www.reuters.com Open in urlscan Pro
2600:9000:26f2:c000:15:5a3e:9d40:93a1  Public Scan

URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath...
Submission: On August 13 via manual from JP — Scanned from JP

Summary

This website contacted 122 IPs in 8 countries across 84 domains to perform 488 HTTP transactions. The main IP is 2600:9000:26f2:c000:15:5a3e:9d40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.reuters.com. The Cisco Umbrella rank of the primary domain is 23410.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 1st 2024. Valid for: a year.
This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 2600:9000:26f... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 2600:140b:a00... 20940 (AKAMAI-ASN1)
3 104.18.25.111 13335 (CLOUDFLAR...)
9 13.35.27.29 16509 (AMAZON-02)
1 23.34.99.108 16625 (AKAMAI-AS)
2 172.67.74.245 13335 (CLOUDFLAR...)
28 104.18.31.150 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 2600:140b:1c0... 20940 (AKAMAI-ASN1)
1 3 192.29.13.138 31898 (ORACLE-BM...)
12 2600:9000:26c... 16509 (AMAZON-02)
4 104.18.20.206 13335 (CLOUDFLAR...)
1 13.33.174.21 16509 (AMAZON-02)
22 34.160.152.31 396982 (GOOGLE-CL...)
21 142.250.206.194 15169 (GOOGLE)
1 34.111.152.239 396982 (GOOGLE-CL...)
1 151.101.108.157 54113 (FASTLY)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2406:2000:a4:... 10230 (YAHOO-SG ...)
1 65.9.39.3 16509 (AMAZON-02)
1 2600:9000:221... 16509 (AMAZON-02)
1 117.18.232.195 15133 (EDGECAST)
1 104.244.42.195 13414 (TWITTER)
1 54.150.112.144 16509 (AMAZON-02)
17 142.250.76.130 15169 (GOOGLE)
2 104.18.20.97 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 142.250.76.136 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
2 2600:9000:221... 16509 (AMAZON-02)
2 4 13.32.50.88 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 142.250.76.134 15169 (GOOGLE)
2 172.217.25.166 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.225.71.245 14618 (AMAZON-AES)
1 2a04:4e42:200... 54113 (FASTLY)
1 18.235.141.191 14618 (AMAZON-AES)
1 2600:140b:400... 20940 (AKAMAI-ASN1)
1 2 2406:2600:4::b 55569 (CRITEO-AS...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.111.33 396982 (GOOGLE-CL...)
1 2 35.244.193.51 396982 (GOOGLE-CL...)
1 13.228.126.19 16509 (AMAZON-02)
2 182.161.74.11 55569 (CRITEO-AS...)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
2 162.19.138.116 16276 (OVH)
1 34.107.165.188 396982 (GOOGLE-CL...)
1 44.218.0.89 14618 (AMAZON-AES)
2 3 35.71.131.137 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:116:800e... 16509 (AMAZON-02)
26 52.68.124.96 16509 (AMAZON-02)
2 130.211.23.194 396982 (GOOGLE-CL...)
1 35.241.9.51 15169 (GOOGLE)
3 4 103.43.90.54 29990 (ASN-APPNEX)
1 34.36.214.49 396982 (GOOGLE-CL...)
5 23.32.224.239 16625 (AKAMAI-AS)
1 2404:6800:400... 15169 (GOOGLE)
8 142.251.42.174 15169 (GOOGLE)
2 2600:9000:26f... 16509 (AMAZON-02)
9 34.98.72.95 396982 (GOOGLE-CL...)
5 44.233.229.211 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 142.250.206.227 15169 (GOOGLE)
1 18.140.156.156 16509 (AMAZON-02)
4 34.107.254.252 396982 (GOOGLE-CL...)
1 34.120.253.250 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 9 52.37.4.167 16509 (AMAZON-02)
1 207.65.34.80 62713 (AS-PUBMATIC)
1 69.173.158.64 26667 (RUBICONPR...)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
1 3 172.217.25.162 15169 (GOOGLE)
2 2 18.138.186.60 16509 (AMAZON-02)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 172.240.155.100 7979 (SERVERS-COM)
1 162.19.138.82 16276 (OVH)
7 35.81.90.104 16509 (AMAZON-02)
9 142.250.76.142 15169 (GOOGLE)
1 34.102.183.59 396982 (GOOGLE-CL...)
1 34.98.127.78 396982 (GOOGLE-CL...)
1 35.244.177.184 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
9 34.107.140.113 396982 (GOOGLE-CL...)
4 54.169.90.152 16509 (AMAZON-02)
3 69.173.158.65 26667 (RUBICONPR...)
