www.seattletimes.com Open in urlscan Pro
104.109.83.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/E1ozc4ZxGb
Effective URL:
https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-l...
Submission: On November 18 via api (November 18th 2019, 8:54:09 pm UTC) from US

Summary HTTP 109 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 37 domains to perform 109 HTTP transactions. The main IP is 104.109.83.60, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is www.seattletimes.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 25th 2019. Valid for: a year.

This is the only time www.seattletimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 1	54.70.43.234 54.70.43.234	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
19	104.109.83.60 104.109.83.60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:215... 2600:9000:2156:d800:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	34.248.0.222 34.248.0.222	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:21f... 2600:9000:21f3:200:1f:287:d20a:ce1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	104.109.64.186 104.109.64.186	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.225.78.38 13.225.78.38	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 7	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY - Fastly)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	143.204.90.242 143.204.90.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:21f... 2600:9000:21f3:fa00:5:9a4c:9b00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.101.107 143.204.101.107	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	54.88.83.111 54.88.83.111	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY - Fastly)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE - Google LLC)
1	93.184.220.113 93.184.220.113	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	35.190.91.111 35.190.91.111	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.84.142.222 54.84.142.222	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 2	23.5.97.37 23.5.97.37	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	23.0.46.188 23.0.46.188	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.207.22.192 34.207.22.192	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	72.246.169.232 72.246.169.232	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	178.250.2.152 178.250.2.152	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2.16.186.99 2.16.186.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.64.189.244 185.64.189.244	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	2600:9000:20e... 2600:9000:20eb:e00:5:ae3a:ba00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
109	53

2 104.244.42.133 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.70.43.234 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-70-43-234.us-west-2.compute.amazonaws.com

dlvr.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.109.83.60 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-83-60.deploy.static.akamaitechnologies.com

www.seattletimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d800:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.0.222 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-0-222.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:200:1f:287:d20a:ce1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.109.64.186 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-64-186.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.38 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-38.fra2.r.cloudfront.net

static.seattletimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.90.242 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-90-242.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:fa00:5:9a4c:9b00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.107 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-107.fra50.r.cloudfront.net

awsapi.seattletimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.83.111 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-88-83-111.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.113 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.91.111 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 111.91.190.35.bc.googleusercontent.com

smashsurprise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.142.222 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-84-142-222.compute-1.amazonaws.com

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.5.97.37 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.0.46.188 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-0-46-188.deploy.static.akamaitechnologies.com

c.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l3.aaxads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.230 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.207.22.192 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-207-22-192.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.232 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a72-246-169-232.deploy.static.akamaitechnologies.com

aaxdetect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.120.147 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

seattle-times-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.152 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.99 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-99.deploy.static.akamaitechnologies.com

ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.244 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:e00:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	seattletimes.com www.seattletimes.com static.seattletimes.com awsapi.seattletimes.com	415 KB
10	typekit.net use.typekit.net p.typekit.net	209 KB
7	google-analytics.com 1 redirects www.google-analytics.com	47 KB
6	google.com 2 redirects www.google.com ampcid.google.com adservice.google.com	2 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	61 KB
5	google.de ampcid.google.de www.google.de adservice.google.de	1006 B
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com t.pubmatic.com	98 KB
3	aaxads.com c.aaxads.com l3.aaxads.com	85 KB
3	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	43 KB
3	amazon-adsystem.com c.amazon-adsystem.com	28 KB
3	s-onetag.com get.s-onetag.com beacon.s-onetag.com onetag-geo.s-onetag.com	21 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	googlesyndication.com tpc.googlesyndication.com
2	facebook.com www.facebook.com	382 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	facebook.net connect.facebook.net	112 KB
2	postrelease.com jadserve.postrelease.com	3 KB
2	googletagmanager.com www.googletagmanager.com	75 KB
2	crwdcntrl.net ad.crwdcntrl.net tags.crwdcntrl.net	13 KB
2	chartbeat.com static.chartbeat.com mab.chartbeat.com	9 KB
2	t.co t.co	782 B
1	akamaihd.net ntvcld-a.akamaihd.net	20 KB
1	criteo.net static.criteo.net	14 KB
1	casalemedia.com as-sec.casalemedia.com	910 B
1	criteo.com bidder.criteo.com	150 B
1	rubiconproject.com fastlane.rubiconproject.com	10 KB
1	openx.net seattle-times-d.openx.net	549 B
1	lijit.com ap.lijit.com	641 B
1	googletagservices.com www.googletagservices.com	15 KB
1	aaxdetect.com aaxdetect.com	324 B
1	calltrk.com cdn.calltrk.com	11 KB
1	smashsurprise.com smashsurprise.com	31 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	ntv.io s.ntv.io	90 KB
1	googleapis.com fonts.googleapis.com	696 B
1	dlvr.it 1 redirects dlvr.it	712 B
109	37

	Domain	Requested by
19	www.seattletimes.com	www.google.com www.seattletimes.com
9	use.typekit.net	www.seattletimes.com use.typekit.net
7	www.google-analytics.com	1 redirects www.seattletimes.com www.google-analytics.com
4	www.google.com	2 redirects t.co www.seattletimes.com
3	www.google.de	www.seattletimes.com
3	c.amazon-adsystem.com	www.seattletimes.com c.amazon-adsystem.com
3	static.seattletimes.com	www.seattletimes.com
2	tpc.googlesyndication.com	smashsurprise.com securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	2 redirects
2	www.facebook.com	www.seattletimes.com connect.facebook.net
2	c.aaxads.com	smashsurprise.com www.seattletimes.com
2	sb.scorecardresearch.com	1 redirects www.seattletimes.com
2	js.matheranalytics.com	1 redirects www.seattletimes.com
2	connect.facebook.net	t.co connect.facebook.net
2	jadserve.postrelease.com	s.ntv.io www.seattletimes.com
2	ads.pubmatic.com	www.seattletimes.com ads.pubmatic.com
2	www.googletagmanager.com	www.seattletimes.com www.googletagmanager.com
2	t.co	www.seattletimes.com
1	onetag-geo.s-onetag.com	beacon.s-onetag.com
1	t.pubmatic.com	ads.pubmatic.com
1	ntvcld-a.akamaihd.net	www.seattletimes.com
1	acdn.adnxs.com	ads.pubmatic.com
1	static.criteo.net	ads.pubmatic.com
1	p.typekit.net	www.seattletimes.com
1	as-sec.casalemedia.com	ads.pubmatic.com
1	ib.adnxs.com	ads.pubmatic.com
1	bidder.criteo.com	ads.pubmatic.com
1	fastlane.rubiconproject.com	ads.pubmatic.com
1	seattle-times-d.openx.net	ads.pubmatic.com
1	ap.lijit.com	ads.pubmatic.com
1	hbopenbid.pubmatic.com	ads.pubmatic.com
1	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	www.seattletimes.com
1	l3.aaxads.com	www.seattletimes.com
1	aaxdetect.com	www.seattletimes.com
1	www.i.matheranalytics.com	www.seattletimes.com
1	ad.doubleclick.net	smashsurprise.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	ampcid.google.de	www.google-analytics.com
1	cdn.calltrk.com	www.googletagmanager.com
1	smashsurprise.com	t.co smashsurprise.com
1	tags.crwdcntrl.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ampcid.google.com	www.google-analytics.com
1	awsapi.seattletimes.com	www.seattletimes.com
1	beacon.s-onetag.com	get.s-onetag.com
1	mab.chartbeat.com	static.chartbeat.com
1	get.s-onetag.com	www.seattletimes.com
1	ad.crwdcntrl.net	www.seattletimes.com
1	s.ntv.io	www.seattletimes.com
1	fonts.googleapis.com	www.seattletimes.com
1	static.chartbeat.com	www.seattletimes.com
1	dlvr.it	1 redirects
109	56

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
seattletimes.com
secure.seattletimes.com
jobs.seattletimes.com
autos.seattletimes.com
classifieds.seattletimes.com
company.seattletimes.com
itunes.apple.com
play.google.com
www.twitter.com
srw.seattletimes.com
nie.seattletimes.com
ffn.seattletimes.com
nl.newsbank.com
stux.wufoo.com
homes.seattletimes.com
services.nwsource.com
mediakit.seattletimes.com
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.seattletimes.com GeoTrust RSA CA 2018	`2019-03-25` - `2020-06-23`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2018-06-12` - `2019-12-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.s-onetag.com Amazon	`2019-06-25` - `2020-07-25`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2018-07-20` - `2020-01-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-11-14` - `2020-08-07`	9 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2018-12-13` - `2020-03-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.postrelease.com Amazon	`2019-03-27` - `2020-04-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2 years	crt.sh
tags.crwdcntrl.net DigiCert SHA2 Secure Server CA	`2019-03-15` - `2021-04-07`	2 years	crt.sh
smashsurprise.com Let's Encrypt Authority X3	`2019-10-25` - `2020-01-23`	3 months	crt.sh
cdn.calltrk.com Amazon	`2019-05-22` - `2020-06-22`	a year	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.aaxads.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.i.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-12-10` - `2020-02-08`	2 years	crt.sh
*.aaxdetect.com DigiCert ECC Secure Server CA	`2018-12-25` - `2020-03-25`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2019-08-13` - `2020-08-12`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Frame ID: 27116BAF0927282117A66051174231F6
Requests: 110 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: A8C3EA9C2226A2CE1024F91E05580962
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: CB26268CB450658690E0164D890AB458
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0777D76D93FB5E19EE2F13913453D839
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/E1ozc4ZxGb Page URL
http://dlvr.it/RJQQdR HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-bus... Page URL
https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams... Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

109
Requests

92 %
HTTPS

37 %
IPv6

37
Domains

56
Subdomains

53
IPs

8
Countries

1429 kB
Transfer

4152 kB
Size

0
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: http://www.legacy.com/obituaries/seattletimes/#_ga=1.72389267.1837675783.1379017650
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/seattletimes/#_ga=1.15101558.1560921668.1447363166
Title: Paid Obituaries

Search URL Search Domain Scan URL

URL: http://seattletimes.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/replica
Title: Print Replica

Search URL Search Domain Scan URL

URL: http://jobs.seattletimes.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://autos.seattletimes.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/
Title: Log In

Search URL Search Domain Scan URL

URL: http://classifieds.seattletimes.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://www.legacy.com/obituaries/seattletimes/#_ga=1.6704882.1560921668.1447363166
Title: Paid Obituaries

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/store/
Title: Seattle Times Store

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/managesubscriptions
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/seattle-times-mobile/id329502124
Title: iOS App

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.seattletimes.android.SeattleTimesMobileNews
Title: Android App

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Pauledroberts

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/who-we-are/
Title: About the company

Search URL Search Domain Scan URL

URL: https://srw.seattletimes.com/
Title: Seattle Restaurant Week

Search URL Search Domain Scan URL

URL: http://nie.seattletimes.com/
Title: Newspapers in Education

Search URL Search Domain Scan URL

URL: http://ffn.seattletimes.com/
Title: Fund for the Needy

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/careers/
Title: Employment

Search URL Search Domain Scan URL

URL: http://nl.newsbank.com/nl-search/we/Archives/?p_product=HA-SE&p_theme=histpaper&p_action=keyword
Title: Historical Archives

