEU0dlomQrxV8aF9cqFqsTpA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
91 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05570487bb3f6249f82ffaaf817889dc909225f80ae76d6f0e6c864465b8304f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:06 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93256
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:52:18 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 22:28:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 6865
date: Wed, 12 Aug 2020 20:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 12 Aug 2020 22:33:41 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 74 KB
29 KB 20ms
14ms Script
application/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TBBXQQ&t=gtm2&cid=356913192.1597271287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5275e53dca9e7f8cb2741c3e11050df06b6d9167b088dbd8e0ce59052aa97556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:52:18 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 22:28:07 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 74 KB
29 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-KBK7743&cid=356913192.1597271287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e58b5f1ec0b366d5af022fc6580f518062cd5de023870bb4881cc7936cb4da06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29818
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:52:18 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Aug 2020 22:28:07 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
925 B 7ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:46:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2503
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:46:24 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
141 B 569ms
190ms XHR
application/json 52.36.169.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.169.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-169-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 12 Aug 2020 22:28:07 GMT
access-control-allow-origin: https://www.reuters.com
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: tOow3KZ6OfZO4McBbEg5hX/5NV0UTwK+NCCRDGIiY0RQLCxpb0YI4pZIL/GxOQFs7yHBgvNqidJNx7NE0QFiJQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 12 Aug 2020 22:28:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 6ms
5ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=768909803&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&dp=%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Reuters.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAjQ~&jid=746924470&gjid=1000811186&cid=356913192.1597271287&tid=UA-24152976-22&_gid=1307366483.1597271287&cd8=0&cd9=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd3=%20-%20&z=896646036

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 08:17:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 483021
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j83&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&gjid=1000811186&_gid=1307366483.1597271287&_u=aGDAgEAjQ~&z=924063296
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&_v=j83&z=924063296
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&_v=j83&z=924063296&slf_rd=1&random=3286156027

42 B
106 B

18ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&_v=j83&z=924063296&slf_rd=1&random=3286156027

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24152976-22&cid=356913192.1597271287&jid=746924470&_v=j83&z=924063296&slf_rd=1&random=3286156027
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 312961195854690 Show response
connect.facebook.net/signals/config/ 525 KB
132 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312961195854690?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

887acf8d48deb6cf8681da13ee39f83b4692d894caf76d56ddcb4ab10cd5fbc4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135382
x-xss-protection: 0
pragma: public
x-fb-debug: BkyfJIcIcEOgNOTKKIxl/ywayJM1WQyDg+y3y/Bp4J0Dw0WJhRm3SFr5YUzm9VXlxxufQnHhPauvLvBykM0b1g==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 12 Aug 2020 22:28:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312961195854690&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&rl=&if=false&ts=1597271287220&sw=1600&sh=1200&v=2.9.23&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1597271287219.1005508555&it=1597271287173&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 22:28:07 GMT

GET
H2 200 sprites-arrows.png
s4.reutersmedia.net/resources_v2/images/ 28 KB
11 KB 38ms
38ms Image
image/png 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.reutersmedia.net/resources_v2/images/sprites-arrows.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b6d07224613ccebc5e94e0fbf7a5ede63c955cacbf1373ee8a3119ac4db98a9f

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:49:37 GMT
content-encoding: gzip
age: 78083
x-cache: Hit from cloudfront
status: 200
content-length: 10521
last-modified: Wed, 12 Apr 2017 02:55:02 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: Ktsy83ptT2f17ZxpWpUdbvuZlcMw-tcI5ZxSMAA5cVla4O-ydLKJLA==
expires: Thu, 13 Aug 2020 00:46:44 GMT

GET
H2 200 r-logo.png
s3.reutersmedia.net/resources_v2/images/ 33 KB
31 KB 48ms
48ms Image
image/png 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/r-logo.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 63b1ebf0de23fce0a5b2a746d6fd5f9e88bf4a69d73f146448a3a88b0a0e3b29

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 20:57:18 GMT
content-encoding: gzip
age: 5460
x-cache: Hit from cloudfront
status: 200
content-length: 31511
last-modified: Fri, 04 Nov 2016 12:33:53 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: HRZJ3Z5VYqqinb-q6RZWUVJrn6Ud90X6nEEpLxrs1cAwIxFWN8M72A==
expires: Thu, 13 Aug 2020 20:57:07 GMT

GET
H2 200 r-logo-sm.png
s3.reutersmedia.net/resources_v2/images/ 18 KB
17 KB 42ms
42ms Image
image/png 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/r-logo-sm.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: c0072073b75cc3c79adcbe1c8c395a42ac4b9c567da70802d772e087d5e08873

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 12:29:37 GMT
content-encoding: gzip
age: 35911
x-cache: Hit from cloudfront
status: 200
content-length: 17410
last-modified: Fri, 15 Apr 2016 01:03:28 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: gAiZUO1fZQnhYFbmgTFbWQLm69oXJHrU_IAY8EgFtSsKIeQONFGgIg==
expires: Thu, 13 Aug 2020 12:29:36 GMT

GET
H2 200 sprites-icons.png
s4.reutersmedia.net/resources_v2/images/ 7 KB
7 KB 41ms
40ms Image
image/png 13.226.155.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.reutersmedia.net/resources_v2/images/sprites-icons.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-30.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e4976438d6fc94da31bcd73c3ad1368e08dbcdb94143162e6a2e0748da7cffb0

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 23:11:44 GMT
content-encoding: gzip
age: 83783
x-cache: Hit from cloudfront
status: 200
content-length: 7066
last-modified: Fri, 15 Apr 2016 01:03:29 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: nVkvwJhIkyU0j-vUdlY_gUfYS3C2XVVlm3fy-qN1hPw4PFmIbI6MXw==
expires: Wed, 12 Aug 2020 23:11:44 GMT

GET
H2 200 Knowledge-Regular.woff
static.reutersmedia.net/resources_v2/fonts/ 24 KB
24 KB 131ms
60ms Font
application/x-font-woff 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Regular.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Origin: https://www.reuters.com

Response headers

date: Tue, 11 Aug 2020 21:17:09 GMT
content-encoding: gzip
age: 250401
x-cache: Hit from cloudfront
status: 200
content-length: 24249
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: eWtxoMBYZIbcefwtZxO-Xfy98vpgsky0RMgvvZFpeFpitmmNI2hfCg==
expires: Mon, 17 Aug 2020 00:54:46 GMT

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ 24 KB
24 KB 125ms
60ms Font
application/x-font-woff 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Origin: https://www.reuters.com

Response headers

date: Wed, 12 Aug 2020 00:20:51 GMT
content-encoding: gzip
age: 80154
x-cache: Hit from cloudfront
status: 200
content-length: 24497
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: dmJLuCyq-ReicNw5nE0c6CUo461SukACROaqOl9o1hSyIeMm27vM5A==
expires: Wed, 19 Aug 2020 00:12:13 GMT

GET
H2 200 rcom-sprite.png
s2.reutersmedia.net/resources_v2/images/ 26 KB
26 KB 39ms
39ms Image
image/png 13.226.155.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.reutersmedia.net/resources_v2/images/rcom-sprite.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-40.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: b53885cc9721ff3334410434e3c0f81fc745d258b461fb31aca1843b5d9559d1

Request headers

Referer: https://www.reuters.com/resources_v2/css/rcom-search-result.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:05:09 GMT
content-encoding: gzip
age: 80578
x-cache: Hit from cloudfront
status: 200
content-length: 26022
last-modified: Mon, 29 Jun 2015 03:07:14 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 47DQh-UUj11WlVFJj2qSxsMtnbYdzq6psmNJFYtT4XjEtNNobHzMAw==
expires: Thu, 13 Aug 2020 00:05:09 GMT

GET
H2 200 Knowledge-Light.woff
static.reutersmedia.net/resources_v2/fonts/ 24 KB
24 KB 61ms
50ms Font
application/x-font-woff 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Light.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 41d8a4b3ea02cd01fa69fef7e72e23a996d65aa85bf6864c0c8a3d18cb0c2466

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Origin: https://www.reuters.com

Response headers

date: Wed, 12 Aug 2020 00:49:47 GMT
content-encoding: gzip
age: 78051
x-cache: Hit from cloudfront
status: 200
content-length: 24424
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:21 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4ba9d3779ca8afc198240a34dffb07c4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: yx-Y_QUMHqkyCt2a5PXYClCgaGqcmXA3102iYsA8bB8rZmFmg3EagA==
expires: Wed, 19 Aug 2020 00:47:16 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 204 B
479 B 137ms
110ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=reuters.com&domain=reuters.com&path=%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 55c0ff88bb5908297892337163cf14f573d8ea07b24b2fa01f4ffcb19b18b6cb

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 157
x-served-by: cache-hhn4059-HHN
access-control-allow-origin: *
x-timer: S1597271287.344655,VS0,VE105
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Mon, 10 Aug 2020 22:28:07 GMT

GET
H/1.1 200
OK price
api.markitondemand.com/apiman-gateway/MOD/chartworks-image/1/Chart/ 15 KB
15 KB 704ms
178ms Image
image/png 209.234.234.15
WALLSTREET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.markitondemand.com/apiman-gateway/MOD/chartworks-image/1/Chart/price?inputs=%7B%22symbol%22%3A%22.SPX%22%2C%22realTime%22%3Afalse%2C%22cultureCode%22%3A%22en-US%22%2C%22fontColor%22%3A%22%23999999%22%2C%22fontSize%22%3A18%2C%22upperPanelHeight%22%3A144%2C%22lowerPanelHeight%22%3A0%2C%22numDays%22%3A1%2C%22priceLineColor%22%3A%22%23ff8000%22%2C%22priceLineWidth%22%3A3%2C%22showVolume%22%3Afalse%2C%22volumeColor%22%3A%22%23ff8000%22%2C%22width%22%3A556%2C%22xGridLineColor%22%3A%22%23ffffff%22%2C%22xGridLineWidth%22%3A1%2C%22yGridLineColor%22%3A%22%23dddddd%22%2C%22yGridLineWidth%22%3A1%7D&access_token=AUCaFsCuOuevaoxMT6AUVTo9t0La

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.234.234.15 , United States, ASN7334 (WALLSTREET, US),

Reverse DNS

Software

Resource Hash

c8c328a290022020d5d1c7fb4e8443b2afafaa72fa253d26053d3fad082ebf40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:07 GMT
X-Content-Type-Options: nosniff
X-AspNet-Version
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: private
Connection: keep-alive
Content-Length: 15525

GET
H2 200 breakingNews Show response
www.reuters.com/assets/ 67 B
469 B 139ms
138ms Script
application/json 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/assets/breakingNews?view=json&sp=drawBreakingNews
Requested by: Host: s2.reutersmedia.net
URL: https://s2.reutersmedia.net/resources_v2/js/search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 951a8278d3c8c2ab5de7d8b59a922638b513e32e4dc1dd76e3911fb6090d9789

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
browser-expires: Wed, 12 Aug 2020 22:28:07 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 67
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: qjQDAPAFmQ2fLpxYSZhdbqFZSdNqtdK-Z_HvchUdKxgiVKAKJHNrQQ==
expires: Wed, 12 Aug 2020 22:33:07 GMT

GET
H2 200 breakingNews Show response
www.reuters.com/assets/ 70 B
471 B 142ms
142ms Script
application/json 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/assets/breakingNews?view=json&sp=drawNonEditBanner
Requested by: Host: s2.reutersmedia.net
URL: https://s2.reutersmedia.net/resources_v2/js/search.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 5d1b68ddb0016d3c2a2608da629aa23f7e5347bcda824e2555f0184a5bd62b2f

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
browser-expires: Wed, 12 Aug 2020 22:28:07 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 70
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: fNRe8tPJfbm17YXwEEWbcZjzd89Wj8YlmrOiwR-iRZMW-8l2cMgM7w==
expires: Wed, 12 Aug 2020 22:33:07 GMT

GET
H2 200 sprites-social-sm.png
s3.reutersmedia.net/resources_v2/images/ 18 KB
18 KB 41ms
41ms Image
image/png 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/sprites-social-sm.png
Requested by: Host: s3.reutersmedia.net
URL: https://s3.reutersmedia.net/resources_v2/js/libraries/jquery-2.2.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 2b21fd1e6c9e4098735e7fbc5d68fe033f4a26563370ccab1537c186999f762f