8 52.76.62.253 16509 (AMAZON-02)
4 182.161.74.18 55569 (CRITEO-AS...)
1 1 23.219.68.21 16625 (AKAMAI-AS)
6 34.111.8.32 396982 (GOOGLE-CL...)
1 34.237.70.114 14618 (AMAZON-AES)
2 172.64.149.180 13335 (CLOUDFLAR...)
2 23.195.85.83 20940 (AKAMAI-ASN1)
1 23.40.192.176 16625 (AKAMAI-AS)
1 1 52.223.40.198 16509 (AMAZON-02)
1 54.151.251.104 16509 (AMAZON-02)
1 35.71.178.8 16509 (AMAZON-02)
4 5 35.213.12.39 15169 (GOOGLE)
1 1 23.44.52.187 20940 (AKAMAI-ASN1)
2 2406:2600:4::1 55569 (CRITEO-AS...)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 2600:1901:0:5... 396982 (GOOGLE-CL...)
1 34.102.193.48 396982 (GOOGLE-CL...)
21 2600:1f18:1ac... 14618 (AMAZON-AES)
1 172.217.161.226 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
8 2404:6800:400... 15169 (GOOGLE)
7 23.32.225.214 16625 (AKAMAI-AS)
1 1 13.212.219.28 16509 (AMAZON-02)
5 172.217.175.226 15169 (GOOGLE)
3 172.217.161.68 15169 (GOOGLE)
1 131.153.206.102 59210 (PHOENIXNA...)
1 13.251.151.87 16509 (AMAZON-02)
7 104.17.209.240 13335 (CLOUDFLAR...)
2 216.239.36.181 15169 (GOOGLE)
7 104.18.12.66 13335 (CLOUDFLAR...)
3 104.17.208.240 13335 (CLOUDFLAR...)
1 10 104.18.7.198 13335 (CLOUDFLAR...)
3 104.18.13.66 13335 (CLOUDFLAR...)
4 34.117.4.53 396982 (GOOGLE-CL...)
2 104.18.36.155 13335 (CLOUDFLAR...)
488 122
Apex Domain
Subdomains
Transfer
59 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 1040
pixel.adsafeprotected.com — Cisco Umbrella Rank: 1139
dt.adsafeprotected.com — Cisco Umbrella Rank: 974
181 KB
32 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
10844217.fls.doubleclick.net — Cisco Umbrella Rank: 44707
ad.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 1000
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
263 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
7cc31a9cfa56fad9a4f45ece8b5e1ff4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
388 KB
29 reuters.com
www.reuters.com — Cisco Umbrella Rank: 23410
924 KB
28 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 14117
52 KB
26 pub.network
a.pub.network — Cisco Umbrella Rank: 7353
d.pub.network — Cisco Umbrella Rank: 7910
c.pub.network — Cisco Umbrella Rank: 7429
366 KB
22 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2328
a.ad.gt — Cisco Umbrella Rank: 2521
p.ad.gt — Cisco Umbrella Rank: 2796
ids.ad.gt — Cisco Umbrella Rank: 2348
pixels.ad.gt — Cisco Umbrella Rank: 2702
21 KB
17 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
76 KB
11 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 3941
tag.bounceexchange.com — Cisco Umbrella Rank: 6732
api.bounceexchange.com — Cisco Umbrella Rank: 4107
218 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
24 KB
10 connatix.com
cds.connatix.com — Cisco Umbrella Rank: 5372
capi.connatix.com — Cisco Umbrella Rank: 1317
assets.connatix.com — Cisco Umbrella Rank: 10769
143 KB
10 elements.video
cd.elements.video — Cisco Umbrella Rank: 40098
cds.elements.video — Cisco Umbrella Rank: 37476
capi.elements.video — Cisco Umbrella Rank: 23937
ins.elements.video — Cisco Umbrella Rank: 47275
241 KB
10 qualtrics.com
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com — Cisco Umbrella Rank: 48332
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1504
90 KB
10 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 2320
usersync.gumgum.com — Cisco Umbrella Rank: 2681
rtb.gumgum.com — Cisco Umbrella Rank: 2583
48 KB
9 t13.io
s2s.t13.io — Cisco Umbrella Rank: 4581
31 KB
9 segment.com
cdn.segment.com — Cisco Umbrella Rank: 3005
147 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 553
mug.criteo.com — Cisco Umbrella Rank: 2813
bidder.criteo.com — Cisco Umbrella Rank: 944
11 KB
7 moatads.com
z.moatads.com — Cisco Umbrella Rank: 1247
px.moatads.com — Cisco Umbrella Rank: 1015
110 KB
7 segment.io
api.segment.io — Cisco Umbrella Rank: 1485
1 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
281 KB
6 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 694
fastlane.rubiconproject.com — Cisco Umbrella Rank: 780
eus.rubiconproject.com — Cisco Umbrella Rank: 948
15 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 855
image2.pubmatic.com — Cisco Umbrella Rank: 1373
hbopenbid.pubmatic.com Failed
225 B
6 arcpublishing.com
api-reuters-reuters-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 41755
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 499
3 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 998
eb2.3lift.com — Cisco Umbrella Rank: 632
4 KB
5 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 2653
1 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
secure.adnxs.com — Cisco Umbrella Rank: 764
acdn.adnxs.com — Cisco Umbrella Rank: 961
4 KB
5 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 4307
api.permutive.com — Cisco Umbrella Rank: 3370
141 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4784
rp.liadm.com — Cisco Umbrella Rank: 1645
rp4.liadm.com — Cisco Umbrella Rank: 4911
idx.liadm.com — Cisco Umbrella Rank: 2445