Search URL Search Domain Scan URL

URL: http://company.seattletimes.com/contact-us/
Title: Company information

Search URL Search Domain Scan URL

URL: https://stux.wufoo.com/forms/permissions-and-licensing-request/
Title: Permissions

Search URL Search Domain Scan URL

URL: http://homes.seattletimes.com/postlisting.html
Title: Homes

Search URL Search Domain Scan URL

URL: http://services.nwsource.com/ClassifiedWeb/ObituaryNotice.aspx
Title: Obituary

Search URL Search Domain Scan URL

URL: http://jobs.seattletimes.com/employer-home
Title: Jobs

Search URL Search Domain Scan URL

URL: http://mediakit.seattletimes.com/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/linksubscription
Title: Activate Account

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/deliveryholds
Title: Place Temporary Hold

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/reportdeliveryissue
Title: Report Delivery Issue

Search URL Search Domain Scan URL

URL: https://secure.seattletimes.com/accountcenter/paymybill
Title: Make a Payment

Search URL Search Domain Scan URL

URL: https://www.facebook.com/seattletimes
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/seattletimes
Title: Twitter

Search URL Search Domain Scan URL

URL: https://company.seattletimes.com/notices/notice3.html
Title: Copyright © 2019 The Seattle Times

Search URL Search Domain Scan URL

URL: https://company.seattletimes.com/notices/notice2.html
Title: Privacy statement

Search URL Search Domain Scan URL

URL: https://company.seattletimes.com/notices/notice1.html
Title: Terms of service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/E1ozc4ZxGb Page URL
http://dlvr.it/RJQQdR HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNFMt1mSprh6yiWz5D9QS3fIgl_ExQ&utm_source=dlvr.it&utm_medium=twitter Page URL
https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://dlvr.it/RJQQdR HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNFMt1mSprh6yiWz5D9QS3fIgl_ExQ&utm_source=dlvr.it&utm_medium=twitter

Request Chain 50

https://js.matheranalytics.com/s/ma39482/93382992/ml.js?cb7=1518 HTTP 301
https://js.matheranalytics.com/static/ltm/ma39482/93382992/9/ml.br.js

Request Chain 54

https://sb.scorecardresearch.com/b?c1=2&c2=6950471&ns__t=1574110416317&ns_c=UTF-8&c8=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&c9=https%3A%2F%2Fwww.google.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1574110416317&ns_c=UTF-8&c8=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&c9=https%3A%2F%2Fwww.google.com%2F

Request Chain 66

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&gjid=696190759&_gid=1102809068.1574110423&_u=aGBAgEAjQAQC~&z=1678887781 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&_v=j79&z=1678887781 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&_v=j79&z=1678887781&slf_rd=1&random=4224619444

Request Chain 67

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=759205813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Recirculation&ea=breaking%20banner%20-%20story%20-%20display&_u=aGDACEAjRAQC~&jid=51252381&gjid=1715073025&cid=717797290.1574110423&tid=UA-52488759-1&_gid=1102809068.1574110423&_r=1&gtm=2wgav3KDZ92J&cd1=story&cd2=Paul%20Roberts&cd3=business&cd4=local-business&cd5=crime%2C%20eastside&cd6=&cd8=wordpress&cd18=12182588&cd22=&cd38=n%2Fa&cd39=1500%2B&cd47=not%20set&cd55=standard&cd67=1574110017&cd68=business%7Ccrime%7Ceastside%7Clocal-business&cd69=2019-redesign&cd71=off&cd52=not-set&cd53=not-set&cd59=null&cd62=&z=1059608220 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_gid=1102809068.1574110423&gjid=1715073025&_v=j79&z=1059608220 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_v=j79&z=1059608220 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_v=j79&z=1059608220&slf_rd=1&random=2425079965

109 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 E1ozc4ZxGb Show response
t.co/ 257 B
413 B 4102ms
4101ms Document
text/html 104.244.42.133
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/E1ozc4ZxGb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

744c0c383400ae6c711c84783e5c296216ea723df61be17c802c58e9471a46c0

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /E1ozc4ZxGb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 192
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Mon, 18 Nov 2019 20:53:33 GMT
expires: Mon, 18 Nov 2019 20:58:33 GMT
referrer-policy: unsafe-url
server: tsa_o
set-cookie: muc=22753e98-3475-4431-b3d2-e2805c607be5; Max-Age=63072000; Expires=Wed, 17 Nov 2021 20:53:33 GMT; Domain=t.co
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: f269b374f5fab5e2eda171466b035b9e
x-response-time: 125
x-xss-protection: 0

GET
H2

200

url
www.google.com/
Redirect Chain

http://dlvr.it/RJQQdR
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct...

1 KB
913 B

26ms
26ms

Document
text/html

2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNFMt1mSprh6yiWz5D9QS3fIgl_ExQ&utm_source=dlvr.it&utm_medium=twitter

Requested by

Host: t.co
URL: https://t.co/E1ozc4ZxGb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNFMt1mSprh6yiWz5D9QS3fIgl_ExQ&utm_source=dlvr.it&utm_medium=twitter
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://t.co/E1ozc4ZxGb
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://t.co/E1ozc4ZxGb

Response headers

status: 200
date: Mon, 18 Nov 2019 20:53:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 542
x-xss-protection: 0
set-cookie: NID=191=kXqaXlnvwQ6j-3WiOkJq_4GXNnwh_HKFsTeoEUm6XpM0uCSX3GPHHtnmuha2ah9QN-ywITQwXNwRi9bl46i9xFSM7rjcngR1u5g3l38Nr32xKEXXO6wb4i5fZUhdp4H-agSQ8MWufX4TVxMU1rKaiszWb5oaAtzsGdkyDV-IYno; expires=Tue, 19-May-2020 20:53:35 GMT; path=/; domain=.google.com; HttpOnly CONSENT=WP.28081d; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

Date: Mon, 18 Nov 2019 20:53:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Set-Cookie: dlvrId=ffb744f91439c48de69cc49f79584082; expires=Wed, 18-Dec-2019 20:53:35 GMT; Max-Age=2592000; path=/; domain=.dlvrit.com
Location: https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNFMt1mSprh6yiWz5D9QS3fIgl_ExQ&utm_source=dlvr.it&utm_medium=twitter
Cache-Control: private; max-age=90
X-Backend-Server: web04

GET
H2 200 Primary Request / Show response
www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/ 236 KB
39 KB 267ms
205ms Document
text/html 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Requested by

Host: www.google.com
URL: https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNFMt1mSprh6yiWz5D9QS3fIgl_ExQ&utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-83-60.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6ee5709b4ae167886d1a6401975189d8e9f079cabb11b92604c35ce26f0b6916

Security Headers

Name	Value
Content-Security-Policy	default-src https: 'unsafe-eval' 'unsafe-inline' data: 'self' blob:; connect-src wss: https: ; object-src 'self' blob: ;

Request headers

:method: GET
:authority: www.seattletimes.com
:scheme: https
:path: /business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.google.com/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 39734
server: nginx
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline' data: 'self' blob:; connect-src wss: https: ; object-src 'self' blob: ;
content-encoding: gzip
x-varnish: 49297212 52837675
accept-ranges: bytes
cache-control: max-age=60
expires: Mon, 18 Nov 2019 20:54:35 GMT
date: Mon, 18 Nov 2019 20:53:35 GMT
vary: Accept-Encoding
set-cookie: iss00=0; expires=Mon, 18-Nov-2019 21:13:35 GMT; path=/; domain=.seattletimes.com

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 27ms
7ms Script
application/x-javascript 2600:9000:2156:d800:18:1fcd:349:ca21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:d800:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 19:08:21 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 6314
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nrgmlUqHFt4H9cKstXOWHrz4EZKxIyloQ4KFscGL78d0GPm3sPbArQ==
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
expires: Mon, 18 Nov 2019 21:08:21 GMT

GET
H2 200 shortcodes-public.css
www.seattletimes.com/wp-content/plugins/shortcodes_plugin/css/ 595 B
551 B 31ms
29ms Stylesheet
text/css 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/shortcodes_plugin/css/shortcodes-public.css?ver=4.9.10
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 94a6b22d40817a54e7a3f2ec9443438e2a57441d7bc89d7b95b2dc5e51731ffd

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: "253-58862977ad31b-gzip"
vary: Accept-Encoding
x-varnish: 4400952 4243141
status: 200
cache-control: max-age=27933
accept-ranges: bytes
content-type: text/css
content-length: 327
expires: Tue, 19 Nov 2019 04:39:08 GMT

GET
H2 200 styles.min.css
www.seattletimes.com/wp-content/themes/st_refresh/css/ 296 KB
49 KB 31ms
30ms Stylesheet
text/css 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/styles.min.css?ver=1573689044
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a67f9642d568e38894d544fdc69188d7fc12995f5571391cf2afb3df02381870

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 23:50:44 GMT
server: nginx
etag: "49e5f-59743087c9a60-gzip"
vary: Accept-Encoding
x-varnish: 10225441 11044302
status: 200
cache-control: max-age=64337
accept-ranges: bytes
content-type: text/css
content-length: 49942
expires: Tue, 19 Nov 2019 14:45:52 GMT

GET
H2 200 main.css
www.seattletimes.com/wp-content/plugins/st-article-template/assets/css/dist/ 54 KB
10 KB 48ms
46ms Stylesheet
text/css 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-article-template/assets/css/dist/main.css?ver=1569343406
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8d72896231784bd8e6008bcd8cb2dde0d23845a0d565a1d1d3c7f61e51a750e3

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 16:43:26 GMT
server: nginx
etag: "d684-5934f3c4ccb08-gzip"
vary: Accept-Encoding
x-varnish: 101024134 98142588
status: 200
cache-control: max-age=41931
accept-ranges: bytes
content-type: text/css
content-length: 10195
expires: Tue, 19 Nov 2019 08:32:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
696 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C700&display=swap&ver=1573689044

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

fb26c191b609a5ce8d670c3a76ca8e94996ff6367a3571407741ff1cc0197bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 18 Nov 2019 20:53:35 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 18 Nov 2019 20:53:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 18 Nov 2019 20:53:35 GMT

GET
H2 200 st-nativo.css
www.seattletimes.com/wp-content/plugins/st-nativo/assets/css/ 188 B
374 B 51ms
49ms Stylesheet
text/css 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-nativo/assets/css/st-nativo.css?ver=1573689044
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1a66cf39cadb97c12f5ac0b2cc451dfec10bd31f70916cc7b987268118761b7d

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: "bc-58862977cc71b-gzip"
vary: Accept-Encoding
x-varnish: 15435407 12519773
status: 200
cache-control: max-age=64337
accept-ranges: bytes
content-type: text/css
content-length: 149
expires: Tue, 19 Nov 2019 14:45:52 GMT