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:54:06 GMT
content-encoding: gzip
age: 77641
x-cache: Hit from cloudfront
status: 200
content-length: 18216
last-modified: Fri, 15 Apr 2016 01:03:29 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: sBiCh3UB3zUT7TAfOpAg4tItYNLbZEuYTyatCe3j_2C4Z5z5Y3bDOQ==
expires: Thu, 13 Aug 2020 00:54:06 GMT

GET
H2 200 sprites-social.png
s3.reutersmedia.net/resources_v2/images/ 14 KB
14 KB 41ms
41ms Image
image/png 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources_v2/images/sprites-social.png
Requested by: Host: s3.reutersmedia.net
URL: https://s3.reutersmedia.net/resources_v2/js/libraries/jquery-2.2.4.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1cbc284ea3e3c890ea3c373cb7fb7472568453c018baefb44ae8a652da1445a0

Request headers

Referer: https://s2.reutersmedia.net/resources_v2/css/core.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 00:49:37 GMT
content-encoding: gzip
age: 80339
x-cache: Hit from cloudfront
status: 200
content-length: 13541
last-modified: Fri, 15 Apr 2016 01:03:29 GMT
server: nginx
vary: Accept-Encoding
content-type: image/png
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: eFztclOEOAWvskbDrH8ApAe9cMHKZtD4p3kc848H3i76uP0X_vmwEA==
expires: Thu, 13 Aug 2020 00:09:08 GMT

GET
H/1.1 200
OK service Show response
async01.admantx.com/admantx/ 62 B
257 B 178ms
46ms Script
text/plain 54.247.116.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://async01.admantx.com/admantx/service?request=%7B%22key%22%3A%22234330834c41105ad5ed794fa036e085b40225c44f9228bb9e2692f427917605%22%2C%20%22decorator%22%3A%22template.reuters%22%2C%20%22filter%22%3A%5B%22default%22%5D%2C%20%22method%22%3A%22descriptor%22%2C%20%22mode%22%3A%22async%22%2C%20%22type%22%3A%22URL%22%2C%20%22body%22%3A%22https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpayment-sent-travel-%253D%22%7D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.116.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-116-142.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: b68ef84092a1b0e218c39af2a4133261f35e2f68c80378a322653922fa5fdc50

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 12 Aug 2020 22:28:07 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 62
Content-Type: text/plain; charset=UTF-8

GET
H2 200 reuters.js Show response
tru.am/scripts/custom/ 1 KB
1 KB 38ms
22ms Script
application/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/reuters.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f23d93c9b8e3ca26f6fcc6be6a8d087e43a3f5795daa3c61017071642f66f3c

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 2231638
x-guploader-uploadid: AAANsUlK-rhqWIaSronpM69LDK3tSKdIlWTr545LHnYUXX1YBJwnHqKhyvJA1BK1p6ChhuoYauFsuyxDZP87axzJFw
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 048662be810000dfdf328d6200000001
last-modified: Fri, 19 Apr 2019 06:14:57 GMT
server: cloudflare
etag: W/"40b7d4de06dae04ec0d6537ef2f54db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=e3JHUg==, md5=QLfU3gba4E7A1lN+8vVNuA==
x-goog-generation: 1555654497328861
content-type: application/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 1056
cf-ray: 5c1da0aa6bc4dfdf-FRA
expires: Sat, 18 Jul 2020 03:34:09 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 32ms
13ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tinypass.com/xbuilder/experience/load?aid=TIDovF4cqC
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1dc64fac45e75fffefbd76f176c6ea118ab79b88b3efddc5642d4e7c76d4fe

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 1712
p3p: CP="NON DSP COR OUR IND"
status: 200
x-forwarded-https: on
cf-request-id: 048662be84000005c4ee2bf200000001
x-request-id: Cb31zeqkEsp
wn: prod-exp-10-0-113-165
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 5c1da0aa693b05c4-FRA
expires: Wed, 12 Aug 2020 22:58:07 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 385 KB
121 KB 28ms
26ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tinypass.com/api/tinypass.min.js
Requested by: Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=TIDovF4cqC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad590c30e8e0ef2b2539b0f1a7e4e4da38a6a7b2a8b3f88048338c22da590253

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 153
p3p: CP="NON DSP COR OUR IND"
status: 200
x-forwarded-https: on
cf-request-id: 048662be9e000005c4ee2c1200000001
wn: prod-dash-10-0-127-211
last-modified: Tue, 11 Aug 2020 16:55:24 GMT
server: cloudflare
etag: W/"394506-1597164924000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
server-time: 0.000
cache-control: public, max-age=300
cf-ray: 5c1da0aa998805c4-FRA
expires: Wed, 12 Aug 2020 22:33:07 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 35 KB
12 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 2231652
x-guploader-uploadid: AAANsUlz9Yip85RfgS4jGavu6PDS8YEyP7WdDck7YcMKysD_x9qSJ9Qiyi4E5v-ygmEAlwDD_aGRLlN8Bnsmjdj3lw
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 048662be9d0000dfdf328d9200000001
last-modified: Fri, 19 Apr 2019 06:14:55 GMT
server: cloudflare
etag: W/"942d5ae1e512ccdf18813550428dd002"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=O7AZFg==, md5=lC1a4eUSzN8YgTVQQo3QAg==
x-goog-generation: 1555654495662585
content-type: application/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 35540
cf-ray: 5c1da0aa9c15dfdf-FRA
expires: Sat, 18 Jul 2020 03:33:55 GMT

GET
H2 200 ads.js Show response
www.reuters.com/ 112 B
553 B 143ms
142ms Script
text/javascript 13.226.155.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/ads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-46.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 7464555aae6d8d87b77f7170fba1698ff64f7454ded58627ca1819246e9a9969

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
browser-expires: Wed, 12 Aug 2020 22:28:07 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: http://admin.reuters.com
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Origin,charset
content-length: 116
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
x-amz-cf-id: yjSnozZQz7_sVvPhulewmkOHzKF7QEjElgu73vdVBtgRXJzK6pLtFw==
expires: Wed, 12 Aug 2020 22:33:07 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 2 KB
2 KB 124ms
124ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tinypass.com/xbuilder/experience/execute?aid=TIDovF4cqC
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3af6ed714d5ce556688f218133f6576ceb926a0c789655791752a69b4eb022e5

Request headers

Accept: */*
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
status: 200
x-forwarded-https: on
cf-request-id: 048662bef7000005c4ee2c5200000001
x-request-id: Cve2zeq45xa
pragma: no-cache
wn: prod-exp-10-0-113-165
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5c1da0ab2ab105c4-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 56 KB
15 KB 114ms
29ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 731ebb6e8eb86eb45b6e7269a9374d1ac90533bfca3a81774dfe51f84fee2f92

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 14733
last-modified: Wed, 05 Aug 2020 19:47:31 GMT
server: AkamaiNetStorage
etag: "9ed00dc4b4ef73cfa3427a0b9764a8d0:1596656851.752407"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:28:07 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 299 B
485 B 130ms
46ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 22:02:45 GMT
server: AkamaiNetStorage
status: 200
etag: "1503f70c7bb024bac76b917ae38a7af3:1584223365.978506"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 209

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/1237/ 48 KB
4 KB 130ms
46ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1237/snthemes.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 78d7768fb1213eced669894455aac7c1bfb17452b25ef69859ab7617cb85856f

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 3701
last-modified: Fri, 26 Jun 2020 14:04:50 GMT
server: AkamaiNetStorage
etag: "250e5fd831f93b742b230a49f56ee029:1593180290.533778"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:28:07 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/1237/reuters/ 19 KB
3 KB 132ms
48ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1237/reuters/settings.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7962dce1427363ac8964c27e8a221d2b6f320fa55f7e32df3508b288d99ff915

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 2681
last-modified: Wed, 01 Jul 2020 02:14:34 GMT
server: AkamaiNetStorage
etag: "ab26685e301ed5649625ade2ef42d4cf:1593569674.617377"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:28:07 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 111ms
34ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 13 Aug 2020 22:28:07 GMT

GET
H2 200 gwiq.js Show response
gwiqcdn.globalwebindex.net/gwiq/ 6 KB
6 KB 63ms
18ms Script
application/javascript 35.201.93.216
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.93.216 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 216.93.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:22:01 GMT
age: 366
x-guploader-uploadid: AAANsUmh-kJFh_d5cF4-LKOXxo0yXu9wBVaSohi5lb39y8M8ra84U3HQPloWVYtUwOgBo6ugaokXgJPXlU6qTOK4_tw
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 5766
last-modified: Wed, 15 Apr 2020 08:49:27 GMT
server: UploadServer
etag: "aba61abde9777087262fb27526ba1ef6"
x-goog-hash: crc32c=yYfjgA==, md5=q6Yavel3cIcmL7J1Jroe9g==
x-goog-generation: 1586940567400828
cache-control: public, max-age=3600
x-goog-stored-content-length: 5766
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 Aug 2020 23:22:01 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/1237/translations/ 65 KB
6 KB 30ms
30ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/1237/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0301abe27c75fe3b60eff31ce1d31238c9b84d4f36c037bacf0a8656b6a6fb45

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 5633
last-modified: Wed, 01 Jul 2020 01:41:52 GMT
server: AkamaiNetStorage
etag: "e21cd11f7f077dfa60a4974f4e56a950:1593567712.14839"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=86400, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 13 Aug 2020 22:28:07 GMT

GET
H2 204 1
l.betrad.com/site/v3/1237/5669/1/1/1/ 0
120 B 367ms
122ms Image
text/plain 34.193.24.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/1237/5669/1/1/1/1?consent=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.24.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-24-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312961195854690&ev=Microdata&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&rl=&if=false&ts=1597271287724&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20Not%20Found%20%7C%20Reuters.com%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs4.reutersmedia.net%2Fresources_v2%2Fimages%2Frcom-default.png%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22U.S.%22%2C%22og%3Atitle%22%3A%22Page%20Not%20Found%20%7C%20Reuters.com%22%2C%22og%3Atype%22%3A%22section%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22headline%22%3A%22Page%20Not%20Found%20%7C%20Reuters.com%22%2C%22url%22%3A%22https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D%22%2C%22thumbnailUrl%22%3A%22%22%2C%22dateCreated%22%3A%22%22%2C%22description%22%3A%22%22%2C%22publisher%22%3A%22Reuters%22%2C%22creator%22%3A%5B%5D%2C%22keywords%22%3A%5B%22%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.23&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1597271287219.1005508555&it=1597271287173&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 12 Aug 2020 22:28:07 GMT

GET
H2 200 a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js Show response
cdn.permutive.com/ 177 KB
41 KB 79ms
38ms Script
application/javascript 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2df439d2fb94c54fe2d14bae4aa14f88cbdb244d7bf6d303d02262e5a91365

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 2572
x-guploader-uploadid: AAANsUn7hj4aX64T-QfiYpkiGwI2kamr7fzPaXYw7tHrh2SvWGutwHvSCqf5N-PLyYzsOUItrGxCkw47V87chkTtP40
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
cf-request-id: 048662bfe10000cc3a90b67200000001
last-modified: Tue, 11 Aug 2020 18:38:14 GMT
server: cloudflare
etag: W/"ebce3517c2fba4e144934a04441bb645"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WJAUPA==, md5=6841F8L7pOFEk0oERBu2RQ==
x-goog-generation: 1597171094807240
cache-control: public, max-age=300
x-goog-stored-content-length: 44206
cf-ray: 5c1da0ac9d97cc3a-ZRH
expires: Wed, 12 Aug 2020 22:33:07 GMT

GET
H2 200 bidexchange.js Show response
contextual.media.net/ 440 KB
124 KB 134ms
66ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/reuters_gpt_bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d473f7404dfcc4f9fb0353857f706247ae1873e2ac6eb2b0be8802ad8b94f0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:28:07 GMT
vary: Accept-Encoding
x-mnet-h: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
status: 200
cache-control: max-age=1800
content-type: text/javascript; charset=utf-8
expires: Wed, 12 Aug 2020 22:58:07 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035630&ns__t=1597271287726&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271287726&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%...

0
528 B

34ms
34ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271287726&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&c9=&cs_ak_ss=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Aug 2020 22:28:07 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035630&ns__t=1597271287726&ns_c=UTF-8&cv=3.5&c8=Page%20Not%20Found%20%7C%20Reuters.com&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 12 Aug 2020 22:28:07 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 178ms
46ms XHR
application/json 18.202.86.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=4579BF7A580A3C6A0A495DAF%40AdobeOrg&d_nsid=0&ts=1597271287742

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.202.86.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-202-86-190.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3ec9dc278207d55c0c247f7c8b1ff9b4d391de1efb371e7086e06ddc991205ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v078-0eb30c403.edge-irl1.demdex.com 5.76.0.20200805085924 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: YrrlrnJWSpc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.reuters.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1064
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK MCX_Thomson_Reuters_Modal_Invite.css
siteintercept.allegiancetech.com/dist/tr1si001/ 7 KB
2 KB 528ms
130ms Stylesheet
text/css 67.221.239.62
RACKMY-STL-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://siteintercept.allegiancetech.com/dist/tr1si001/MCX_Thomson_Reuters_Modal_Invite.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.221.239.62 , United States, ASN27467 (RACKMY-STL-AS1, US),
Reverse DNS: 67-221-239-62.www.allegiancetech.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: baa066783210ec503c97545b0caeffba83b53c3c4d969a9c5ce94ee3ecb4db00

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:08 GMT
Content-Encoding: gzip
ETag: "030a62402dd61:0"
Last-Modified: Mon, 18 May 2020 18:16:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
X-Alleg-Server: cw03
Content-Length: 1661

GET
H/1.1 200
OK MCX_Thomson_Reuters_Modal_Invite.js Show response
siteintercept.allegiancetech.com/dist/tr1si001/ 3 KB
1 KB 556ms
137ms Script
application/x-javascript 67.221.239.62
RACKMY-STL-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://siteintercept.allegiancetech.com/dist/tr1si001/MCX_Thomson_Reuters_Modal_Invite.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.221.239.62 , United States, ASN27467 (RACKMY-STL-AS1, US),
Reverse DNS: 67-221-239-62.www.allegiancetech.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 74946a6535af619858813a4ba2513c464acc6499631515961c2c2862b515eab8

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:08 GMT
Content-Encoding: gzip
ETag: "0c6b777d13dd61:0"
Last-Modified: Mon, 08 Jun 2020 20:14:52 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Alleg-Server: cw03
Content-Length: 956

GET
H/1.1 200
OK reuters_logo.png
siteintercept.allegiancetech.com/dist/tr1si001/images/ 122 KB
122 KB 558ms
138ms Image
image/png 67.221.239.62
RACKMY-STL-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siteintercept.allegiancetech.com/dist/tr1si001/images/reuters_logo.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.221.239.62 , United States, ASN27467 (RACKMY-STL-AS1, US),
Reverse DNS: 67-221-239-62.www.allegiancetech.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7b1d29ae1792d7b78f057f0043a15ba261c39850cc37da2ce80352b9877585db

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:08 GMT
Last-Modified: Mon, 23 Dec 2019 17:30:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "18c757b0b6b9d51:0"
Content-Type: image/png
Accept-Ranges: bytes
X-Alleg-Server: cw03
Content-Length: 124736

GET
H2 204 61500
l.betrad.com/site/v3/1237/5669/1/2/1/1/ 0
120 B 332ms
123ms Image
text/plain 34.193.24.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/1237/5669/1/2/1/1/61500?consent=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.24.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-24-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 61500
l.betrad.com/site/v3/1237/5669/1/1/1/1/ 0
120 B 330ms
122ms Image
text/plain 34.193.24.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.betrad.com/site/v3/1237/5669/1/1/1/1/61500?consent=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.24.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-24-72.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
BLOB 200
OK 6e6f8366-b7e8-4096-ae0c-f191a183fcd1
https://www.reuters.com/ 16 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reuters.com/6e6f8366-b7e8-4096-ae0c-f191a183fcd1
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed8058bda781a0f3868914dce9255e2ed745a31ff2296953cd7618088c1599c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 16331
Content-Type: application/javascript

POST
H2 200 graphql Show response
api.permutive.com/ 384 B
501 B 80ms
42ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/graphql?k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 06590858cdf91520ede7dcd637bc32fcdac9c39d62fc063ad050754c43cfdae7

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 22:28:07 GMT
content-encoding: gzip
server: Permutive
status: 200
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 244
via: 1.1 google

GET
H2 200 tc.js Show response
contextual.media.net/ 11 KB
7 KB 45ms
45ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tc.js?&tpkey=TB4M82W&size=300x250&v=19&nat=1&https=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3c0d27b79bfe51d6abbc99eb79bd7731804fa80823d85bce422ee364185c6126

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:28:07 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=172800
content-length: 6573
expires: Fri, 14 Aug 2020 22:28:07 GMT

GET
H2 200 tc.js Show response
contextual.media.net/ 13 KB
8 KB 44ms
44ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tc.js?&tpkey=T645KQG&size=728x90&v=19&nat=1&https=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d27b59be0fa35fd199035fb3d095a553cf11e6c7b44d583b2942650fc3da5977

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:28:07 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=172800
content-length: 7712
expires: Fri, 14 Aug 2020 22:28:07 GMT

GET
H2 200 pubcid.php Show response
contextual.media.net/ 57 KB
18 KB 49ms
49ms Script
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Wed, 12 Aug 2020 22:28:08 GMT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=1800
content-length: 18543
x-mnet-hl2: E
expires: Wed, 12 Aug 2020 22:58:08 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 61 B
380 B 51ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 12 Aug 2020 22:28:07 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 476
content-length: 175
expires: 60

GET
H2 200 px.gif
contextual.media.net/ 43 B
206 B 31ms
30ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/px.gif?&ch=1&vn=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
last-modified: Wed, 19 Jul 2017 10:11:12 GMT
server: Apache
strict-transport-security: max-age=604800
content-type: image/gif
status: 200
cache-control: max-age=1111580
accept-ranges: bytes
content-length: 43
expires: Tue, 25 Aug 2020 19:14:28 GMT

GET
H/1.1 200
OK px.gif
s.mnet-ad.net/ 43 B
355 B 466ms
154ms Image
image/gif 66.81.204.228
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.mnet-ad.net/px.gif?&ch=2&vn=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.81.204.228 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:08 GMT
Last-Modified: Wed, 19 Jul 2017 10:11:12 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=20
Content-Length: 43
Expires: Wed, 26 Aug 2020 22:28:08 GMT

GET
H/1.1 200
OK Cookie set dest5.html
reuters.demdex.net/ Frame 33F9 0
0 228ms
50ms Document
text/html 52.30.191.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reuters.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.191.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-191-169.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: reuters.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=25124237777719314172525656992406702555
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 05 Aug 2020 13:19:14 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=25124237777719314172525656992406702555;Path=/;Domain=.demdex.net;Expires=Mon, 08-Feb-2021 22:28:08 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: 3AJmHGEjSFQ=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 50 KB
50 KB 144ms
57ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1YN-&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=391166652*9%7C300x600%7C8CUD609M7%7C362622121%7C%7C%7C1%40391166652*23%7C300x250~300x600%7C8CUF1VN4G%7C12762257~12762257%7C%7C%7C1%40391166652*29%7C300x250~300x600%7C11384%7C31484_123996_15~31484_123996_10%7C%7C%7C1%40391166652*51%7C300x250~300x600%7C973973%7C11084976~11084976%7C0.07%7C%7C1%40391166652*74%7C300x250~300x600%7C1113800%7C12209207~12209207%7C%7C%7C1%40391166652*80%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C0.06%7C%7C1%40391166652*84%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652%7C%7C%7C3%40391166652*117%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*145%7C300x600~300x250%7C100600%7C147215~147215%7C%7C%7C1%40391166652*172%7C300x250~300x600%7C8CUF1VN4G%7C15331955~15331955%7C0.06%7C%7C1%40391166652*175%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C0.01%7C%7C1%40391166652*178%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*201%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*203%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*214%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*222%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40391166652*3007%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*3010%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*3015%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652~391166652%7C%7C%7C3%40451439109*9%7C300x250%7C8CUD609M7%7C155187763%7C%7C%7C1%40451439109*23%7C300x250%7C8CUF1VN4G%7C12762293%7C%7C%7C1%40451439109*29%7C300x250%7C11384%7C31484_123998_15%7C%7C%7C1%40451439109*51%7C300x250%7C973973%7C11084979%7C0.07%7C%7C1%40451439109*80%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C0.06%7C%7C1%40451439109*84%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109%7C%7C%7C3%40451439109*117%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*145%7C300x250%7C100600%7C147218%7C%7C%7C1%40451439109*172%7C300x250%7C8CUF1VN4G%7C15331958%7C0.06%7C%7C1%40451439109*175%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C0.01%7C%7C1%40451439109*178%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*203%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*214%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*222%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40451439109*3007%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*3010%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*3014%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40518121357*9%7C728x90%7C8CUD609M7%7C996968123%7C%7C%7C1%40518121357*23%7C728x90%7C8CUF1VN4G%7C12762293%7C%7C%7C1%40518121357*29%7C728x90%7C11384%7C31484_123998_2%7C%7C%7C1%40518121357*51%7C728x90%7C973973%7C11084978%7C0.69%7C%7C1%40518121357*80%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C0.06%7C%7C1%40518121357*84%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357%7C%7C%7C3%40518121357*117%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*145%7C728x90%7C100600%7C147217%7C%7C%7C1%40518121357*172%7C728x90%7C8CUF1VN4G%7C15331957%7C0.06%7C%7C1%40518121357*175%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C0.01%7C%7C1%40518121357*178%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*203%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*214%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*222%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40518121357*3007%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*3010%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*3014%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40612341223*23%7C728x90%7C8CUF1VN4G%7C12762257%7C%7C%7C1%40612341223*29%7C728x90~970x250%7C11384%7C31484_123996_2~31484_123996_57%7C%7C%7C1%40612341223*51%7C728x90%7C973973%7C11084975%7C0.69%7C%7C1%40612341223*74%7C728x90~970x250%7C1113800%7C12209209~12209209%7C%7C%7C1%40612341223*80%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C0.06%7C%7C1%40612341223*84%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223%7C%7C%7C3%40612341223*117%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*145%7C728x90~970x250%7C100600%7C147214~147214%7C%7C%7C1%40612341223*172%7C728x90~970x250%7C8CUF1VN4G%7C15303527~15303527%7C0.06%7C%7C1%40612341223*175%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C0.01%7C%7C1%40612341223*178%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C1%40612341223*203%7C728x90~970x250%7C8CUF1VN4G%7C612341223_8CUF1VN4G~612341223_8CUF1VN4G%7C%7C%7C1&crid=391166652%2C451439109%2C518121357%2C612341223&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=231176200463480241597271287976&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.36009556867202996&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1583%7D&itype=HB&cc=CH&rc=ZH&ct=ZURICH&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19&isRefresh=0&switch=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce6bb6ba6ca4c607ed3819dee06c5a232b52700ed19eb7b8e6bbf99628f6b0dd

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:08 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 11 KB
11 KB 184ms
97ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1YN-&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=612341223*9%7C728x90~970x250%7C8CUD609M7%7C813012502~450341239%7C%7C%7C1%40612341223*214%7C970x250~728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G~612341223_8CUF1VN4G%7C%7C%7C1%40612341223*222%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C1%40612341223*3007%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*3010%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*3015%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223~612341223%7C%7C%7C3%40894667540*9%7C300x250%7C8CUD609M7%7C611759711%7C%7C%7C1%40894667540*80%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C0.06%7C%7C1%40894667540*175%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C0.01%7C%7C1%40894667540*178%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*201%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*203%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*214%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1%40894667540*222%7C300x250%7C8CUF1VN4G%7C894667540_8CUF1VN4G%7C%7C%7C1&crid=612341223%2C894667540&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=751501468097940801597271287983&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.2671505377076606&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1583%7D&itype=HB&cc=CH&rc=ZH&ct=ZURICH&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19&isRefresh=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b8bb20e334373e4352eab4f4799f8b5f6c9d138d311ca88b3f9795f8795d0217