GET
H2 200 st-analytics-article-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-analytics/dist/ 10 KB
4 KB 51ms
50ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-analytics/dist/st-analytics-article-bundle.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d652b147ad1822f985252f26f60480d17ab3910d30da1f7235ba272e9d3d2e82

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: "288e-58862977b119b-gzip"
vary: Accept-Encoding
x-varnish: 4396583
status: 200
cache-control: max-age=27933
accept-ranges: bytes
content-type: application/x-javascript
content-length: 3615
expires: Tue, 19 Nov 2019 04:39:08 GMT

GET
H2 200 ad-test.js Show response
www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/src/ads/ 345 B
422 B 51ms
50ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/src/ads/ad-test.js?ver=0.0.2
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0c7603d2ffaf7858118b699779cd3e33e3f3a37916528a969974cca8713d7285

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: "159-58862977cd6bb-gzip"
vary: Accept-Encoding
x-varnish: 3460687 4430314
status: 200
cache-control: max-age=26647
accept-ranges: bytes
content-type: application/x-javascript
content-length: 187
expires: Tue, 19 Nov 2019 04:17:42 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 302 KB
90 KB 134ms
55ms Script
application/x-javascript 2.18.234.163
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js?ver=1573689044
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7ac551c78b2e3f14fa4d2470d662b314de4dc008204fed17404ca4e2947a77e4

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Mon, 18 Nov 2019 20:53:36 GMT
Content-Encoding: gzip
x-amz-request-id: F159314E52ECE3C4
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: cifM2I0TU7RP+aX1Gn4LebAHCXIiONLk4AGg1oRtZYG8lYW66+a40kMsQygzPri8blg/zXWionY=
Last-Modified: Wed, 06 Nov 2019 00:45:55 GMT
Server: AmazonS3
ETag: "0cba66609c095baf3fc6a4c023a8aa9c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 st-detect.min.js Show response
www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/dist/ 5 KB
2 KB 52ms
51ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-privacy-detection/js/dist/st-detect.min.js?ver=1573149249
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dbf3c857eb35b901813c878ab820207c24c4d491ea933e986010ab385aa402ef

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Thu, 07 Nov 2019 17:54:09 GMT
server: nginx
etag: "14e5-596c55a2c0b0e-gzip"
vary: Accept-Encoding
x-varnish: 1345398 983977
status: 200
cache-control: max-age=26579
accept-ranges: bytes
content-type: application/x-javascript
content-length: 1774
expires: Tue, 19 Nov 2019 04:16:34 GMT

GET
H2 200 pubmatic_openwrap.js Show response
www.seattletimes.com/wp-content/themes/st_refresh/js/vendor/ 1 KB
824 B 52ms
51ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/vendor/pubmatic_openwrap.js?ver=1557331913
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 54f2cb7a83e702cce724b4b34735d0670c44310dd97c999db52d07f3dfdf2f05

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 22:00:43 GMT
server: nginx
etag: "4c9-597417f0e8640-gzip"
vary: Accept-Encoding
x-varnish: 54141481
status: 200
cache-control: max-age=85291
accept-ranges: bytes
content-type: application/x-javascript
content-length: 594
expires: Tue, 19 Nov 2019 20:35:06 GMT

GET
H/1.1 200
OK var=ccauds Show response
ad.crwdcntrl.net/5/c=8381/pe=y/ 70 B
384 B 154ms
40ms Script
application/javascript 34.248.0.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=8381/pe=y/var=ccauds
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.0.222 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-248-0-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Nov 2019 20:53:36 GMT
P3P: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: 10.45.28.206
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 70
Expires: 0

GET
H2 200 tag.min.js Show response
get.s-onetag.com/b0e9d553-9782-4104-843d-d750dc2fbac3/ 46 KB
15 KB 32ms
11ms Script
text/javascript 2600:9000:21f3:200:1f:287:d20a:ce1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/b0e9d553-9782-4104-843d-d750dc2fbac3/tag.min.js?ver=1573689044
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:200:1f:287:d20a:ce1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0deea61378ddbb1533471f3e09e2859c55588c3e1c4165ca251da56bbde6f09e

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id: b4qwd1UnWoEfGyo2Ks1Pl.4ivun9vX2g
content-encoding: gzip
last-modified: Thu, 14 Nov 2019 18:45:27 GMT
server: AmazonS3
age: 222
date: Mon, 18 Nov 2019 20:49:55 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: dd63XgtbmLhtAmB1JpETlod826I9PLnUwqPka0ngICLCfWdYDOU-jw==
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)

GET
H2 200 lty1dar.js Show response
use.typekit.net/ 20 KB
8 KB 7364ms
61ms Script
text/javascript 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lty1dar.js

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-64-186.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

534b9a490988df78da7d11fc73b894f2c8fb0e9fceb0797768455a70aa1b6647

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Mon, 18 Nov 2019 20:53:43 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7654

GET
H2 200 151454-718x1024.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 75 KB
76 KB 237ms
64ms Image
image/jpeg 13.225.78.38
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.seattletimes.com/wp-content/uploads/2019/11/151454-718x1024.jpg
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ea02f1e10dec36331b8c73fcae859e3fcb484b62d63c84556f41d56897f159e

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:49:40 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Thu, 14 Nov 2019 23:16:03 GMT
server: AmazonS3
age: 237
etag: "4e421da2f30b499b7caee16357e2a472"
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=900
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 77116
x-amz-cf-id: HShBKarziM6QTvVWi6-FCnkSFox7blReEXh_IjEtx0b006ULlxc7ZQ==

GET
H2 200 lazy-loading-14x9.png
www.seattletimes.com/wp-content/themes/st_refresh/img/ 120 B
321 B 39ms
36ms Image
image/png 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/img/lazy-loading-14x9.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a98d81c848624e032ab8a9a5732e9d804b18d124d00f98de3500529bf2098bc0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: W/"78-58862977db17b"
x-varnish: 5047892 4039693
status: 200
cache-control: max-age=33117
accept-ranges: bytes
content-type: image/png
content-length: 120
expires: Tue, 19 Nov 2019 06:05:33 GMT

GET
H2 200 210567_STstaffheadshots_PaulR_0821-copy-100x100.jpg
static.seattletimes.com/wp-content/uploads/2019/06/ 11 KB
11 KB 206ms
34ms Image
image/jpeg 13.225.78.38
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.seattletimes.com/wp-content/uploads/2019/06/210567_STstaffheadshots_PaulR_0821-copy-100x100.jpg
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c2cda13d0a2c9bf22230d3ba28e3f8168025455d21bf9c420342750164397f2

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:29:27 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2019 03:32:54 GMT
server: AmazonS3
age: 237
etag: "07bf4beb957f176f489ec54e930ad4d6"
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=900
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 10850
x-amz-cf-id: aYonpeUsMltNIkHLdVOoJ3LXod7MwTcpsmJiJPcT8xTp1jNY2zc5tQ==

GET
H2 200 11152019_tzr_tzr_170934.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 61 KB
61 KB 220ms
48ms Image
image/ 13.225.78.38
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.seattletimes.com/wp-content/uploads/2019/11/11152019_tzr_tzr_170934.jpg
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.38 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cba1670f7f2baed2fabd42b7735c71738aa968e433ceecd3cb9156c93f8fa1e

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:29:27 GMT
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
last-modified: Sat, 16 Nov 2019 01:10:28 GMT
server: AmazonS3
age: 237
etag: "167f58059c5cc65cfda4a37baae13fd4"
x-cache: Hit from cloudfront
x-amz-version-id: null
status: 200
cache-control: max-age=900
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/
content-length: 62237
x-amz-cf-id: zWv54brCe3-hV91cS44ileisicbs-1BJiymg0unW0OcilLcp5shbgQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1199
date: Mon, 18 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 18 Nov 2019 22:33:37 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.seattletimes.com/wp-includes/js/ 12 KB
5 KB 39ms
36ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.10
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 22:00:43 GMT
server: nginx
etag: "2efa-597417f0e5760-gzip"
vary: Accept-Encoding
x-varnish: 13561453 11629118
status: 200
cache-control: max-age=26578
accept-ranges: bytes
content-type: application/x-javascript
content-length: 4382
expires: Tue, 19 Nov 2019 04:16:34 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
37 KB 17ms
14ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d47cf8bc314f461d930f3790544c50d68e23dbfb859eaf19a99ce2b8ad4895e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: br
last-modified: Mon, 18 Nov 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 37861
x-xss-protection: 0
expires: Mon, 18 Nov 2019 20:53:36 GMT

GET
H2 200 article-main.js Show response
www.seattletimes.com/wp-content/plugins/st-article-template/js/article-template/dist/ 31 KB
11 KB 34ms
34ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-article-template/js/article-template/dist/article-main.js?ver=1573149249
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 91e0a77743db28d32d611f7aec0ece7d07fe3ae72084858596d8e3cd7127ca0a

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:35 GMT
content-encoding: gzip
last-modified: Thu, 07 Nov 2019 17:54:09 GMT
server: nginx
etag: "7cf1-596c55a2bebce-gzip"
vary: Accept-Encoding
x-varnish: 797908 1605642
status: 200
cache-control: max-age=36044
accept-ranges: bytes
content-type: application/x-javascript
content-length: 10923
expires: Tue, 19 Nov 2019 06:54:19 GMT

GET
H2 200 bundle.min.js Show response
www.seattletimes.com/wp-content/themes/st_refresh/js/ 234 KB
52 KB 31ms
31ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/bundle.min.js?ver=1573689044
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c5db7f48141cd0ec9027a1c94ec661e6626fa50d66d7ba04950bf9ffb45a8e77

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 23:50:44 GMT
server: nginx
etag: "3a7d9-59743087caa00-gzip"
vary: Accept-Encoding
x-varnish: 41419025 32190385
status: 200
cache-control: max-age=65165
accept-ranges: bytes
content-type: application/x-javascript
content-length: 52795
expires: Tue, 19 Nov 2019 14:59:41 GMT

GET
H2 200 st-recirculation-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-recirculation/dist/ 26 KB
8 KB 39ms
36ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-recirculation/dist/st-recirculation-bundle.js?ver=1569343407
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: dd235ea4a681cf8e874b9790698d0307e68f1f3eaa5c364f4987fa6352ef6e02

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
last-modified: Tue, 24 Sep 2019 16:43:27 GMT
server: nginx
etag: "68e8-5934f3c4e70e8-gzip"
vary: Accept-Encoding
x-varnish: 102957560
status: 200
cache-control: max-age=34368
accept-ranges: bytes
content-type: application/x-javascript
content-length: 7767
expires: Tue, 19 Nov 2019 06:26:24 GMT

GET
H2 200 st-user-messaging-main-bundle.js Show response
www.seattletimes.com/wp-content/plugins/st-user-messaging/dist/ 291 KB
62 KB 40ms
37ms Script
application/x-javascript 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/plugins/st-user-messaging/dist/st-user-messaging-main-bundle.js?ver=1573689044
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b6144678a4dc68544834f194b3491d5d6c1cffcd30535637da7ba8da50a2e7ec

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
last-modified: Wed, 13 Nov 2019 23:50:44 GMT
server: nginx
etag: "48d23-59743087c5be0-gzip"
vary: Accept-Encoding
x-varnish: 47188074
status: 200
cache-control: max-age=65183
accept-ranges: bytes
content-type: application/x-javascript
content-length: 63139
expires: Tue, 19 Nov 2019 14:59:59 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 275 B
513 B 43ms
7ms XHR
application/json 2a04:4e42:3::714
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=seattletimes.com&domain=seattletimes.com&path=%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 19e1431c5882e4d1eb568234f7b71911d59366ccc8efedfae96ee4c909540cb7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
age: 237
x-cache: HIT
status: 200
x-cache-hits: 1
content-length: 192
x-served-by: cache-fra19149-FRA
access-control-allow-origin: *
x-timer: S1574110416.007035,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 16 Nov 2019 20:49:38 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156708/981/ 324 KB
97 KB 7343ms
50ms Script
text/javascript 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/vendor/pubmatic_openwrap.js?ver=1557331913
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5b6990ee61c64b9637d94c42de3ae254252fd873190177d04808df0173501423

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Mon, 18 Nov 2019 20:53:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jul 2019 15:01:03 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1040822-50e47-58e5a761a2c63"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=111638
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 98857
Expires: Wed, 20 Nov 2019 03:54:21 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 86 KB
25 KB 7439ms
147ms Script
application/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: f623e1d423f85d8c36affb7faf68d0b804e0389e2621de2ea9eb97bb0df21c76

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 16:49:03 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA50-C1
etag: be7f8341d4f7676793a79e413ef9eafd
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: QPIDYCtqn6laqhbre_3gTjHiO968N4dfiJCSsL0YnEzq9NZ4ENgCdg==
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)

GET
H2 200 beacon.min.js Show response
beacon.s-onetag.com/ 17 KB
6 KB 35ms
7ms Script
application/javascript 2600:9000:21f3:fa00:5:9a4c:9b00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/b0e9d553-9782-4104-843d-d750dc2fbac3/tag.min.js?ver=1573689044
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:fa00:5:9a4c:9b00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e794399af60ec6300017e12e37a6b7a8253a9ff05ef41ca5e42b76dced02ef4

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-amz-version-id: QuZjBQ9JYyZaR8wz.Z.0oyNzLjKP2j64
content-encoding: gzip
last-modified: Tue, 05 Nov 2019 16:59:56 GMT
server: AmazonS3
age: 3197
date: Mon, 18 Nov 2019 20:00:19 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: z_iZpEA_Aq9ZPZsJxViXyhGs-1Vfe8Kiirr_iOwNjNP_z_ZFV2EQ2A==
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f7c2d8e7b31ad79e3f8d08eab6cccef702cd680a34575ebc68f3c4d55793a4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d336b2f26c28d81613b6added9d9f942806236744523712204cca7362c78d01

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=US-ASCII

GET
H2 200 footer-temp.png
www.seattletimes.com/wp-content/themes/st_refresh/css/img/ 6 KB
7 KB 43ms
42ms Image
image/png 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/img/footer-temp.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c7ac0d791b0ad92100e6071256d55d4b7f11b7a4c064348ced16838faaa0183f

Request headers

Referer: https://www.seattletimes.com/wp-content/themes/st_refresh/css/styles.min.css?ver=1573689044
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
etag: W/"1975-58862977d923b"
x-varnish: 4590040 3883980
status: 200
cache-control: max-age=27933
accept-ranges: bytes
content-type: image/png
content-length: 6517
expires: Tue, 19 Nov 2019 04:39:09 GMT

GET
H2 200 icons-st.woff
www.seattletimes.com/wp-content/themes/st_refresh/css/fonts/ 11 KB
11 KB 41ms
41ms Font
application/font-woff 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/fonts/icons-st.woff?3201980e1c355e77d40ae6debe572241
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18e542526491b39191ba7e0a3dd13c72cdf5196f2468b9e2438d9429ac026ecd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/wp-content/themes/st_refresh/css/styles.min.css?ver=1573689044
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
last-modified: Wed, 08 May 2019 16:11:53 GMT
server: nginx
access-control-allow-origin: https://www.seattletimes.com
etag: W/"2c64-58862977d829b"
vary: Accept-Encoding
x-varnish: 3941237 4333719
status: 200
cache-control: max-age=49
accept-ranges: bytes
content-type: application/font-woff
content-length: 11356

GET
H/1.1 200
OK clientip Show response
awsapi.seattletimes.com/ 22 B
646 B 6324ms
4025ms XHR
application/json 143.204.101.107
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://awsapi.seattletimes.com/clientip
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/bundle.min.js?ver=1573689044
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.107 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-107.fra50.r.cloudfront.net
Software: /
Resource Hash: f3dcf73e96a474f000315f25995145c96c42fef1d67381da07bca5a099f86160

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

Date: Mon, 18 Nov 2019 20:53:40 GMT
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
x-amzn-RequestId: c68418b3-617a-42a2-ad36-ca6451b50da9
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-5dd304d4-aff6b84dae021e590c9d6bef;Sampled=0
X-Cache: Miss from cloudfront
Connection: keep-alive
x-amz-apigw-id: DX2xOH7RPHcFwcg=
Content-Length: 22
X-Amz-Cf-Id: HUy7UBcNwO_G4SKE8IVi_e2kExxKWHlgzZyt7jdRGBuxpRIUNHrDyw==
Access-Control-Allow-Headers: Content-Type,X-Amz-Date,Authorization

GET 11122019_fake-brit_133726-1020x555.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 0
0

GET 171513-1020x1630.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 0
0

GET 151452-1020x677.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 0
0

GET 171515-1020x678.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 0
0

GET 151451-1020x680.jpg
static.seattletimes.com/wp-content/uploads/2019/11/ 0
0

GET
H2 200 t Show response
jadserve.postrelease.com/ 12 KB
3 KB 9664ms
2314ms Script
text/javascript 54.88.83.111
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&prx_referrer=https%3A%2F%2Fwww.google.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js?ver=1573689044
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.83.111 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-88-83-111.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 683d1c81afcbda3e3fe6a49a62d9c871758b3172c0c434829ea580e4960e3fb0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 2326
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
532 B 34ms
14ms XHR
application/json 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 facebook_log_in.png
www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/ 1 KB
2 KB 30ms
30ms Image
image/png 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/facebook_log_in.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e767af013378d1adf0d6561edd37f8cd0d05ba430ce7a611ce94828478d85c67

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
last-modified: Tue, 24 Sep 2019 16:43:27 GMT
server: nginx
etag: W/"559-5934f3c4ebf08"
x-varnish: 2808852
status: 200
cache-control: max-age=42155
accept-ranges: bytes
content-type: image/png
content-length: 1369
expires: Tue, 19 Nov 2019 08:36:11 GMT

GET
H2 200 google_log_in.png
www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/ 3 KB
3 KB 30ms
30ms Image
image/png 104.109.83.60
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.seattletimes.com/wp-content/themes/st_refresh/css/img/social/google_log_in.png
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.83.60 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-83-60.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 371b0723b274026907d7625b2ecc830910f884fbc2f741c5bdbd027b34306a3d

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: public
date: Mon, 18 Nov 2019 20:53:36 GMT
last-modified: Tue, 24 Sep 2019 16:43:27 GMT
server: nginx
etag: W/"d14-5934f3c4ebf08"
x-varnish: 8594972
status: 200
cache-control: max-age=56996
accept-ranges: bytes
content-type: image/png
content-length: 3348
expires: Tue, 19 Nov 2019 12:43:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
38 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3BBN1BHX44&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1db7a37f2ae0300a8b0e818dd4176d29a321e3992a9e72fc982759560b27622a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 38315
x-xss-protection: 0
expires: Mon, 18 Nov 2019 20:53:36 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
923 B 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2796
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Mon, 18 Nov 2019 21:07:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
10 KB 90ms
32ms Script
text/javascript 216.58.207.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9614
x-xss-protection: 0
server: cafe
etag: 5296095546589048175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Nov 2019 20:53:36 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 6288ms
53ms Script
application/javascript 151.101.12.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:42 GMT
content-encoding: gzip
age: 45604
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19141-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1574110423.585020,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
27 KB 26ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/E1ozc4ZxGb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4e7e803000d58fced9aa75702851ff352110b0ee6590ae62c6020d0bfb02f644

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26792
x-xss-protection: 0
pragma: public
x-fb-debug: a1XXnwDkEufMrmQgK3+yJZMpEw98Ynwum2ONC5rXEl7GGkQNxvUr/2y0r8kXf4CCTI/k+mN6WX3zmsaLd7VRSA==
x-fb-trip-id: 2080452462
date: Mon, 18 Nov 2019 20:53:36 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma39482/93382992/9/
Redirect Chain

https://js.matheranalytics.com/s/ma39482/93382992/ml.js?cb7=1518
https://js.matheranalytics.com/static/ltm/ma39482/93382992/9/ml.br.js

145 KB
42 KB

19ms
18ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma39482/93382992/9/ml.br.js
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.250.234 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 663b5509c577b6f17fae5107da524d86162f8c84106c6d6cda405ab94f72f688

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Fri, 15 Nov 2019 23:13:51 GMT
content-encoding: br
last-modified: Tue, 29 Oct 2019 15:41:06 GMT
server: nginx
age: 250791
etag: "b1e847ae362c41936a3b4148e6b87532"
vary: Accept-Encoding
x-cache: HIT Tue, 29 Oct 2019 15:49:18 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 42949
via: 1.1 google

Redirect headers

date: Mon, 18 Nov 2019 20:53:42 GMT
via: 1.1 google
server: nginx
location: https://js.matheranalytics.com/static/ltm/ma39482/93382992/9/ml.br.js
vary: Accept-Encoding
status: 301
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 5-gc-euw1-10922

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/8943/ 43 KB
12 KB 6228ms
39ms Script
application/javascript 93.184.220.113
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/8943/cc.js?ns=_cc8943
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.113 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D74) /
Resource Hash: 2f091663551853d09d0087c9f0b7b448e46de5bd2ccc973666c0b65f7bdf4bea

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:42 GMT
content-encoding: gzip
last-modified: Wed, 11 Sep 2019 20:17:08 GMT
server: ECS (lcy/1D74)
etag: "5d795644-ac2b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=86400
content-length: 12584
expires: Tue, 19 Nov 2019 20:53:42 GMT

GET
H2 200 zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV Show response
smashsurprise.com/v2/0/ 99 KB
31 KB 131ms
40ms Script
application/javascript 35.190.91.111
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Requested by

Host: t.co
URL: https://t.co/E1ozc4ZxGb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.91.111 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

111.91.190.35.bc.googleusercontent.com

Software

Resource Hash

7660c6d3d8df0c3c84051b7d13329634df7338e49e889a749dff238f73f719d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: c159b32de961fba0c3759a59a1fb72d619e0611787d9acf25c71c491303f0912
vary: Accept-Encoding
x-hostname: hank
content-type: application/javascript
status: 200
cache-control: private, must-revalidate, max-age=21600
date: Mon, 18 Nov 2019 20:53:42 GMT
timing-allow-origin: *

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/507277383/0b0190ff0ac0af1b9066/12/ 32 KB
11 KB 409ms
196ms Script
text/javascript 54.84.142.222
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.calltrk.com/companies/507277383/0b0190ff0ac0af1b9066/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KDZ92J
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.142.222 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-84-142-222.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: c5fa91573e2bbac284be99ab9045d8b29902467bb9525606198ab06e33d73262

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

x-runtime: 0.006195
date: Mon, 18 Nov 2019 20:53:42 GMT
content-encoding: gzip
server: nginx/1.16.1
etag: W/"c5fa91573e2bbac284be99ab9045d8b2"
content-type: text/javascript; charset=utf-8
status: 200, 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 36e92d4d-e481-4c0e-b4f3-102132786a85

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6950471&ns__t=1574110416317&ns_c=UTF-8&c8=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20vic...
https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1574110416317&ns_c=UTF-8&c8=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20vi...