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:08 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H2 200 log
cslogger.media.net/ 35 B
194 B 503ms
490ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cslogger.media.net/log?logid=kfk&evtid=cs&origin=1&vsid=2402728875348379000V10&pvgid=data-co&ovsid=1bff2c0c-4cc9-4a95-84ef-2c4c58523b6b&cs=15
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.25.v20191220) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:08 GMT
server: Jetty(9.4.25.v20191220)
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 4 KB
5 KB 142ms
95ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1YN-&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=391166652*59%7C300x250~300x600%7C8CUF1VN4G%7C_112891~_112891%7C0.07%7C%7C1%40451439109*59%7C300x250%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1%40518121357*59%7C728x90%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1%40612341223*59%7C728x90~970x250%7C8CUF1VN4G%7C_112891~_112891%7C0.07%7C%7C1%40894667540*59%7C300x250%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1&crid=391166652%2C451439109%2C518121357%2C612341223%2C894667540&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=128237840355179641597271288039&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.8782832345452087&ndec=1&rtusuid=%7B%2259%22%3A%221bff2c0c-4cc9-4a95-84ef-2c4c58523b6b~~15%22%7D&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1583%7D&itype=HB&cc=CH&rc=ZH&ct=ZURICH&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 425ec2192c95ebb90d70bdf1b730d1c999b4f55158ed15b459d66bc30cac23b8

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:08 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 60ms
40ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e27791fc42d736f641254f4c2d1227f8c6570dd68eed9f6be6c33214b801b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "600 / 649 of 1000 / last-modified: 1597270389"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18767
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 46ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.reuters.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
382 B 23ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.reuters.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020080501.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 125ms
59ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 05 Aug 2020 08:42:44 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94052
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H/1.1 200
OK mcxSiteIntercept-1.9.1.js Show response
siteintercept.allegiancetech.com/InterceptScripts/ 33 KB
9 KB 138ms
136ms Script
application/x-javascript 67.221.239.62
RACKMY-STL-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://siteintercept.allegiancetech.com/InterceptScripts/mcxSiteIntercept-1.9.1.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.221.239.62 , United States, ASN27467 (RACKMY-STL-AS1, US),
Reverse DNS: 67-221-239-62.www.allegiancetech.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 47b498fc79a4b9d57c126b8ae0769ad842913bf897910c2fdd74801c82f2dc6f

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:08 GMT
Content-Encoding: gzip
ETag: "80f84e47b0d51:0"
Last-Modified: Wed, 11 Dec 2019 17:18:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
X-Alleg-Server: cw03
Content-Length: 9156

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 476 B
709 B 157ms
56ms XHR
application/json 54.246.208.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10764&slot=%7Bid:div_gpt_lb,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&slot=%7Bid:div_gpt_mpu,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&slot=%7Bid:div_gpt_mpulow,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c76e5555-9aea-39c0-50f1-abd20efd1007&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpayment-sent-travel-%253D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.208.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-255.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 12f4ad3e01e30ac75bdcee41214249e9b56a051f30f409e680b09c6d39b78a0e

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
x-server-name: app08.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 233 B
466 B 151ms
52ms XHR
application/json 54.246.208.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10764&slot=%7Bid:marketslogo,s:%5Bobject%20Object%5D.%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c76e5555-9aea-39c0-50f1-abd20efd1007&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpayment-sent-travel-%253D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.208.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-255.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a90fb765cffaa6e0f9e9188528da802ab31a0eb791e8f6739149ea3290d62ae7

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
x-server-name: app15.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 240 B
473 B 151ms
54ms XHR
application/json 54.246.208.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10764&slot=%7Bid:marketslogo-bottom,s:%5Bobject%20Object%5D,p:/4735792/us.reuters,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=c76e5555-9aea-39c0-50f1-abd20efd1007&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-cyber-cwt-ransom%252Fpayment-sent-travel-%253D
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.208.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-208-255.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 065f79acd4c7f09301fcdb6232f0e9392188da9af851778edb3941d48aad0821

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
x-server-name: app19.ie.303net.net
status: 200
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
398 B 77ms
34ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: aea1c260fd2d96226cd428938fa3b03f67dbcb3c7fc8d5706699384b24de5d8b

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 22:28:08 GMT
content-encoding: gzip
server: Permutive
status: 200
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 142
via: 1.1 google

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 2 KB
3 KB 49ms
47ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1YN-&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=147677722*203%7C186x24%7C8CUF1VN4G%7C147677722_8CUF1VN4G%7C%7C%7C1%40147677722*214%7C186x24%7C8CUF1VN4G%7C147677722_8CUF1VN4G%7C%7C%7C1%40147677722*222%7C186x24%7C8CUF1VN4G%7C147677722_8CUF1VN4G%7C%7C%7C1&crid=147677722&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=headerBid&prvReqId=620290050047449271597271288635&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.5530525645597368&ndec=1&scrsize=1600x1200&taginfo=%7B%22147677722%22%3A%7B%22xps%22%3A1336%2C%22yps%22%3A173%2C%22supply_tag_id%22%3A%22marketslogo%22%7D%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1583%7D&itype=HB&cc=CH&rc=ZH&ct=ZURICH&sid=8973&scc=1&tmt=200&section=us.reuters&prid=8PRVCXX19
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e45d07aae47e0e9256734efca2cb2b1021d588dd191f114aa5b3ac2d97add54

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:08 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:28:08 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 13ms
12ms Script
application/x-javascript 2600:9000:2182:6e00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:6e00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:33:42 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 00:58:19 GMT
server: nginx
age: 3266
etag: W/"5ea239ab-11347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 9lFCptNbygzoCe-OxDXdHUaDgVWAZCkmNpYmXSPCKYtpVEkJJScciQ==
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
expires: Wed, 12 Aug 2020 23:33:42 GMT

GET
H2 200 checksync.php
contextual.media.net/ Frame 5962 0
0 49ms
47ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUF1VN4G&prvid=3%2C23%2C28%2C29%2C33%2C38%2C41%2C51%2C54%2C56%2C59%2C69%2C72%2C74%2C76%2C77%2C80%2C82%2C84%2C97%2C106%2C108%2C109%2C113%2C117%2C118%2C122%2C126%2C138%2C139%2C141%2C145%2C147%2C159%2C172%2C173%2C174%2C175%2C178%2C182%2C184%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C3004%2C3007%2C3008%2C3010%2C3012%2C3014%2C3015%2C3017&rtime=744&https=1&usp_status=0&usp_consent=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CUF1VN4G&dn=www.reuters.com&version=4.1&https=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?&vsSync=1&cs=1&hb=1&cv=37&ndec=1&cid=8CUF1VN4G&prvid=3%2C23%2C28%2C29%2C33%2C38%2C41%2C51%2C54%2C56%2C59%2C69%2C72%2C74%2C76%2C77%2C80%2C82%2C84%2C97%2C106%2C108%2C109%2C113%2C117%2C118%2C122%2C126%2C138%2C139%2C141%2C145%2C147%2C159%2C172%2C173%2C174%2C175%2C178%2C182%2C184%2C188%2C193%2C201%2C203%2C208%2C214%2C222%2C225%2C226%2C3004%2C3007%2C3008%2C3010%2C3012%2C3014%2C3015%2C3017&rtime=744&https=1&usp_status=0&usp_consent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: visitor-id=2402728875348379000V10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Response headers

status: 200
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=27618
expires: Thu, 13 Aug 2020 06:08:26 GMT
date: Wed, 12 Aug 2020 22:28:08 GMT
content-length: 8324

GET
H2 200 tag.min.js Show response
get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/ 42 KB
14 KB 505ms
427ms Script
text/javascript 13.226.155.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9SLGS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f37beed085d2cfdd1386a8942434d8011aa20f2e7afa20d7edfd0d49998da1e7

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Thu, 09 Jul 2020 16:33:02 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
date: Wed, 12 Aug 2020 22:28:10 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-id: lTAaVR6uDmNRVVy_4NDRLM8r8axSc2YBdqMHcDuByMfdNWt-NBVc4g==
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=768909803&t=timing&_s=2&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&dp=%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Reuters.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2268&pdt=38&dns=1&rrt=0&srt=307&tcp=82&dit=992&clt=992&_gst=578&_gbt=591&_cst=438&_cbt=563&_u=aGDAgEAjQ~&jid=&gjid=&cid=356913192.1597271287&tid=UA-24152976-22&_gid=1307366483.1597271287&cd8=0&cd9=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd3=%20-%20&z=716503252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 08:17:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 483022
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
141 B 189ms
189ms XHR
application/json 52.36.169.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/i
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.169.40 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-169-40.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Wed, 12 Aug 2020 22:28:08 GMT
access-control-allow-origin: https://www.reuters.com
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 362ms
121ms Image
image/gif 52.201.74.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=reuters.com&p=reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&u=FIhfsDSd4_RS8hyP&d=reuters.com&g=52639&g0=No%20Section&g1=Reuters%20Editorial&n=1&f=00001&c=0&x=0&m=0&y=1583&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2268&t=XzOOIDdxiMxBrz6ZKbarxHBtVkeA&V=120&i=Page%20Not%20Found%20%7C%20Reuters.com&tz=-120&sn=1&sv=CzOk0h2DaJADD9H7bb8GxBoqZcu&sd=1&im=06672ff0&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.74.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-74-173.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 23 KB
24 KB 51ms
50ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1YN-&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=391166652*51%7C300x250~300x600%7C973973%7C11084976~11084976%7C0.07%7C%7C1%40391166652*80%7C300x250~300x600%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C0.06%7C%7C1%40391166652*84%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652%7C%7C%7C3%40391166652*117%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C391166652_8CUF1VN4G%7C%7C%7C3%40391166652*145%7C300x600~300x250%7C100600%7C147215~147215%7C%7C%7C1%40391166652*172%7C300x250~300x600%7C8CUF1VN4G%7C15331955~15331955%7C0.06%7C%7C1%40391166652*175%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C0.01%7C%7C1%40391166652*178%7C300x600~300x250%7C8CUF1VN4G%7C391166652_8CUF1VN4G~391166652_8CUF1VN4G%7C%7C%7C1%40451439109*51%7C300x250%7C973973%7C11084979%7C0.07%7C%7C1%40451439109*80%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C0.06%7C%7C1%40451439109*84%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109%7C%7C%7C3%40451439109*117%7C1x1_TB4M82W_1%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C3%40451439109*145%7C300x250%7C100600%7C147218%7C%7C%7C1%40451439109*172%7C300x250%7C8CUF1VN4G%7C15331958%7C0.06%7C%7C1%40451439109*175%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C0.01%7C%7C1%40451439109*178%7C300x250%7C8CUF1VN4G%7C451439109_8CUF1VN4G%7C%7C%7C1%40518121357*80%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C0.06%7C%7C1%40518121357*84%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357%7C%7C%7C3%40518121357*117%7C1x1_T645KQG_1%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C3%40518121357*145%7C728x90%7C100600%7C147217%7C%7C%7C1%40518121357*172%7C728x90%7C8CUF1VN4G%7C15331957%7C0.06%7C%7C1%40518121357*175%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C0.01%7C%7C1%40518121357*178%7C728x90%7C8CUF1VN4G%7C518121357_8CUF1VN4G%7C%7C%7C1%40612341223*51%7C728x90%7C973973%7C11084975%7C0.69%7C%7C1%40612341223*80%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C0.06%7C%7C1%40612341223*84%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223%7C%7C%7C3%40612341223*117%7C1x1_T645KQG_1%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C3%40612341223*145%7C728x90~970x250%7C100600%7C147214~147214%7C%7C%7C1%40612341223*172%7C728x90~970x250%7C8CUF1VN4G%7C15303527~15303527%7C0.06%7C%7C1%40612341223*175%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C0.01%7C%7C1%40612341223*178%7C728x90%7C8CUF1VN4G%7C612341223_8CUF1VN4G%7C%7C%7C1&crid=391166652%2C451439109%2C518121357%2C612341223&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=cache&prvReqId=268831667488693611597271288987&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.9495456436047891&ndec=1&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1583%7D&itype=HB&cc=CH&rc=ZH&ct=ZURICH&sid=8973&scc=1&tmt=300&section=us.reuters&prid=8PRVCXX19&switch=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cd4e55fd27b378bad156013ebe8547004b948f64f5a43367a59dce360c8e6a51

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:28:09 GMT

GET
H2 200 rtbsspub
cdneu-xch.media.net/AdExchange/ 4 KB
4 KB 49ms
49ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneu-xch.media.net/AdExchange/rtbsspub?&gdpr=0&gdprconsent=0&usp_enf=1&usp_status=0&us_privacy=1YN-&cid=8CUF1VN4G&region=eu&ptrid=8PRL4E7N3&requestString=391166652*59%7C300x250~300x600%7C8CUF1VN4G%7C_112891~_112891%7C0.07%7C%7C1%40451439109*59%7C300x250%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1%40612341223*59%7C728x90~970x250%7C8CUF1VN4G%7C_112891~_112891%7C0.07%7C%7C1%40894667540*59%7C300x250%7C8CUF1VN4G%7C_112891%7C0.07%7C%7C1&crid=391166652%2C451439109%2C612341223%2C894667540&sd=1&requrl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&bl=1&rt=5&dn=https://www.reuters.com&https=1&act=cache&prvReqId=202358514089018121597271288988&erTr=0&hlt=1&ugd=4&adt=desktop&tr=0.10963237944719761&ndec=1&rtusuid=%7B%2259%22%3A%221bff2c0c-4cc9-4a95-84ef-2c4c58523b6b~~15%22%7D&scrsize=1600x1200&taginfo=%7B%7D&pageinfo=%7B%22vw%22%3A1600%2C%22vh%22%3A1200%2C%22ph%22%3A1583%7D&itype=HB&cc=CH&rc=ZH&ct=ZURICH&sid=8973&scc=1&tmt=300&section=us.reuters&prid=8PRVCXX19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 535a94654f9fa36882129e4b4eecff92bef805fb86fc169b194416ad4d161cb3

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
status: 200
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Wed, 12 Aug 2020 22:28:09 GMT

GET
H2 200 /
s3.reutersmedia.net/resources/r/ 68 B
460 B 73ms
72ms Image
image/png 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources/r/?m=02&d=20150325&t=2&i=8255533457&w=760&fh=&fw=&ll=&pl=&sq=&rtn=LYNNXMPEGXDB44&x30y10&r=LIYXPPGG10FT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash: adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
server: ADFCDN/5.2.3
x-amz-cf-pop: DUS51-C1
x-powered-by: AdDefend GmbH
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges: bytes
content-length: 68
x-amz-cf-id: H-Nw2NwcMIBFNkyp7Mw1XI69md9YUgxperVHlI3S_6gqqCI9dbJyWQ==
expires: 0

GET
H2 200 /
s3.reutersmedia.net/resources/r/adinclude/ 68 B
461 B 79ms
79ms Image
image/png 13.226.155.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.reutersmedia.net/resources/r/adinclude/?m=02&d=20180717&t=2&i=3555489856&w=093&fh=&fw=&ll=&pl=&sq=2&r=IHHDDB44.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-12.dus51.r.cloudfront.net
Software: ADFCDN/5.2.3 / AdDefend GmbH
Resource Hash: adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
via: 1.1 77d8cf253666facea1bbe67902fcbbc1.cloudfront.net (CloudFront)
server: ADFCDN/5.2.3
x-amz-cf-pop: DUS51-C1
x-powered-by: AdDefend GmbH
x-cache: Miss from cloudfront
content-type: image/png
status: 200
cache-control: max-age=0, max-stale=0, must-revalidate, no-cache, no-store, no-transform, post-check=0, pre-check=0, private
accept-ranges: bytes
content-length: 68
x-amz-cf-id: muMqMUfMsJXvimOZJHynzOm70uOzBeSZKQW48vZI2Sohbxl6ZWOXBw==
expires: 0

POST
H/1.1 200
OK event Show response
reuters.demdex.net/ 3 KB
4 KB 55ms
54ms XHR
application/json 52.30.191.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://reuters.demdex.net/event?d_dil_ver=9.3&_ts=1597271289174

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.191.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-191-169.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4949ce80e12658e655e8de0ddf8f064bd5f793a31fc981ec8e380307bbdcb34a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v078-0e7eaf522.edge-irl1.demdex.com 5.76.0.20200805085924 5ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: NOmRAiKBQzA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.reuters.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 2934
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 18 KB
6 KB 38ms
9ms Script
application/javascript 2600:9000:2182:9200:5:9a4c:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/4ed1416f-67eb-4d50-8a45-916a5921fee8/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:9200:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d640ed39630d91dec61dcb107b977293ec29fecbb5e74467e017d872bf76b0db

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: iJO00mi5pglap2bW60H1GBGtloYAnC3A
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:07:03 GMT
server: AmazonS3
age: 140861
date: Tue, 11 Aug 2020 07:20:29 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=172800
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: a4JFOuKhCOR-BG9jg5lnp5fRzfn4VQcQN_GS9LYWnqjde55abonjpw==
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 148 KB
20 KB 450ms
450ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1152358406314236&correlator=1255767140267309&output=ldjh&impl=fifs&adsid=NT&eid=21065976%2C21066806&vrg=2020080501&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200812&iu_parts=4735792%2Cus.reuters&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x66%7C970x180%7C940x230%7C1x1%2C300x250%7C1x1%7C300x600%7C300x1050%7C160x600%2C300x250%7C1x1%7C300x600%2C186x24%7C186x34%2C300x30&prev_scp=type%3Dleaderboard%26bidxc%3D1%26template%3Dother%26id%3D19293e41-dceb-11ea-b70b-025e58922a4e%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26pub%3D40%2C50%26mnetDNB%3D1%26mnetPageID%3D4%26mnetCV%3D3%26mnetCC%3DCH%26mnetUGD%3D4%7Ctype%3Dmpu%26template%3Dother%26id%3D19293e42-dceb-11ea-b70b-025e58922a4e%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%26pub%3D40%2C50%2C60%26mnetDNB%3D1%26mnetPageID%3D1%26mnetCV%3D3%26mnetCC%3DCH%26mnetUGD%3D4%7Ctype%3Dmpulow%26template%3Dother%26id%3D19293e43-dceb-11ea-b70b-025e58922a4e%26mnetDNB%3D1%26mnetPageID%3D2%26mnetCV%3D3%26mnetCC%3DCH%26mnetUGD%3D4%7Ctype%3Dmarketslogo%26template%3Dother%26id%3D192917e7-dceb-11ea-93cd-0a320acf4edc%26vw%3D40%26grm%3D40%26mnetDNB%3D1%26mnetPageID%3D6%26mnetCV%3D3%26mnetCC%3DCH%26mnetUGD%3D4%7Ctype%3Dmarketslogo-bottom%26template%3Dother%26id%3D1929177c-dceb-11ea-be7c-068792706006%26vw%3D40%26grm%3D40&cust_params=bidxc%3D1%26admant%3Dother%26permutive%3D47119%252Crts%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow&cookie_enabled=1&bc=31&abxe=1&lmt=1597271289&dt=1597271289260&dlt=1597271286801&idt=1614&frm=20&biw=1600&bih=1200&oid=3&adxs=250%2C1050%2C1050%2C1150%2C1050&adys=114%2C204%2C1099%2C489%2C773&adks=2357562929%2C1188909309%2C2705124764%2C494809761%2C45201281&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-cyber-cwt-ransom%2Fpayment-sent-travel-%3D&dssz=96&icsg=4222124650857216&mso=512&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1100x90%7C300x1165%7C300x1165%7C300x28%7C300x329&msz=1100x90%7C300x250%7C300x250%7C186x24%7C300x30&ga_vid=356913192.1597271287&ga_sid=1597271289&ga_hid=768909803&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ee9d766ed0d7d19981c84af847c7cba7bf5739c877565cfb775d1de74af025ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20374
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
675aa50516f0a82a244221baac5478f8.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 77ms
38ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://675aa50516f0a82a244221baac5478f8.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
6ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame 5A1B 206 KB
56 KB 46ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30992
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:51:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:51:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 5A1B 16 KB
6 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 49952
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5908
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da3eb6a12045948e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:35:37 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 5A1B 96 KB
30 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30996
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:51:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:51:33 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 5A1B 4 KB
2 KB 51ms
18ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 49952
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1782
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9975c81b3db44358"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:35:37 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 5A1B 48 KB
15 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 50168
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14954
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:32:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "536b0698dfd565aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:32:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5A1B 7 KB
821 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:17:22 GMT
server: ESF
date: Wed, 12 Aug 2020 22:28:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Aug 2020 22:28:09 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/10785477622539794569/ Frame 5A1B 27 KB
27 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10785477622539794569/6592766407814317453

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc0dcb262cad50748aef554b4097973914215ae3284c3d0b76f8972fae580c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 07:48:45 GMT
x-content-type-options: nosniff
age: 52764
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27237
x-xss-protection: 0
last-modified: Mon, 22 Jun 2020 08:26:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 07:48:45 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1491132492369183552/ Frame 5A1B 2 KB
2 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1491132492369183552/downsize_200k_v1?w=100&h=100

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281f3e39e3368b3c1684715725c3ddae2e858093de7b32031dd2efd57975cfb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 08 Aug 2020 07:55:18 GMT
x-content-type-options: nosniff
age: 397971
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2390
x-xss-protection: 0
last-modified: Wed, 03 Jun 2020 08:22:00 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Aug 2021 07:55:18 GMT

GET
DATA 200
OK truncated
/ Frame 5A1B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5A1B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3943eaa6fb7ce827f463daacdd3540f41177254f0fc1aed180e20d2f55c524d

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A1B 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40751
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A1B 295 B
518 B 6ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3671
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A1B 0
0 61ms
61ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxMSu-Ww0X_msFI633wPHz44gnZCIyF6tmrPKzwu_4R4QASDanrUVYPWVzoHgBKABwb-X2QPIAQmpAjqIwABOarI-4AIAqAMByAMKqgSRAk_QRz-jKT9AwphMoSsbLs9sI0LUrPIK_IFJWsAbovKgMvoGAUq2n5OQ5KHoOt2Y4P5z6M3NWupzdVOO8Qq--K-Az32kJaGpbz10sZo6MsStcPXFUvclFcgTzVih3qD0FzY9gVdiN1SIYBGYX5SOGy2XpGDZH2-hpziShSepADcKvHkE7SPwP_0gnovUA4FTBXHMlcb2IqZoh-sLIRrp5WLIN1-Nnzeo1N5iyjrxV-5_g3si_jhmnQok96BdSIgxd_hFfwt2H5FN1yDIwy_ukF9gAhaDgKbeZGtW7wOnvc-dmAYyN3q5rps4Tkc0tqvGia8-VBDRQnRgmLNL_SMjA4CYbnIIsUkp_yE2ZgCH3BISOsAEpNzssoYD4AQBoAYugAenwOgmqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEENaHUtIICQiA4YBAEAEYHYAKA8gLAdgTA4gUAQ&sigh=QVd7cC7zG5E&template_id=484&tpd=AGWhJmucZfrpduOTC_a2q_4f93NgnYj8iAn_5EUdj3JxisuG3w
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5A1B 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.reuters.com

Response headers

date: Tue, 11 Aug 2020 01:57:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 160254
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 11 Aug 2021 01:57:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 5A1B 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://www.reuters.com

Response headers

date: Mon, 10 Aug 2020 15:00:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 199642
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:00:47 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame 164F 206 KB
56 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30992
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:51:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:51:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 164F 16 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 49952
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5908
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da3eb6a12045948e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:35:37 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 164F 96 KB
29 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30996
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:51:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:51:33 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 164F 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 49952
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1782
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9975c81b3db44358"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:35:37 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 164F 48 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 50168
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14954
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:32:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "536b0698dfd565aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:32:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 164F 5 KB
738 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 20:51:55 GMT
server: ESF
date: Wed, 12 Aug 2020 22:28:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Aug 2020 22:28:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 164F 5 KB
739 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Aug 2020 21:55:12 GMT
server: ESF
date: Wed, 12 Aug 2020 22:28:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Aug 2020 22:28:09 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 164F 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40751
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 164F 295 B
352 B 6ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3671
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 164F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45e8b2c777b9f8029840e068adc3249d1a92b20371346a1841c495711d92daf6