0
248 B

27ms
27ms

Image
text/plain

23.5.97.37
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1574110416317&ns_c=UTF-8&c8=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&c9=https%3A%2F%2Fwww.google.com%2F
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Nov 2019 20:53:42 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6950471&ns__t=1574110416317&ns_c=UTF-8&c8=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&c7=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&c9=https%3A%2F%2Fwww.google.com%2F
Pragma: no-cache
Date: Mon, 18 Nov 2019 20:53:42 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
461 B 37ms
15ms XHR
application/json 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 18 Nov 2019 20:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 894503507259758 Show response
connect.facebook.net/signals/config/ 349 KB
85 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/894503507259758?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c0a6ad7bae75e0f3acc22465e451d8b257447653c9be334aed05125b6cb17370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 87142
x-xss-protection: 0
pragma: public
x-fb-debug: sqzXeI/R8szuid2VpMmabV5hzmWPRTSGeXnORQd0ywaNfbWaG4p0X5LVSGlKhdW50PFZ5fQzK/6+pP4Mwu/PtQ==
x-fb-trip-id: 2080452462
date: Mon, 18 Nov 2019 20:53:42 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 104 KB
28 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TWNDJBM&cid=1930680442.1574110416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e1367939e17fdbaf00701c6d9930dc28c756256f3e35b6061a4c4fdb5189401

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:42 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 28292
x-xss-protection: 0
expires: Mon, 18 Nov 2019 20:53:42 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/978986367/ 3 KB
2 KB 31ms
18ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/978986367/?random=1574110416416&cv=9&fst=1574110416416&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

370b9a08c6b8de545fccb59bf458f3826557dba6ac9eaa46aa54a5e492d8de82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1060
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
369 B 143ms
143ms Image
image/gif 104.244.42.133
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o06ig&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Mon, 18 Nov 2019 20:53:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f269b374f5fab5e2eda171466b035b9e
x-transaction: 00371b8100698275
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 aax.js Show response
c.aaxads.com/ 234 KB
85 KB 148ms
89ms Script
text/javascript 23.0.46.188
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://c.aaxads.com/aax.js?pub=AAXESMQ43&hst=www.seattletimes.com&ver=1.2
Requested by: Host: smashsurprise.com
URL: https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.188 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-188.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0e8f4abc718a0512845b75314576d83fbd440bce73212eaf96d5f645ea7e68bf

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
status: 200
cache-control: max-age=1800
expires: Mon, 18 Nov 2019 21:23:43 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Baai Show response
ad.doubleclick.net/ddm/adj/Bjvbku/ 11 B
721 B 103ms
39ms Script
text/javascript 172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bjvbku/Baai

Requested by

Host: smashsurprise.com
URL: https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
323 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=894503507259758&ev=PageView&dl=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&rl=https%3A%2F%2Fwww.google.com%2F&if=false&ts=1574110422908&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574110422907.834348761&it=1574110416383&coo=false&rqm=GET

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 18 Nov 2019 20:53:43 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
104 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=759205813&t=pageview&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAgEAjQAQC~&jid=2142697769&gjid=696190759&cid=717797290.1574110423&tid=UA-52488759-1&_gid=1102809068.1574110423&gtm=2wgav3KDZ92J&cd1=story&cd2=Paul%20Roberts&cd3=business&cd4=local-business&cd5=crime%2C%20eastside&cd6=&cd8=wordpress&cd17=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%26%23039%3Bs%20%246M%20scams%20claimed%20dozens%20of%20local%20victims&cd18=12182588&cd19=0&cd22=&cd34=on&cd35=1&cd36=2007&cd38=n%2Fa&cd39=1500%2B&cd40=2019-11-16%2006%3A01%3A11&cd41=2019-11-16%2018%3A14%3A35&cd43=0&cd47=not%20set&cd55=standard&cd56=0&cd57=&cd64=Seattle%20Times%20business%20reporter&cd67=1574110017&cd68=business%7Ccrime%7Ceastside%7Clocal-business&cd69=2019-redesign&cd71=off&z=590230283

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Nov 2019 19:11:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 524528
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&gjid=696190759&_gid=1102809068.1574110423&_u=aGBAgEAjQAQC~&z=1678887781
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&_v=j79&z=1678887781
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&_v=j79&z=1678887781&slf_rd=1&random=4224619444

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&_v=j79&z=1678887781&slf_rd=1&random=4224619444

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=2142697769&_v=j79&z=1678887781&slf_rd=1&random=4224619444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=759205813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-millio...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_gid=1102809068.1574110423&gjid=1715073025&_v=j79&z=1059608220
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_v=j79&z=1059608220
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_v=j79&z=1059608220&slf_rd=1&random=2425079965

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_v=j79&z=1059608220&slf_rd=1&random=2425079965

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52488759-1&cid=717797290.1574110423&jid=51252381&_v=j79&z=1059608220&slf_rd=1&random=2425079965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=759205813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Interaction&ea=newsletterSignup%20%E2%80%93%20splash%20-%20story%20-%20displayed&el=Morning%20Brief&_u=aGDACEAjRAQC~&jid=&gjid=&cid=717797290.1574110423&tid=UA-52488759-1&_gid=1102809068.1574110423&gtm=2wgav3KDZ92J&cd1=story&cd2=Paul%20Roberts&cd3=business&cd4=local-business&cd5=crime%2C%20eastside&cd6=&cd8=wordpress&cd18=12182588&cd22=&cd38=n%2Fa&cd39=1500%2B&cd47=not%20set&cd55=standard&cd67=1574110017&cd68=business%7Ccrime%7Ceastside%7Clocal-business&cd69=2019-redesign&cd71=off&cd52=not-set&cd53=not-set&cd59=null&cd62=&z=596045796

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Nov 2019 19:11:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 524528
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=759205813&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=segmentation&ea=network-segment&_u=aGDACEAjRAQC~&jid=&gjid=&cid=717797290.1574110423&tid=UA-52488759-1&_gid=1102809068.1574110423&gtm=2wgav3KDZ92J&cd1=story&cd2=Paul%20Roberts&cd3=business&cd4=local-business&cd5=crime%2C%20eastside&cd6=&cd8=wordpress&cd18=12182588&cd22=&cd38=n%2Fa&cd39=1500%2B&cd47=not%20set&cd55=standard&cd67=1574110017&cd68=business%7Ccrime%7Ceastside%7Clocal-business&cd69=2019-redesign&cd71=off&cd52=MjEyLjguMjQwLjE0Mw%3D%3D&cd53=TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNikgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc4LjAuMzkwNC45NyBTYWZhcmkvNTM3LjM2&cd59=null&cd62=&z=320405171

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Nov 2019 19:11:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 524528
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/978986367/ 42 B
159 B 28ms
28ms Image
image/gif 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/978986367/?random=1574110416416&cv=9&fst=1574107200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav3&sendb=1&frm=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&async=1&fmt=3&is_vtc=1&random=2354901224&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/978986367/ 42 B
156 B 21ms
21ms Image
image/gif 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/978986367/?random=1574110416416&cv=9&fst=1574107200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav3&sendb=1&frm=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&async=1&fmt=3&is_vtc=1&random=2354901224&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame A8C3 0
0 19ms
6ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: smashsurprise.com
URL: https://smashsurprise.com/v2/0/zyp7lRjOwDJ5P56LORS0Vaq1HRefusyPD_StisvtizsPiDpjsZ-sSI1j6BkxItpjPOPKAf8i5GV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1479
date: Tue, 12 Nov 2019 15:22:42 GMT
expires: Wed, 11 Nov 2020 15:22:42 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 538260
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 447ms
102ms Image
image/gif 34.207.22.192
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Anatomy%20of%20a%20fraud%3A%20Fake%20billionaire%E2%80%99s%20%246M%20scams%20claimed%20dozens%20of%20local%20victims%20%7C%20The%20Seattle%20Times&wrdcnt=2007&sec=business&prem=1&paracnt=50&ptype=story&hier=business%7Ccrime%7Ceastside%7Clocal-business&auth=Paul%20Roberts&artupt=1573956875&arttype=Seattle%20Times%20business%20reporter&artsrc=wordpress&artpubt=1573912871&artid=12182588&tv=js-3.0.94&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_nolocalstorage=1&tvltm=9&tid=d2143e30-9707-4e0a-a886-a505faaf88da&pid=6e5b10c5-fe3b-45a2-9d8f-fca7903af431&dtm=1574110423021&qnm=_matherq&visible=1&tabid=8d0d1d7f-4310-4acd-80f7-ceab976931f8&refr=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&vp=1600x1200&ds=1585x9814&tofa=1574110423&vid=1&lvidt=1574110423&duid=a0b733521bce8617&fp=4156478823&cid=ma39482&mrk=93382992&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU3NDExMDQxNTY1MiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNC43OTUxNjdtYiIsImhlYXBUIjoiMTUuNDQxMzUxbWIiLCJmc3RQYWludCI6IjUwNSIsImZldGNoUyI6IjYiLCJkb21haW5TIjoiNyIsImRvbWFpbkUiOiI4IiwiY29ublMiOiI4IiwiY29ubkUiOiI2OCIsInNzbFMiOiIyMSIsInJlcXVTIjoiNjkiLCJyZXNwUyI6IjI3MyIsInJlc3BFIjoiMjk2IiwiZG9tTG9hZCI6IjI3NiIsImRvbUludGVyIjoiNTI1IiwiZG9tTG9hZFMiOiI1MjYiLCJkb21Mb2FkRSI6IjU0MiJ9fQ
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.22.192 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-207-22-192.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Mon, 18 Nov 2019 20:53:43 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 pxusr.gif
c.aaxads.com/ 43 B
193 B 35ms
35ms Image
image/gif 23.0.46.188
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.aaxads.com/pxusr.gif?&type=1&vn=1
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.188 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-188.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
content-type: image/gif
status: 200
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 43
expires: Mon, 02 Dec 2019 20:53:43 GMT