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007302351000/ Frame 23F5 206 KB
56 KB 15ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30992
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57393
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:51:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6c9ea7f49fde3b6d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:51:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 23F5 16 KB
6 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 49952
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5908
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "da3eb6a12045948e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:35:37 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 23F5 96 KB
29 KB 21ms
12ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30996
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29738
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 13:51:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c56a9dc6dcfd844b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 13:51:33 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 23F5 4 KB
2 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 49952
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1782
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:35:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9975c81b3db44358"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:35:37 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007302351000/v0/ Frame 23F5 48 KB
15 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007302351000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 50168
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14954
x-xss-protection: 0
server: sffe
date: Wed, 12 Aug 2020 08:32:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "536b0698dfd565aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Aug 2021 08:32:01 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23F5 2 KB
2 KB 13ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40751
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23F5 295 B
352 B 15ms
6ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3671
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 23F5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a163cd7ae9335f01c95eb67a642a1381b6839c2650c69c64a8902ca7022b974

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11873906894576590120/ Frame 164F 1 KB
1 KB 14ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11873906894576590120/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmhc41ra8U0MXPF-neS8v7FEmRrqA

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361e5fccdb8d2fe4fcd3c7c112bb8298c7085e09e3e2420c24cdbc010bf6eec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 06:57:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 09:37:54 GMT
server: sffe
age: 55864
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Thu, 12 Aug 2021 06:57:05 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9578993085293070952/ Frame 164F 25 KB
25 KB 16ms
8ms Image
image/jpeg 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9578993085293070952/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qkduxlo-eK-usfxSJHNdNR9bOv66g

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b26706afa1366f9b9a362f60c9b06d1ab3a6f65031420fdce8d904e5a42af9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 05:07:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 12:23:25 GMT
server: sffe
age: 1790460
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25646
x-xss-protection: 0
expires: Fri, 23 Jul 2021 05:07:09 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 164F 0
0 72ms
64ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChxmE-Ww0X_qsFI633wPHz44guu2xtV6TpZHhhAy_4R4QASDanrUVYPWVzoHgBKABzdPVpAPIAQapAjqIwABOarI-4AIAqAMByAMKqgSXAk_QJEZanLyTTBLVThztUsKcD3ef4V2cmxZUjW1BMjuvb0tfq-FFZXKe_msHn54DmnDqH-A2HCDqyUrlhcPJanAZXpPsS7en-Yiw-uiNfEfrUgH5RCDhQLQ0hXuMvuT4kawrMC1YHO4u3gpEho9Lj-QunFUeLIhsLRdYUkOQJdrrSsrRSt6Y4w6f2PksQcY84K6Ee0J0Tpz6g67GtfeN9e2uz_XGXkI-2v4vEXyZbYAirNs3oMPJUvjjQeew_Vu77EpkiP0i2GRZprAFTqUQTA3Kzguks3oLSIK5BJ-tjRPlnY-1AU1fq9pStuhHpIoW6IattKKji4ugK63YzJDw3u5cLN0ziLUqziGQS32XpyjNSxKOcs39gsAEzriN4ooD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB-TrqluoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQ99oZ0ggJCIDhgEAQARgdgAoDyAsB2BMLiBQD&sigh=F6VoQvYwh6M&template_id=492&tpd=AGWhJmsni0HNX1OOTgAz4jXDriW2jsLToH3Okzg40xUs5fUQMA
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 164F 0
0 22ms
13ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR5_hxm_2VC-1gptW7XdzfURrCZx5DU1JikNNZbDBxZbUXrx_QoTE9OitHTVxHppN97-ymN
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 3280871688421890375
tpc.googlesyndication.com/simgad/ Frame 23F5 16 KB
16 KB 16ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3280871688421890375?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkD0XARolEX_DSMSs_HDFGlx7tZtg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c505b30e6a98a09df7fc6b020570d4735cbe96224de50e116fe8981489cb9844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 10 Aug 2020 07:00:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Sep 2018 18:18:43 GMT
server: sffe
age: 228470
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16643
x-xss-protection: 0
expires: Tue, 10 Aug 2021 07:00:19 GMT

GET
H2

200

B23778878.267244363;dc_pre=CPPI4J7blusCFe2Gdwodp4AEZg;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/ Frame 23F5
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23778878.267244363;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23778878.267244363;dc_pre=CPPI4J7blusCFe2Gdwodp4AEZg;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag...

42 B
117 B

50ms
49ms

Image
image/gif

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23778878.267244363;dc_pre=CPPI4J7blusCFe2Gdwodp4AEZg;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f230.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N790339.3167285ADWORDSGDN/B23778878.267244363;dc_pre=CPPI4J7blusCFe2Gdwodp4AEZg;dc_trk_aid=462038524;dc_trk_cid=105894660;ord=3236015173;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 23F5 0
0 72ms
64ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVUet-Ww0X_usFI633wPHz44gn7HM2F6AqIGHpAuf3cfUkw4QASDanrUVYPWVzoHgBKAB7_WO2wPIAQLgAgCoAwHIAwiqBJcCT9BOCwZq40TbRqfntkI_v5GmpQJKfSSSbyq56FpOPV6l4KuyvIiwlNceDAtLIy2BbgPDrrPdkq__gWP8aLbFVi5IlydG_nNLjLs3QyiAW6vi4geocSfM2oG3cUYgLPbcUjtiZSoy5EzjpPkzUfFVhVVAeTiT5QdubbzP_CaaJFc2b4IZUuDO9K6dnBuH-uKVsFXYRhuVUzfH4e-iqvk55xCJS_ODp1A1GL4iCR46X4wWO0SQNtKjuO_u0jsaU9lZbHKu33jA1jy7YVcymnatYLWsuqhQbAA7lVhUy2zRMEdEwEGHzhGjiLVRrK-ze-9rJ0lbVE4o-nnecaL_iujMHX-B6jw3FVXkTzuLe0yMlpYZy_sQ7I8ywATGmuWvlwLgBAGSBQQIBBgBkgUECAUYBKAGAoAHnrabKagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCw5AzSCAkIgOGAQBABGB2ACgPICwHYEww&sigh=o9uBCAaUjB0&tpd=AGWhJmu1ruPic1KUnykPMsq2U0xv558MNnafFH_thfuU8r6KEw
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
22ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d8d699ed83871fb3ff806c55c79c6c49489571627ad62119ef332046ca68dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 22:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 164F 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Origin: https://www.reuters.com

Response headers

date: Tue, 11 Aug 2020 09:53:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 131707
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 11 Aug 2021 09:53:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 164F 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Origin: https://www.reuters.com

Response headers

date: Mon, 10 Aug 2020 15:05:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 199334
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 10 Aug 2021 15:05:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:28:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 12 Aug 2020 22:28:09 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 164F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 12 Aug 2020 22:28:10 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 23F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 12 Aug 2020 22:28:10 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A1B 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40752
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5A1B 295 B
356 B 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3672
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11873906894576590120/ Frame 164F 1 KB
1 KB 6ms
5ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

361e5fccdb8d2fe4fcd3c7c112bb8298c7085e09e3e2420c24cdbc010bf6eec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 06:57:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 09:37:54 GMT
server: sffe
age: 55865
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Thu, 12 Aug 2021 06:57:05 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9578993085293070952/ Frame 164F 25 KB
25 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b26706afa1366f9b9a362f60c9b06d1ab3a6f65031420fdce8d904e5a42af9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 05:07:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2020 12:23:25 GMT
server: sffe
age: 1790461
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25646
x-xss-protection: 0
expires: Fri, 23 Jul 2021 05:07:09 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 164F 2 KB
2 KB 8ms
8ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40752
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 164F 295 B
352 B 7ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3672
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23F5 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40752
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 13 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 23F5 295 B
352 B 7ms
7ms Image
image/png 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 12 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 3672
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 13 Aug 2020 21:26:58 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame C905 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Wed, 12 Aug 2020 21:20:01 GMT
expires: Thu, 12 Aug 2021 21:20:01 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4089
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
233 B 15ms
14ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020080501&jk=1152358406314236&bg=!g4ClgJhYVLrEPYiG4xYCAAAAUlIAAAALmQGmQXTp8ZYy9KRg7Nr5TR0IYXSNhRvv2rSD2WFcAGcR84D9NHEucjem6bT5gkFLgVBS_RcMDCDj20ArvhsiMGc8QSdKZoBUUpPtPCSvbI0LpJuLwynd-GcTfq48g2TlVUxIAXTeAJNRF3Wr2ObttHs77XtXIbifOI9xcNnXLnDRj2r94PoROa7ZR8qB70_36QjZXhoSlBB3RpPJn8Z223wd5-L0w6ceIWMQuBnh4d33uaeDCjozmY9RmINKQr9Wkn00RyH-9Vq-A-O6V1ObPLhcatS7wsX5yOWdWmQ1pz6ZzXA_HxOyer5xTb_deIkSfybpbUlgKtS0tsewm5HtyPX-dkRGW1AgOHfdo3T265JsDli0WFUcnQE8etVvVmtvSXTz3_kk2eK-bk1HXqINih7QRM4RitdPJkkE00fWis8VT23jhY_68X1lJzxxzkHyzbZLH-F56IbEebcax7IRmPyR5lC95MAKaNUXUdedUCLganF1Fb_pug6pF-rZGPfQOXBXl3-6vkVIQtSqtBjlYPLlGGgpMp8jcnXeL4cRP8WkP16BYar64d8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5A1B 0
0 63ms
63ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSvOf-Ww0X_msFI633wPHz44gnZCIyF6tmrPKzwu_4R4QASDanrUVYPWVzoHgBKABwb-X2QPIAQmpAjqIwABOarI-4AIAqAMBqgSRAk_QRz-jKT9AwphMoSsbLs9sI0LUrPIK_IFJWsAbovKgMvoGAUq2n5OQ5KHoOt2Y4P5z6M3NWupzdVOO8Qq--K-Az32kJaGpbz10sZo6MsStcPXFUvclFcgTzVih3qD0FzY9gVdiN1SIYBGYX5SOGy2XpGDZH2-hpziShSepADcKvHkE7SPwP_0gnovUA4FTBXHMlcb2IqZoh-sLIRrp5WLIN1-Nnzeo1N5iyjrxV-5_g3si_jhmnQok96BdSIgxd_hFfwt2H5FN1yDIwy_ukF9gAhaDgKbeZGtW7wOnvc-dmAYyN3q5rps4Tkc0tqvGia8-VBDRQnRgmLNL_SMjA4CYbnIIsUkp_yE2ZgCH3BISOsAEpNzssoYD4AQBoAYugAenwOgmqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEENaHUtIICQiA4YBAEAEYHYAKA8gLAdgTA4gUAQ&sigh=vU5heoejQOw&vt=1&template_id=484
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5A1B 42 B
112 B 15ms
15ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvteNAbElFfNzVJsKZeUggdz64e2otY-k5-DOoUH3NT_Jwi691cTnVZ3NX_3V9GkBcAK4W0ZuvB-fjSVsMXhoaKpVWysRwLYW1NzIdZ7dP7ywMIXVLpvit0n0UaYw&sai=AMfl-YRKCypUmEw0ERRbL1w7Y0iJqCvP0iY8YGrq4zV4Jscn6vgwt6cS4vLAJjdxoWtJyYvuam7sVoCHrrXmRGd3mK0SDD7F5O593i7yL9uXl79vGGMKVQi-7c_7BlQjbZo&sig=Cg0ArKJSzA5CHiPe-qIjEAE&cid=CAASPeRo7_kDF3Ed5qz42ZMoej2NXaJnsekdwiHAENm4bFrIvIwlvYYDUqmKFf4OyU9jQUTwZGb4hbiDpU518Ts&id=ampim&o=436,114&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=193&tls=1193&g=100&h=100&tt=1193&r=v&avms=ampa&adk=2357562929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 164F 42 B
107 B 15ms
14ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujDaDIQRqdqksyIlR5bbvFCN6fynt7seLv4xrA8rYFozsImD2RR1VVQoSIvADaeCpl6EcfdYteON2p_8zl5FRQYi6CI1aC5YfImQta--pV8qWpT6T9ZnCnhGjucA&sai=AMfl-YST_SbN_UCBs9LIBTuQInssTbWWMH5hHlR82t9pXMsa_ezhvW-8UquXeoUBdS1RkQUj7rwIpKvZ0gRIYXwV4kyZfVJYjAV1UsvMArblZqVWrNckAiocUGL_jmazSTc&sig=Cg0ArKJSzCQe8SJ1Hz8jEAE&cid=CAASPeRoUJRdFZHp5s9s2qnEBTT-ScAXrbxJML9n1bFCbTrWfZrqlDD5pou8vQiHD7r38-IolTG1QSV0uvRJuSU&id=ampim&o=1050,228&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=161&tls=1164&g=100&h=100&tt=1164&r=v&avms=ampa&adk=1188909309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Aug 2020 22:28:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
209 B 38ms
37ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 442b3fd3c3972a1fbbd0f07cda8f60819468a996938210f49d7a37f02e7fc69f

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 12 Aug 2020 22:28:11 GMT
content-encoding: gzip
server: Permutive
status: 200
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: clear
content-length: 141
via: 1.1 google

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 24 B
436 B 144ms
38ms XHR
application/json 13.226.155.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-49.dus51.r.cloudfront.net
Software: /
Resource Hash: 245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 21:47:42 GMT
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront), 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
age: 2437
x-amzn-requestid: 8bd08d99-294e-434e-bad4-6dcfd765fcf1
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1, DUS51-C1
x-amz-apigw-id: RLR7yEYciYcFnpA=
content-length: 24
x-amz-cf-id: KryrDS1-Awrg2SyXIjppNzK---zQBKNkl0fud3rjJgDNuoZYNIf3CQ==

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
827 B 107ms
36ms XHR
application/json 13.226.155.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-105.dus51.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:03:53 GMT
content-encoding: gzip
server: restify
age: 1466
status: 200
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: dDCn1_GPQEHKu7GW4bpwcLIPBeLfpUBiYQGtPsO1f7YiuVRjKL5Efg==
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
826 B 107ms
36ms XHR
application/json 13.226.155.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.155.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-105.dus51.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 12 Aug 2020 22:03:53 GMT
content-encoding: gzip
server: restify
age: 1466
status: 200
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: DN5XuqK5eKYcl_o_16a92UKawPACML30NObdksqgq1aA3fbraKmlbQ==
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
478 B

32ms
32ms

XHR
application/json

72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 571495ca5401cb64af14c7b7ccf506b54f714f53e072f340c6def221b44bf99b

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 12 Aug 2020 22:28:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.reuters.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Wed, 12 Aug 2020 22:28:19 GMT
Server: nginx
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: https://www.reuters.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

POST
H2 200 metrics
metrics-collector.s-onetag.com/ 0
0 113ms
41ms Other
application/json 76.223.7.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics-collector.s-onetag.com/metrics
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.7.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab51a9e8185f181d0.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time

Verdicts & Comments Add Verdict or Comment

228 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.reuters.com/	1970-01-19 20:25:20	Name: McxPageVisit Value: 1
.reuters.com/	1970-01-20 05:12:23	Name: AMCV_4579BF7A580A3C6A0A495DAF%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18487%7CMCMID%7C24823351334997802592567620357956346465%7CMCAAMLH-1597876087%7C6%7CMCAAMB-1597876087%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1597278487s%7CNONE%7CvVersion%7C4.4.0
.demdex.net/	1970-01-19 16:00:23	Name: demdex Value: 25124237777719314172525656992406702555
www.reuters.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1597271287944
.reuters.com/	1970-01-20 13:57:59	Name: permutive-id Value: 9266e208-4c56-4b85-9add-ef6d57b3c522
.reuters.com/	1970-01-20 13:57:59	Name: permutive-session Value: %7B%22session_id%22%3A%22b9985b2b-d28d-48dd-a7c8-3bac23894d23%22%2C%22last_updated%22%3A%222020-08-12T22%3A28%3A07.845Z%22%7D
.reuters.com/	1970-01-20 05:12:23	Name: xbc Value: %7Bjzx%7DaDgHBcHto3SYFqkc2Wn5DAKZUnPR0slugavoMmFiGkDNq308yMxi-925TxHVYBHKQcmpUc6u5Js4Rxes92m4vDkd-8Aoj3bt9xJ6HnTtWlq3ukhZaEQ3wgo34yCsLGmdO6N1WgooRoOz6fL-h1EiMw
.reuters.com/	1970-01-19 11:42:37	Name: __pvi Value: %7B%22id%22%3A%22v-2020-08-13-00-28-07-531-y9yKXEuKsmEf3art-e127725f9e943be13527c7379ca1782c%22%2C%22domain%22%3A%22.reuters.com%22%2C%22time%22%3A1597271287677%7D
.reuters.com/	1970-01-19 11:42:37	Name: _gid Value: GA1.2.1307366483.1597271287
.reuters.com/	1970-01-19 12:24:23	Name: __pat Value: -14400000
www.reuters.com/	1970-01-19 20:26:47	Name: usprivacy Value: 1---
.reuters.com/	1970-01-20 05:12:23	Name: __tbc Value: %7Bjzx%7Dyo9xUxAKwg32SeQvuAZGbe4z1qkCYawwx3jbxD-LSlxzhKyxhYBCdU-zWpMYHxf-UpcESXdKCMtKXkPZl_M1pCPbRjMBEXWVuVUb5tikXdky9CodKCaAq9vhO5Y6Ula3HzyVzbU0qDL8Htc3rl51Vg
.demdex.net/	1970-01-19 16:00:23	Name: dextp Value: 21-1-1597271288255\|60-1-1597271288358\|481-1-1597271288460\|601-1-1597271288562\|771-1-1597271288664
.reuters.com/	1970-01-19 11:41:11	Name: _gat Value: 1
.reuters.com/	1970-01-19 20:26:47	Name: ajs_anonymous_id Value: %2268fa9f58-e93f-4c67-9b45-24653f5be833%22
.reuters.com/	1970-01-19 13:50:47	Name: _fbp Value: fb.1.1597271287219.1005508555
www.reuters.com/	1970-01-19 21:09:59	Name: _cb_ls Value: 1
.reuters.com/	1969-12-31 23:59:59	Name: AMCVS_4579BF7A580A3C6A0A495DAF%40AdobeOrg Value: 1
.reuters.com/	1970-01-20 05:12:23	Name: _ga Value: GA1.2.356913192.1597271287

57 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s2.reutersmedia.net/resources_v2/js/core-tracking.js(Line 395) Message: GET SCROLL ########
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 349) Message: admantx_callback :OK
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 349) Message: admantx_callback TR3.data.admantx:other
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 8) Message: Init Bootstrap with config [object Object]
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 8) Message: ###### ias setup complete
console-api	log	(Line 1) Message: Blocking Ads: No
console-api	log	(Line 1) Message: comscore new global fired
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 349) Message: GWIQ: undefined
console-api	log	URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1) Message: Evidon -- evidon-notice-link not found on page, cant display the consent link.
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 8) Message: [object Object]
console-api	log	(Line 1) Message: setImmediate$0.9884568130013198$10
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 8) Message: Setup media.net without consent requirement
console-api	log	(Line 1) Message: ---destpub-to-parent---canSetThirdPartyCookies\|true
console-api	log	URL: https://siteintercept.allegiancetech.com/dist/tr1si001/MCX_Thomson_Reuters_Modal_Invite.js(Line 47) Message: Old Intercept
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 8) Message: GPT SET ADMANTX: other
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 8) Message: GPT ENABLE SERVICES
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 865) Message: Display Ad via GPT: Site:us.reuters Target: type=leaderboard;adstest=;smbl=;template=other Div Slot: div_gpt_lb Sync FL new_framework
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 892) Message: Display Ad via GPT: Site:us.reuters Target: type=mpu;adstest=;smbl=;template=other Div Slot: div_gpt_mpu Sync FL new_framework
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 901) Message: Display Ad via GPT: Site:us.reuters Target: type=mpulow;adstest=;smbl=;template=other Div Slot: div_gpt_mpulow Sync FL new_framework
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 967) Message: ###### request ads with ias
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 619) Message: ####iasPET slots from group call [object Object],[object Object],[object Object]
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 767) Message: ###### request native ad with ias marketslogo
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 655) Message: ####iasPET slot from single call [object Object]
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 773) Message: Display Ad via GPT: Site:us.reuters Target: type=marketslogo;adstest=;smbl=;template=other Div Slot:marketslogo new_framework
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 767) Message: ###### request native ad with ias marketslogo-bottom
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 655) Message: ####iasPET slot from single call [object Object]
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 773) Message: Display Ad via GPT: Site:us.reuters Target: type=marketslogo-bottom;adstest=;smbl=;template=other Div Slot:marketslogo-bottom new_framework
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 661) Message: #### display single ad with ias marketslogo-bottom
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 625) Message: #### display group of ads with ias
console-api	log	URL: https://www.reuters.com/reuters_gpt_bootstrap.js(Line 661) Message: #### display single ad with ias marketslogo
console-api	log	(Line 2) Message: segment identify user with traits: [object Object]
console-api	log	(Line 1) Message: 3PCookieSupported
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
console-api	info	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 422) Message: Powered by AMP ⚡ HTML – Version 2007302351000 https://www.reuters.com/article/us-cyber-cwt-ransom/payment-sent-travel-=
console-api	log	(Line 1) Message: [object Object]
console-api	log	(Line 1) Message: visibility-changed-0
console-api	log	(Line 1) Message: visibility-changed-0
console-api	log	(Line 1) Message: amp-ini-load
console-api	log	(Line 1) Message: visibility-changed-0
console-api	log	(Line 1) Message: visibility-changed-0
console-api	log	(Line 1) Message: visibility-changed-0
console-api	log	(Line 1) Message: visibility-changed-0
console-api	log	(Line 1) Message: amp-ini-load
console-api	log	(Line 1) Message: amp-ini-load
console-api	log	(Line 1) Message: visibility-changed-1
console-api	log	(Line 1) Message: visibility-changed-1
console-api	log	(Line 1) Message: {"c":"sfchannel1","p":"{\"uid\":\"1\",\"width\":728,\"height\":90}","s":"creative_geometry_update"}
console-api	log	(Line 1) Message: visibility-changed-1
console-api	log	(Line 1) Message: visibility-changed-1
console-api	log	(Line 1) Message: {"c":"sfchannel2","p":"{\"uid\":\"2\",\"width\":300,\"height\":0}","s":"creative_geometry_update"}
console-api	log	(Line 1) Message: visibility-changed-0.3880000114440918
console-api	log	(Line 1) Message: {"c":"sfchannel3","p":"{\"uid\":\"3\",\"width\":300,\"height\":254}","s":"creative_geometry_update"}
console-api	log	(Line 1) Message: impression-viewable
console-api	log	(Line 1) Message: impression-viewable
console-api	log	(Line 1) Message: impression-viewable
console-api	warning	URL: https://cdn.ampproject.org/rtv/012007302351000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CSvOf-Ww0X_msFI633wPHz44gnZCIyF6tmrPKzwu_4R4QASDanrUVYPWVzoHgBKABwb-X2QPIAQmpAjqIwABOarI-4AIAqAMBqgSRAk_QRz-jKT9AwphMoSsbLs9sI0LUrPIK_IFJWsAbovKgMvoGAUq2n5OQ5KHoOt2Y4P5z6M3NWupzdVOO8Qq--K-Az32kJaGpbz10sZo6MsStcPXFUvclFcgTzVih3qD0FzY9gVdiN1SIYBGYX5SOGy2XpGDZH2-hpziShSepADcKvHkE7SPwP_0gnovUA4FTBXHMlcb2IqZoh-sLIRrp5WLIN1-Nnzeo1N5iyjrxV-5_g3si_jhmnQok96BdSIgxd_hFfwt2H5FN1yDIwy_ukF9gAhaDgKbeZGtW7wOnvc-dmAYyN3q5rps4Tkc0tqvGia8-VBDRQnRgmLNL_SMjA4CYbnIIsUkp_yE2ZgCH3BISOsAEpNzssoYD4AQBoAYugAenwOgmqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEENaHUtIICQiA4YBAEAEYHYAKA8gLAdgTA4gUAQ&sigh=vU5heoejQOw&vt=1&template_id=484