GET
H/1.1 200
OK pxext.gif
aaxdetect.com/ 43 B
324 B 94ms
26ms Image
image/gif 72.246.169.232
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aaxdetect.com/pxext.gif?&type=2&vn=1
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 72.246.169.232 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a72-246-169-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Mon, 18 Nov 2019 20:53:43 GMT
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Mon, 02 Dec 2019 20:53:43 GMT

GET
H2 200 log
l3.aaxads.com/ 35 B
185 B 30ms
29ms Image
image/gif 23.0.46.188
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&slg=8PR6YK195&lwbsh=AAX&gq=seattletimes.com&flg=AAXESMQ43&vyu=2019111812_709&vhuyqdph=c8-web-3&jgsu=1&fvha=0&fvvwu=&xjg=4&dgw=desktop&ylg=00001574110423311035573555207198&yvlg=&vg=1&jwg=100&lqlg=0&jig=&ff=NL&vf=&fw=AMSTERDAM&dewh=CONTROL&dgeg=0&dps=0&yhuvlrq=1.2&vE=true&fruv=true&glvE=false&lfh=0&yz=1585&yk=1200&skw=9814&fo=&__rk=1&dss=0&uwbsh=&deg=2&ghqg=108&glhqg=&glvwduw=&gvwduw=4&uhtxuo=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&nzui=https%3A%2F%2Fwww.google.com&hsxuo=
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.0.46.188 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-0-46-188.deploy.static.akamaitechnologies.com
Software: Apache Tomcat /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:43 GMT
server: Apache Tomcat
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 18 Nov 2019 20:53:43 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
59 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarykBgJq9hY9RfteKC9

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
access-control-allow-origin: https://www.seattletimes.com
date: Mon, 18 Nov 2019 20:53:43 GMT
content-type: text/plain
status: 200
access-control-allow-credentials: true
alt-svc: h3-23=":443"; ma=3600
content-length: 0

GET
H2 200 l
use.typekit.net/af/66f9cc/00000000000000003b9b0503/27/ 27 KB
27 KB 287ms
211ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/66f9cc/00000000000000003b9b0503/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6f62264c991fbf339ac2d25c7bd4f772d79a817c0014ed640fcce5057f153e05

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "61b98dfc576b4a2b0f113725035f38aba572c375"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27564

GET
H2 200 l
use.typekit.net/af/2203a0/00000000000000003b9b0506/27/ 26 KB
27 KB 360ms
285ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2203a0/00000000000000003b9b0506/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 70ef4c822491fe92d2930416a41be09acc296a0e6a32550cbefc8db927b226a0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "087f46b3dae53c5d0dc8131d40e78f7e66990a6f"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27032

GET
H2 200 l
use.typekit.net/af/b3fa4d/00000000000000003b9b0502/27/ 27 KB
27 KB 377ms
303ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b3fa4d/00000000000000003b9b0502/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ac2023f3a20503f101ec818760b0892d07e80397237aa8af5256e3105164870a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "78ffb92198b589e9f79d4a68d48f82c542edf110"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 27148

GET
H2 200 l
use.typekit.net/af/329083/00000000000000003b9b04ff/27/ 26 KB
26 KB 355ms
281ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/329083/00000000000000003b9b04ff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: fe1d8731586a0b3f1c5a3dba7d6b1c879495cbc6d05163a234868f082d9a06fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "0ebaf1bf890ab6da84d0e246694e1a2b2e7b7c3d"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 26800

GET
H2 200 l
use.typekit.net/af/608768/00000000000000003b9b06f3/27/ 23 KB
23 KB 301ms
227ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/608768/00000000000000003b9b06f3/27/l?subset_id=2&fvd=i5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8e50177029cb2306172bc041564b5b2000688d67989a56b70c0c4bc71278326

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "1ce513e1fd2ef5d3c4b3ef550e8b522ad1cb43a8"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23504

GET
H2 200 l
use.typekit.net/af/59164f/00000000000000003b9b06f6/27/ 24 KB
25 KB 316ms
242ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/59164f/00000000000000003b9b06f6/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 98ecc0bce26305114d5c34b34e24583eb60ba3f1ff352ab9d8bb4de91cb0abbd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "a3a46a38cbbe7872858825f140618f74a1c2452f"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24860

GET
H2 200 l
use.typekit.net/af/6da54c/00000000000000003b9b06f7/27/ 24 KB
24 KB 372ms
298ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6da54c/00000000000000003b9b06f7/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 308603042b468f50088fc1da2d2df84961098f3f3126b36a124dc6c092e2c275

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "2c124b66e0a36989aa73cdac3a1ff60d5fd256b2"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24340

GET
H2 200 l
use.typekit.net/af/8e6183/00000000000000003b9b06f2/27/ 22 KB
23 KB 363ms
290ms Font
application/font-woff2 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8e6183/00000000000000003b9b06f2/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lty1dar.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c772192d318b30339e05ce1e87618b2d1c7519e14f3f20dbd358238c45245a3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
server: nginx
access-control-allow-origin: *
etag: "4bb0065e5b23bea45eec7c23d257bfd0261b8e27"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 22892

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.seattletimes.com
URL: https://www.seattletimes.com/wp-content/themes/st_refresh/js/vendor/pubmatic_openwrap.js?ver=1557331913

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e6714e710a44b528d83256bfcf631af84847ae6b456ec21c7aab672e5c32e282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "341 / 812 of 1000 / last-modified: 1574096821"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15662
x-xss-protection: 0
expires: Mon, 18 Nov 2019 20:53:43 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 104ms
38ms XHR
application/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 15:05:20 GMT
content-encoding: gzip
vary: Origin
age: 20904
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Fri, 01 Nov 2019 13:46:13 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: d240-yIdxSlOCoHuX6ajXizcEk64SlucYIvtJ1BAq27fZEu0Pibv7g==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 18ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.seattletimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 48ms
47ms Script
application/javascript 2a00:1450:4001:815::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.seattletimes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019111401.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
58 KB 57ms
56ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

7aee25147e91ea27917ac5cfd8ea30fdcae0e6b1072e51a1d644dafb76ab5c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 14 Nov 2019 14:12:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59644
x-xss-protection: 0
expires: Mon, 18 Nov 2019 20:53:43 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
374 B 96ms
95ms XHR
text/javascript 143.204.90.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3303&u=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=Mf50jZPX1PujP&cb=0&ws=1600x1200&v=7.43.01&t=700&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-right%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-right%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-bottom%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-top%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-recirc1a%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-recirc1a%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-recirc1b%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-recirc1b%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-recirc1c%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-recirc1c%22%7D%2C%7B%22sd%22%3A%22ad-wallpaper%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fad-wallpaper%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-body1a%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-body1a%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-body1b%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-body1b%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-body1c%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-body1c%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-body2a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-body2a%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-body5a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-body5a%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-body6a%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2281279359%2Fseattletimes.com%2Fbusiness%2Flocal-business%2Fdiv-gpt-ad-body6a%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.90.242 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-90-242.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.seattletimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: vwJi_ONzVEYQVdgHpNv7eBBlNDFTtQGhMdHNg0J9__-q0olsUgT9Mg==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 2081ms
2037ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 18 Nov 2019 20:53:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.seattletimes.com

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 47 B
641 B 2148ms
2087ms XHR
application/json 72.251.249.13
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_2.22.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: b2050a1f9cac877da97c631169e8b139cffa08baf680dd81978778d902d920f2

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 18 Nov 2019 20:53:45 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.seattletimes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 arj Show response
seattle-times-d.openx.net/w/1.0/ 175 B
549 B 9405ms
2172ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://seattle-times-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&jr=https%3A%2F%2Fwww.google.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=3d6612bc-e1fa-48c0-bede-8d050ef598a7%2C85216ad8-2d11-4a3a-920c-579aae8e9c93%2Ceec682c9-d719-482a-badd-c9a1ebbc20b0%2C317a4882-dd54-428e-9110-dc0103d96593%2C68cc1aed-5beb-4f8b-b263-5b9d540e3030%2C3f7517a2-445e-41ee-84e3-9f01e88c49b2%2C344a92fc-38b6-4c5a-a47c-6f2b5dfcbd80%2Cbb2851ca-109c-49f1-b66a-7d2d1bf1ca96%2C3045412e-75a1-45f8-8ec1-858f6eb5fe82%2C1f74f637-1512-446c-aa03-3487641a4035&nocache=1574110423800&aus=300x600%7C970x250%7C728x90%7C970x250%7C300x250%7C300x250%7C300x250%7C970x250%7C970x250%7C970x250&divIds=div-gpt-ad-right%2540openx%2540300X600%2Cdiv-gpt-ad-bottom%2540openx%2540970X250%2Cdiv-gpt-ad-bottom%2540openx%2540728X90%2Cdiv-gpt-ad-top%2540openx%2540970X250%2Cdiv-gpt-ad-body1a%2540openx%2540300X250%2Cdiv-gpt-ad-body1b%2540openx%2540300X250%2Cdiv-gpt-ad-body1c%2540openx%2540300X250%2Cdiv-gpt-ad-body2a%2540openx%2540970X250%2Cdiv-gpt-ad-body5a%2540openx%2540970X250%2Cdiv-gpt-ad-body6a%2540openx%2540970X250&auid=538193070%2C540273972%2C538193067%2C538193069%2C540590308%2C540590310%2C540590311%2C540590312%2C540590315%2C540590318&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.1 /
Resource Hash: 20ed9294343162c2a88e69f7f644c9c9b998687a5ffbb07db15bc9b74da6c28f

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:51 GMT
via: 1.1 google
server: OXGW/16.167.1
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.seattletimes.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 1 KB
10 KB 9404ms
2121ms XHR
application/json 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10472&site_id=112172&zone_id=528640%3B1027252%3B528648%3B585568%3B1178504%3B1178508%3B1178510%3B1178518%3B1178528%3B1178536&size_id=10%3B57%3B2%3B57%3B15%3B15%3B15%3B57%3B57%3B57&p_pos=unknown&rf=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&tk_flint=pbjs_lite_v2.22.0&x_source.tid=1d0ba8e3-6360-497c-93dd-7b02a3a61493%3B9956e264-a2b9-40ef-bd34-6b6f2f226824%3B4b3b62cc-ba09-4585-aefb-a684446829b3%3B007f636d-a079-43f0-8ed0-a75bcbc028f3%3Bacd7c2ad-4056-42c9-844a-19aebc519961%3B331e9ac5-e3fb-4e2f-b239-30a6186013bb%3B4d57ad39-a4a8-4679-8e0f-fbb5511f757a%3B7cb7cea1-9934-486d-bfbf-42c7652ab92d%3B400fc7f6-4a05-4344-bce9-f2275e26d5a6%3B5a2ba6c6-7e29-4675-ab7c-34ee09e7d353&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=10&rand=0.3247391545954159
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 48496e98ecac00c74056419f6bd581a60c646c5d7299d31605710ca7f0342cce