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

675aa50516f0a82a244221baac5478f8.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ap.lijit.com
api.markitondemand.com
api.permutive.com
api.segment.io
apiservice.reuters.com
async01.admantx.com
beacon.s-onetag.com
c.evidon.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.permutive.com
cdn.segment.com
cdn.tinypass.com
cdneu-xch.media.net
connect.facebook.net
content.markitcdn.com
contextual.media.net
cslogger.media.net
dpm.demdex.net
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
gum.criteo.com
gwiqcdn.globalwebindex.net
l.betrad.com
mab.chartbeat.com
metrics-collector.s-onetag.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
reuters.demdex.net
s.mnet-ad.net
s2.reutersmedia.net
s3.reutersmedia.net
s4.reutersmedia.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
siteintercept.allegiancetech.com
static.chartbeat.com
static.reutersmedia.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tru.am
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.reuters.com
104.111.238.139
104.111.252.228
104.19.150.54
13.226.145.149
13.226.155.105
13.226.155.117
13.226.155.12
13.226.155.30
13.226.155.37
13.226.155.40
13.226.155.46
13.226.155.49
13.226.155.99
172.217.21.230
18.202.86.190
2.18.235.93
209.234.234.15
216.58.208.34
23.34.184.248
23.62.140.165
2600:9000:2182:6e00:18:1fcd:34e:d2a1
2600:9000:2182:9200:5:9a4c:9b00:93a1
2606:4700:20::681a:374
2606:4700::6811:b8b1
2a00:1450:4001:800::2003
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:814::200e
2a00:1450:4001:818::2001
2a00:1450:4001:819::2001
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:821::2008
2a00:1450:4001:824::2002
2a00:1450:4001:825::200a
2a00:1450:400c:c00::9a
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::714
34.107.254.252
34.193.24.72
35.201.93.216
52.201.74.173
52.30.191.169
52.36.169.40
54.246.208.255
54.247.116.142
66.81.204.228
67.221.239.62
72.251.249.14
76.223.7.58
0094fb88b35d7af1bb06790d931e0565f41a965828d0f5cc9479f41716d5f801
0117695b46b2a986ae9653c89ec1ca81c108ee388b41a1e875fb006cd87accef
013a2895b9256f25522ed80084bf130e2ab32dcf0c9244439479cd547cb801bf
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0301abe27c75fe3b60eff31ce1d31238c9b84d4f36c037bacf0a8656b6a6fb45
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05570487bb3f6249f82ffaaf817889dc909225f80ae76d6f0e6c864465b8304f
06590858cdf91520ede7dcd637bc32fcdac9c39d62fc063ad050754c43cfdae7
065f79acd4c7f09301fcdb6232f0e9392188da9af851778edb3941d48aad0821
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0b9e118360dd88369b7e0ab5fdd7ef936894bb28b66830acee714156d3d7c81a
0c4dad3997369ebae2c412a2e8048588238b638519aa475a6478615e58c6a24c
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0ed8058bda781a0f3868914dce9255e2ed745a31ff2296953cd7618088c1599c
0ffc6faf5e0661a7eb88f3804ab8e23388de4685474c32f661d2ed1d65bbff96
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e27791fc42d736f641254f4c2d1227f8c6570dd68eed9f6be6c33214b801b3
12f4ad3e01e30ac75bdcee41214249e9b56a051f30f409e680b09c6d39b78a0e
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
187ef47cfc091c4fc645d78e6e4c56951cdd6144e5b9a6adddfacc286f1b1aa6
18c44f4e64c66d0c037bfd7ed0c8fae6f4e25f395135d2a6e06aa233f01173f4
1a163cd7ae9335f01c95eb67a642a1381b6839c2650c69c64a8902ca7022b974
1aa705b81190551f8bd280dd5d39a29eb654a03ba45282343667bf69eb4b4456
1cbc284ea3e3c890ea3c373cb7fb7472568453c018baefb44ae8a652da1445a0
1d8d699ed83871fb3ff806c55c79c6c49489571627ad62119ef332046ca68dc0
22d5918d37b94e4552789480cf9784b05f558bd9e9e9eafae8dff9c383c5c2c2
22fcd7f43a6991fc5aba362660e9e663cffe967c89f282c59e88df9ad5e810ff
245c7bb98e9ec0aaf0712f56ab6738e58bcee55110c6a8d8802efe864d0bdbd0
281f3e39e3368b3c1684715725c3ddae2e858093de7b32031dd2efd57975cfb2
2a7a5100d1b04b40f49ec3661a2ce57d3af5acbd35497cd946e87912a6c9e021
2b21fd1e6c9e4098735e7fbc5d68fe033f4a26563370ccab1537c186999f762f
2b8d8ef7fec86e16424f0c6be7f0471a0c29256e074e1336d92876ddb4bc09ff
2e45d07aae47e0e9256734efca2cb2b1021d588dd191f114aa5b3ac2d97add54
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
361e5fccdb8d2fe4fcd3c7c112bb8298c7085e09e3e2420c24cdbc010bf6eec0
3af6ed714d5ce556688f218133f6576ceb926a0c789655791752a69b4eb022e5
3c0d27b79bfe51d6abbc99eb79bd7731804fa80823d85bce422ee364185c6126
3ec9dc278207d55c0c247f7c8b1ff9b4d391de1efb371e7086e06ddc991205ef
41d8a4b3ea02cd01fa69fef7e72e23a996d65aa85bf6864c0c8a3d18cb0c2466
425ec2192c95ebb90d70bdf1b730d1c999b4f55158ed15b459d66bc30cac23b8
442b3fd3c3972a1fbbd0f07cda8f60819468a996938210f49d7a37f02e7fc69f
45e8b2c777b9f8029840e068adc3249d1a92b20371346a1841c495711d92daf6
47b498fc79a4b9d57c126b8ae0769ad842913bf897910c2fdd74801c82f2dc6f
4949ce80e12658e655e8de0ddf8f064bd5f793a31fc981ec8e380307bbdcb34a
4b26706afa1366f9b9a362f60c9b06d1ab3a6f65031420fdce8d904e5a42af9b
4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d
5275e53dca9e7f8cb2741c3e11050df06b6d9167b088dbd8e0ce59052aa97556
535a94654f9fa36882129e4b4eecff92bef805fb86fc169b194416ad4d161cb3
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
55c0ff88bb5908297892337163cf14f573d8ea07b24b2fa01f4ffcb19b18b6cb
571495ca5401cb64af14c7b7ccf506b54f714f53e072f340c6def221b44bf99b
5780e3e9ddef741fb88c5384e025d45d00478732610f1d20555bdc721ea9d19e
5b88974c8423c217006395b78b5c4158621eea9878954d9207d298db39a52db6
5d1b68ddb0016d3c2a2608da629aa23f7e5347bcda824e2555f0184a5bd62b2f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
63b1ebf0de23fce0a5b2a746d6fd5f9e88bf4a69d73f146448a3a88b0a0e3b29
68ff86e6a3bc683739e7190e4efaff20bbafe0d89c99c42c1b17163ef5203968
6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53
6ab8fd59b244067c23f4bcb9a6bc85edd153bb44f8fd63f8bb90b2e94c7043d0
6d2df439d2fb94c54fe2d14bae4aa14f88cbdb244d7bf6d303d02262e5a91365
6d2fe32d253b1c23c584887a2d05bba8d56ad3b233081d190be436c70209ead2
6f23d93c9b8e3ca26f6fcc6be6a8d087e43a3f5795daa3c61017071642f66f3c
731ebb6e8eb86eb45b6e7269a9374d1ac90533bfca3a81774dfe51f84fee2f92
7464555aae6d8d87b77f7170fba1698ff64f7454ded58627ca1819246e9a9969
74946a6535af619858813a4ba2513c464acc6499631515961c2c2862b515eab8
78d7768fb1213eced669894455aac7c1bfb17452b25ef69859ab7617cb85856f
7962dce1427363ac8964c27e8a221d2b6f320fa55f7e32df3508b288d99ff915
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b1d29ae1792d7b78f057f0043a15ba261c39850cc37da2ce80352b9877585db
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
887acf8d48deb6cf8681da13ee39f83b4692d894caf76d56ddcb4ab10cd5fbc4
88a461f663347f3a4ce21231f5da1033e8d83d1bae7e083cca1b69fa0bb3b019
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9268c1faede9be036d0596edf7a2d220e5384bcff038d1f80e3856e2eee46b9e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9355ad0b5ef8906fbbdec701d87e705460e0011bd3e8ed4231e0b25381e0b6cf
951a8278d3c8c2ab5de7d8b59a922638b513e32e4dc1dd76e3911fb6090d9789
97eace3bede10fcac04259174542f1192c3fd47b9a17380b12d407cd39983b85
9cc0dcb262cad50748aef554b4097973914215ae3284c3d0b76f8972fae580c1
9d473f7404dfcc4f9fb0353857f706247ae1873e2ac6eb2b0be8802ad8b94f0b
9d4dfd664b730a77673d24b98d34b3cdce3aa3cbb017c021c6319067ed69ead2
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee
a8f98adb683fc4da002ae7e1831c4f5142a53481135d1a1ec5bc5f085b89e317
a90fb765cffaa6e0f9e9188528da802ab31a0eb791e8f6739149ea3290d62ae7
ad590c30e8e0ef2b2539b0f1a7e4e4da38a6a7b2a8b3f88048338c22da590253
adfa0c7de03bc3bea3de80b4a4514881c8b6296568f43a5acd5cd7a16fffd1c9
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f
aea1c260fd2d96226cd428938fa3b03f67dbcb3c7fc8d5706699384b24de5d8b
af7b47cb891dac23f49e8711c253bf388f35c9efc0bf379cf9d2bda005d8ed1a
b1e7c0988fe58052a50f9f16d8ca71ef607816c3f8fbf059b31d6caccd99d95a
b53885cc9721ff3334410434e3c0f81fc745d258b461fb31aca1843b5d9559d1
b68ef84092a1b0e218c39af2a4133261f35e2f68c80378a322653922fa5fdc50
b6d07224613ccebc5e94e0fbf7a5ede63c955cacbf1373ee8a3119ac4db98a9f
b8bb20e334373e4352eab4f4799f8b5f6c9d138d311ca88b3f9795f8795d0217
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d
baa066783210ec503c97545b0caeffba83b53c3c4d969a9c5ce94ee3ecb4db00
bd1dc64fac45e75fffefbd76f176c6ea118ab79b88b3efddc5642d4e7c76d4fe
c0072073b75cc3c79adcbe1c8c395a42ac4b9c567da70802d772e087d5e08873
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c3943eaa6fb7ce827f463daacdd3540f41177254f0fc1aed180e20d2f55c524d
c4177b2d65f97ec701dffd86eb6695b742b8a1cc8ffe2a64c1913478ee3c7c78
c4a7b4babd8d76af2ddc0840bda733cd5a0b409895bb74d5302ff1155c9b32bc
c505b30e6a98a09df7fc6b020570d4735cbe96224de50e116fe8981489cb9844
c8c328a290022020d5d1c7fb4e8443b2afafaa72fa253d26053d3fad082ebf40
cd4e55fd27b378bad156013ebe8547004b948f64f5a43367a59dce360c8e6a51
ce6bb6ba6ca4c607ed3819dee06c5a232b52700ed19eb7b8e6bbf99628f6b0dd
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d27b59be0fa35fd199035fb3d095a553cf11e6c7b44d583b2942650fc3da5977
d2a6da3f0a0b2d176b90998f8571f10f1282ebb72812f92689a819a87074d62a
d640ed39630d91dec61dcb107b977293ec29fecbb5e74467e017d872bf76b0db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41f07eced66e12809bec654b0a18677a78a7814525dcb6b99934d0b4bcecfc4
e4976438d6fc94da31bcd73c3ad1368e08dbcdb94143162e6a2e0748da7cffb0
e58b5f1ec0b366d5af022fc6580f518062cd5de023870bb4881cc7936cb4da06
ee1ed7b578e1ef6fc0b4eac9c4f9eaa16f3301fce096666526e9d08e4956bb5d
ee9d766ed0d7d19981c84af847c7cba7bf5739c877565cfb775d1de74af025ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37beed085d2cfdd1386a8942434d8011aa20f2e7afa20d7edfd0d49998da1e7
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.reuters.com Open in urlscan Pro 13.226.155.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

176 Requests

99 %HTTPS

41 %IPv6

36 Domains

58 Subdomains

54 IPs

8 Countries

2140 kBTransfer

6185 kBSize

19 Cookies

45 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.reuters.com Open in urlscan Pro
13.226.155.46 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

99 %
HTTPS

41 %
IPv6

36
Domains

58
Subdomains

54
IPs

8
Countries

2140 kB
Transfer

6185 kB
Size

19
Cookies

176 HTTP transactions
4 data transactions