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 18 Nov 2019 20:53:51 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.seattletimes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=366
Content-Length: 406
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
150 B 7261ms
30ms XHR
text/plain 178.250.2.152
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.22.0&cb=29213070265
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 18 Nov 2019 20:53:50 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://www.seattletimes.com
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 53ms
53ms XHR
application/json 37.252.172.250
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

0c357bd95f6294ecf290cb7d4e429c47052736201e35dd11171681668576234d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 18 Nov 2019 20:53:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 212.8.240.143; 212.8.240.143; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7199b250-c46e-4d76-8ac7-51bcf4cf7e59
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.seattletimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
910 B 7392ms
141ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=244001&v=7.2&r=%7B%22id%22%3A%227158b0c6267e719%22%2C%22imp%22%3A%5B%7B%22id%22%3A%227230994939abbfd%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22244001%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22id%22%3A%22730e2374cc159f9%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22291509%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2274537ab6db8128e%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22243996%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22id%22%3A%22754d78ca20424d1%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22243994%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%227603ec223bdca3a%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22340445%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22774b22e80b6c4eb%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22340447%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22780f1a148fa9f59%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22340448%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%2279e49e67414d73b%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22340449%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2280b53384bd6f051%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22340452%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%2281c19b01206d944%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22340455%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.google.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1957423f4ac165509863acf1664e4ce6395d15e20b3676160fa2233aeff4ae40

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 18 Nov 2019 20:53:51 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.seattletimes.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 18 Nov 2019 20:53:51 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 2033ms
2032ms Image
image/gif 104.109.64.186
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=lty1dar&ht=tk&h=www.seattletimes.com&f=4664.4667.5199.5200.5022.5035.5178.5310&a=1740476&js=1.19.2&app=typekit&e=js&_=1574110423847
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.64.186 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-64-186.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:43 GMT
last-modified: Mon, 04 Feb 2019 20:25:20 GMT
server: nginx
access-control-allow-origin: *
etag: "5c589fb0-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Tue, 07 May 2019 18:30:39 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 6342ms
44ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1cd8e2130767f1a6bad26b4e3d5b60b2dee4e0e80feb160904fa45d4bba01c59

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

date: Mon, 18 Nov 2019 20:53:51 GMT
content-encoding: gzip
last-modified: Fri, 25 Oct 2019 13:44:21 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5db2fc35-a7d5"
content-type: text/javascript
status: 200
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 19 Nov 2019 20:53:51 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame CB26 0
0 6313ms
26ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Tue, 17 Nov 2020 20:53:51 GMT
Date: Mon, 18 Nov 2019 20:53:51 GMT
Connection: keep-alive

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET pubads_impl_rendering_2019111401.js
securepubads.g.doubleclick.net/gpt/ 0
0

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

GET
H/1.1 200
OK 9971766C47EF4F02A44EFC47D899B72B.jpg
ntvcld-a.akamaihd.net/image/upload/w_374,h_240,c_fill,g_auto:text,f_auto/assets/ 19 KB
20 KB 5287ms
151ms Image
image/webp 2.16.186.99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvcld-a.akamaihd.net/image/upload/w_374,h_240,c_fill,g_auto:text,f_auto/assets/9971766C47EF4F02A44EFC47D899B72B.jpg
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.99 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-99.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69ad473d74a98c957267b1b273ef8f3b23970b169889fe0ad11efd05751d96c5

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

Date: Mon, 18 Nov 2019 20:53:51 GMT
Status: 200 OK
X-Cache-Hits: 1
Content-Disposition: inline; filename="9971766C47EF4F02A44EFC47D899B72B.webp"
Connection: keep-alive
Content-Length: 19820
X-Request-Id: 2fce428fb0d3f44c48a0c9514b6092af
X-Served-By: cache-iad2129-IAD
Last-Modified: Thu, 07 Nov 2019 20:34:11 GMT
X-Timer: S1574110431.119196,VS0,VE1
ETag: "9b5ab12a5a9ec67db946fed050f8d023"
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, private, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With,Range,User-Agent
Expires: Tue, 17 Nov 2020 20:53:51 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
339 B 4999ms
4999ms Image
image/gif 54.88.83.111
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=5ceab975-3b11-42af-9a0b-9ba838275706&ntv_a=MXAFAWGU-ADdUQA&ntv_fl=Js-9sgkIMAcneH5bOKp6X9uWqFUFyflRK83NhSSTeR4=&ord=979061614&ntv_ht=1wTTXQA&ntv_tad=16&prx_referrer=https%3A%2F%2Fwww.google.com%2F&ntv_it
Requested by: Host: www.seattletimes.com
URL: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.83.111 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-88-83-111.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Nov 2019 20:53:45 GMT
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 0777 0
0 32ms
31ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=70927
Expires: Tue, 19 Nov 2019 16:35:52 GMT
Date: Mon, 18 Nov 2019 20:53:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H/1.1 200
OK wl Show response
t.pubmatic.com/ 17 B
339 B 3400ms
65ms XHR
text/plain 185.64.189.244
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156708
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156708/981/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 18 Nov 2019 20:53:50 GMT
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.seattletimes.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17
Expires: 0

POST ihgFMrBKuMv8jwmxbZPNyqCyg6uA_fN6a08oYGmH619zIjEWOTRWCoA3m8_qd5JbmHJbjUL_sy5-qALgueG20Vv4_Gz
smashsurprise.com/v2/0/ 0
0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 23 B
434 B 30ms
7ms XHR
application/json 2600:9000:20eb:e00:5:ae3a:ba00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: beacon.s-onetag.com
URL: https://beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:e00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36
Referer: https://www.seattletimes.com/business/local-business/anatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims/
Origin: https://www.seattletimes.com

Response headers

date: Mon, 18 Nov 2019 20:11:03 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront), 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
age: 484
x-amzn-requestid: 292a25ae-8598-4ffb-b8e1-dd70e548b8b8
status: 200
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1, FRA2-C1
x-amz-apigw-id: DXwhvGQgyK4FtqA=
content-length: 23
x-amz-cf-id: -LcQfz_g-U-Y1M60lsBHoQgVXhzSRmVirGBcxTO0TISoKmZ5wZU-KQ==

GET i
www.i.matheranalytics.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.seattletimes.com
URL: https://static.seattletimes.com/wp-content/uploads/2019/11/11122019_fake-brit_133726-1020x555.jpg

Domain: static.seattletimes.com
URL: https://static.seattletimes.com/wp-content/uploads/2019/11/171513-1020x1630.jpg

Domain: static.seattletimes.com
URL: https://static.seattletimes.com/wp-content/uploads/2019/11/151452-1020x677.jpg

Domain: static.seattletimes.com
URL: https://static.seattletimes.com/wp-content/uploads/2019/11/171515-1020x678.jpg

Domain: static.seattletimes.com
URL: https://static.seattletimes.com/wp-content/uploads/2019/11/151451-1020x680.jpg

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3808767244599507&correlator=2285563356733584&output=ldjh&impl=fifs&adsid=NT&eid=21062833%2C21065105&vrg=2019111401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191118&iu_parts=81279359%2Cseattletimes.com%2Cbusiness%2Clocal-business%2Cdiv-gpt-ad-right%2Cdiv-gpt-ad-bottom%2Cdiv-gpt-ad-top%2Cdiv-gpt-ad-recirc1a%2Cdiv-gpt-ad-recirc1b%2Cdiv-gpt-ad-recirc1c%2Cad-wallpaper%2Cdiv-gpt-ad-body1a%2Cdiv-gpt-ad-body1b%2Cdiv-gpt-ad-body1c%2Cdiv-gpt-ad-body2a%2Cdiv-gpt-ad-body5a%2Cdiv-gpt-ad-body6a&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F5%2C0%2F1%2F2%2F3%2F6%2C0%2F1%2F2%2F3%2F7%2C0%2F1%2F2%2F3%2F8%2C0%2F1%2F2%2F3%2F9%2C0%2F1%2F2%2F3%2F10%2C0%2F1%2F2%2F3%2F11%2C0%2F1%2F2%2F3%2F12%2C0%2F1%2F2%2F3%2F13%2C0%2F1%2F2%2F3%2F14%2C0%2F1%2F2%2F3%2F15%2C0%2F1%2F2%2F3%2F16&prev_iu_szs=300x600%2C970x250%7C728x90%2C970x250%2C300x250%2C300x250%2C300x250%2C1x1%2C300x250%2C300x250%2C300x250%2C970x250%2C970x250%2C970x250&prev_scp=pos%3Dright%2Celite%2Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbottom%26amznbid%3D2%26amznp%3D2%7Cpos%3Dtop%2Celite%2Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Drecirc1a%26amznbid%3D2%26amznp%3D2%7Cpos%3Drecirc1b%26amznbid%3D2%26amznp%3D2%7Cpos%3Drecirc1c%26amznbid%3D2%26amznp%3D2%7Cpos%3Dwallpaper%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbody1a%2Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbody1b%2Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbody1c%2Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbody2a%2Cpremium%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbody5a%26amznbid%3D2%26amznp%3D2%7Cpos%3Dbody6a%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=tpid%3D%26ccaud%3D%26type%3Dstory%26subsc%3DNoAcct-NotLoggedIn%26id%3D12182588%26category%3D%26tag%3D%26author%3DPaul%2520Roberts%26environment%3Dprod&cookie_enabled=1&bc=31&abxe=1&lmt=1574110424&dt=1574110424818&dlt=1574110415928&idt=7714&frm=20&biw=1585&bih=1200&oid=3&adxs=978%2C308%2C283%2C304%2C643%2C982%2C0%2C304%2C643%2C982%2C304%2C304%2C304&adys=685%2C9740%2C125%2C9446%2C9446%2C9446%2C10257%2C2515%2C2515%2C2515%2C3717%2C7091%2C8279&adks=653453968%2C243001711%2C1640847396%2C136452027%2C3152078653%2C2440871920%2C3833419642%2C3044622320%2C3806220188%2C1123228222%2C885209020%2C202893843%2C1131650444&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&ref=https%3A%2F%2Fwww.google.com%2F&dssz=65&icsg=1130245342805952&mso=2048&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x8884%7C970x250%7C1030x271%7C978x250%7C978x250%7C978x250%7C1585x1%7C978x250%7C978x250%7C978x250%7C978x250%7C978x250%7C978x250&msz=300x600%7C970x250%7C1020x250%7C300x250%7C300x250%7C300x250%7C1585x1%7C300x250%7C300x250%7C300x250%7C970x250%7C970x250%7C970x250&ga_vid=1476393013.1574110425&ga_sid=1574110425&ga_hid=759205813&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1585%2C1585%2C1585%2C300%2C300%2C300%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585%2C1585

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111401.js

Domain: smashsurprise.com
URL: https://smashsurprise.com/v2/0/ihgFMrBKuMv8jwmxbZPNyqCyg6uA_fN6a08oYGmH619zIjEWOTRWCoA3m8_qd5JbmHJbjUL_sy5-qALgueG20Vv4_Gz

Domain: www.i.matheranalytics.com
URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.94&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_nolocalstorage=1&tvltm=9&f_privb=0&tid=e52035b2-0d5f-40a7-963a-86b4df768930&pid=6e5b10c5-fe3b-45a2-9d8f-fca7903af431&dtm=1574110433020&qnm=_matherq&visible=1&tabid=8d0d1d7f-4310-4acd-80f7-ceab976931f8&refr=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.seattletimes.com%2Fbusiness%2Flocal-business%2Fanatomy-of-a-fraud-fake-billionaires-6-million-scams-claimed-dozens-of-local-victims%2F&vp=1600x1200&ds=1585x10497&tofa=1574110433&vid=1&lvidt=1574110433&duid=b09a8f9b6ca58d3b&fp=4156478823&cid=ma39482&mrk=93382992&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTU3NDExMDQxNTY1MiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxOS4yNjI4Mm1iIiwiaGVhcFQiOiIyOS4yMDkyOTJtYiIsImZzdFBhaW50IjoiNTA1IiwiZmV0Y2hTIjoiNiIsImRvbWFpblMiOiI3IiwiZG9tYWluRSI6IjgiLCJjb25uUyI6IjgiLCJjb25uRSI6IjY4Iiwic3NsUyI6IjIxIiwicmVxdVMiOiI2OSIsInJlc3BTIjoiMjczIiwicmVzcEUiOiIyOTYiLCJkb21Mb2FkIjoiMjc2IiwiZG9tSW50ZXIiOiI1MjUiLCJkb21Mb2FkUyI6IjUyNiIsImRvbUxvYWRFIjoiNTQyIn19

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: lotr=Guest

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aaxdetect.com
acdn.adnxs.com
ad.crwdcntrl.net
ad.doubleclick.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
ap.lijit.com
as-sec.casalemedia.com
awsapi.seattletimes.com
beacon.s-onetag.com
bidder.criteo.com
c.aaxads.com
c.amazon-adsystem.com
cdn.calltrk.com
connect.facebook.net
dlvr.it
fastlane.rubiconproject.com
fonts.googleapis.com
get.s-onetag.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
jadserve.postrelease.com
js.matheranalytics.com
l3.aaxads.com
mab.chartbeat.com
ntvcld-a.akamaihd.net
onetag-geo.s-onetag.com
p.typekit.net
s.ntv.io
sb.scorecardresearch.com
seattle-times-d.openx.net
securepubads.g.doubleclick.net
smashsurprise.com
static.ads-twitter.com
static.chartbeat.com
static.criteo.net
static.seattletimes.com
stats.g.doubleclick.net
t.co
t.pubmatic.com
tags.crwdcntrl.net
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.seattletimes.com
securepubads.g.doubleclick.net
smashsurprise.com
static.seattletimes.com
www.i.matheranalytics.com
104.109.64.186
104.109.83.60
104.244.42.133
107.178.250.234
13.225.78.38
143.204.101.107
143.204.90.242
151.101.12.157
172.217.16.162
172.217.21.230
178.250.0.130
178.250.2.152
185.64.189.112
185.64.189.244
2.16.186.99
2.18.232.130
2.18.233.180
2.18.234.163
2.18.234.21
216.58.207.34
23.0.46.188
23.5.97.37
2600:9000:20eb:e00:5:ae3a:ba00:93a1
2600:9000:2156:d800:18:1fcd:349:ca21
2600:9000:21f3:200:1f:287:d20a:ce1
2600:9000:21f3:fa00:5:9a4c:9b00:93a1
2a00:1450:4001:800::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2001
2a00:1450:4001:815::2002
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2002
2a00:1450:4001:820::200a
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::714
34.207.22.192
34.248.0.222
34.95.120.147
35.190.91.111
37.252.172.250
54.70.43.234
54.84.142.222
54.88.83.111
69.173.144.143
72.246.169.232
72.251.249.13
93.184.220.113
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c357bd95f6294ecf290cb7d4e429c47052736201e35dd11171681668576234d
0c7603d2ffaf7858118b699779cd3e33e3f3a37916528a969974cca8713d7285
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0deea61378ddbb1533471f3e09e2859c55588c3e1c4165ca251da56bbde6f09e
0e8f4abc718a0512845b75314576d83fbd440bce73212eaf96d5f645ea7e68bf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f7c2d8e7b31ad79e3f8d08eab6cccef702cd680a34575ebc68f3c4d55793a4
18e542526491b39191ba7e0a3dd13c72cdf5196f2468b9e2438d9429ac026ecd
1957423f4ac165509863acf1664e4ce6395d15e20b3676160fa2233aeff4ae40
19e1431c5882e4d1eb568234f7b71911d59366ccc8efedfae96ee4c909540cb7
1a66cf39cadb97c12f5ac0b2cc451dfec10bd31f70916cc7b987268118761b7d
1c772192d318b30339e05ce1e87618b2d1c7519e14f3f20dbd358238c45245a3
1cd8e2130767f1a6bad26b4e3d5b60b2dee4e0e80feb160904fa45d4bba01c59
1db7a37f2ae0300a8b0e818dd4176d29a321e3992a9e72fc982759560b27622a
1e1367939e17fdbaf00701c6d9930dc28c756256f3e35b6061a4c4fdb5189401
1e794399af60ec6300017e12e37a6b7a8253a9ff05ef41ca5e42b76dced02ef4
20ed9294343162c2a88e69f7f644c9c9b998687a5ffbb07db15bc9b74da6c28f
2c2cda13d0a2c9bf22230d3ba28e3f8168025455d21bf9c420342750164397f2
2f091663551853d09d0087c9f0b7b448e46de5bd2ccc973666c0b65f7bdf4bea
308603042b468f50088fc1da2d2df84961098f3f3126b36a124dc6c092e2c275
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
370b9a08c6b8de545fccb59bf458f3826557dba6ac9eaa46aa54a5e492d8de82
371b0723b274026907d7625b2ecc830910f884fbc2f741c5bdbd027b34306a3d
48496e98ecac00c74056419f6bd581a60c646c5d7299d31605710ca7f0342cce
4d336b2f26c28d81613b6added9d9f942806236744523712204cca7362c78d01
4e7e803000d58fced9aa75702851ff352110b0ee6590ae62c6020d0bfb02f644
534b9a490988df78da7d11fc73b894f2c8fb0e9fceb0797768455a70aa1b6647
54f2cb7a83e702cce724b4b34735d0670c44310dd97c999db52d07f3dfdf2f05
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b6990ee61c64b9637d94c42de3ae254252fd873190177d04808df0173501423
5d47cf8bc314f461d930f3790544c50d68e23dbfb859eaf19a99ce2b8ad4895e
663b5509c577b6f17fae5107da524d86162f8c84106c6d6cda405ab94f72f688
683d1c81afcbda3e3fe6a49a62d9c871758b3172c0c434829ea580e4960e3fb0
69ad473d74a98c957267b1b273ef8f3b23970b169889fe0ad11efd05751d96c5
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6cba1670f7f2baed2fabd42b7735c71738aa968e433ceecd3cb9156c93f8fa1e
6ee5709b4ae167886d1a6401975189d8e9f079cabb11b92604c35ce26f0b6916
6f62264c991fbf339ac2d25c7bd4f772d79a817c0014ed640fcce5057f153e05
70ef4c822491fe92d2930416a41be09acc296a0e6a32550cbefc8db927b226a0
744c0c383400ae6c711c84783e5c296216ea723df61be17c802c58e9471a46c0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7660c6d3d8df0c3c84051b7d13329634df7338e49e889a749dff238f73f719d7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7ac551c78b2e3f14fa4d2470d662b314de4dc008204fed17404ca4e2947a77e4
7aee25147e91ea27917ac5cfd8ea30fdcae0e6b1072e51a1d644dafb76ab5c4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
8d72896231784bd8e6008bcd8cb2dde0d23845a0d565a1d1d3c7f61e51a750e3
91e0a77743db28d32d611f7aec0ece7d07fe3ae72084858596d8e3cd7127ca0a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94a6b22d40817a54e7a3f2ec9443438e2a57441d7bc89d7b95b2dc5e51731ffd
98ecc0bce26305114d5c34b34e24583eb60ba3f1ff352ab9d8bb4de91cb0abbd
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ea02f1e10dec36331b8c73fcae859e3fcb484b62d63c84556f41d56897f159e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a67f9642d568e38894d544fdc69188d7fc12995f5571391cf2afb3df02381870
a98d81c848624e032ab8a9a5732e9d804b18d124d00f98de3500529bf2098bc0
ac2023f3a20503f101ec818760b0892d07e80397237aa8af5256e3105164870a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b2050a1f9cac877da97c631169e8b139cffa08baf680dd81978778d902d920f2
b6144678a4dc68544834f194b3491d5d6c1cffcd30535637da7ba8da50a2e7ec
c0a6ad7bae75e0f3acc22465e451d8b257447653c9be334aed05125b6cb17370
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c5db7f48141cd0ec9027a1c94ec661e6626fa50d66d7ba04950bf9ffb45a8e77
c5fa91573e2bbac284be99ab9045d8b29902467bb9525606198ab06e33d73262
c7ac0d791b0ad92100e6071256d55d4b7f11b7a4c064348ced16838faaa0183f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d652b147ad1822f985252f26f60480d17ab3910d30da1f7235ba272e9d3d2e82
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dbf3c857eb35b901813c878ab820207c24c4d491ea933e986010ab385aa402ef
dd235ea4a681cf8e874b9790698d0307e68f1f3eaa5c364f4987fa6352ef6e02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6714e710a44b528d83256bfcf631af84847ae6b456ec21c7aab672e5c32e282
e767af013378d1adf0d6561edd37f8cd0d05ba430ce7a611ce94828478d85c67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f3dcf73e96a474f000315f25995145c96c42fef1d67381da07bca5a099f86160
f623e1d423f85d8c36affb7faf68d0b804e0389e2621de2ea9eb97bb0df21c76
f8e50177029cb2306172bc041564b5b2000688d67989a56b70c0c4bc71278326
fb26c191b609a5ce8d670c3a76ca8e94996ff6367a3571407741ff1cc0197bd0
fe1d8731586a0b3f1c5a3dba7d6b1c879495cbc6d05163a234868f082d9a06fb

www.seattletimes.com Open in urlscan Pro 104.109.83.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

92 %HTTPS

37 %IPv6

37 Domains

56 Subdomains

53 IPs

8 Countries

1429 kBTransfer

4152 kBSize

0 Cookies

35 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.seattletimes.com Open in urlscan Pro
104.109.83.60 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

92 %
HTTPS

37 %
IPv6

37
Domains

56
Subdomains

53
IPs

8
Countries

1429 kB
Transfer

4152 kB
Size

0
Cookies

109 HTTP transactions
4 data transactions