i.liadm.com — Cisco Umbrella Rank: 937
39 KB
4 wknd.ai
ssp.wknd.ai — Cisco Umbrella Rank: 6927
26 B
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 892
as-sec.casalemedia.com — Cisco Umbrella Rank: 4738
2 KB
4 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 3679
497 B
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 505
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 278
4 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 1573
api.btloader.com — Cisco Umbrella Rank: 1813
19 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
361 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 6963
page.cdnbasket.net — Cisco Umbrella Rank: 6969
view.cdnbasket.net — Cisco Umbrella Rank: 6981
1014 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2461
mab.chartbeat.com — Cisco Umbrella Rank: 3880
35 KB
3 eloqua.com
s2124157686.t.eloqua.com — Cisco Umbrella Rank: 42783
2 KB
3 scaredsnakes.com
scaredsnakes.com — Cisco Umbrella Rank: 40907
26 KB
3 tru.am
tru.am — Cisco Umbrella Rank: 6235
beacon.tru.am — Cisco Umbrella Rank: 7510
12 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 449
41 KB
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 5623
e.cdnwidget.com — Cisco Umbrella Rank: 20630
332 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
72 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 1124
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 1075
708 B
2 reutersmedia.net
static.reutersmedia.net — Cisco Umbrella Rank: 46316
25 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 2337
pixel.quantserve.com — Cisco Umbrella Rank: 1616
11 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1603
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 645
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393
1 KB
2 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2352
602 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804
129 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 1020
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
75 KB
2 datadome.co
js.datadome.co — Cisco Umbrella Rank: 6926
api-js.datadome.co — Cisco Umbrella Rank: 6331
30 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
559 B
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 2168
c.go-mpulse.net — Cisco Umbrella Rank: 906
51 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1162
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 804
371 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1556
243 B
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 5226
332 B
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1864
844 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 2075
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187
275 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 3082
202 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1995
442 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 17187
63 B
1 openx.net
pa.openx.net — Cisco Umbrella Rank: 5140
1 prmutv.co
a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co — Cisco Umbrella Rank: 61732
384 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1369
279 B
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 9270
8 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2589
12 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1859
201 B
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 11720
660 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1356
396 B
1 t.co
t.co — Cisco Umbrella Rank: 979
377 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2536
48 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1253
15 KB
1 optimise.net
optimise.net — Cisco Umbrella Rank: 8494
1 KB
1 en25.com
img.en25.com — Cisco Umbrella Rank: 15632
3 KB
0 intentiq.com Failed
sync.intentiq.com Failed
488 84
Domain Requested by
29 www.reuters.com 1 redirects www.reuters.com
js.datadome.co
28 www.dianomi.com www.reuters.com
www.dianomi.com
26 pixel.adsafeprotected.com static.adsafeprotected.com
www.reuters.com
21 dt.adsafeprotected.com www.reuters.com
21 pagead2.googlesyndication.com a.pub.network
www.reuters.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
17 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
www.reuters.com
pagead2.googlesyndication.com
12 static.adsafeprotected.com www.reuters.com
11 c.pub.network js.datadome.co
11 www.google-analytics.com cdn.segment.com
www.google-analytics.com
www.reuters.com
11 d.pub.network www.reuters.com
js.datadome.co
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
9 siteintercept.qualtrics.com zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
siteintercept.qualtrics.com
9 s2s.t13.io js.datadome.co
www.reuters.com
9 ids.ad.gt 1 redirects www.reuters.com
9 assets.bounceexchange.com www.reuters.com
tag.bounceexchange.com
assets.bounceexchange.com
9 id.hadron.ad.gt js.datadome.co
cdn.hadronid.net
9 cdn.segment.com www.reuters.com
cdn.segment.com
8 tpc.googlesyndication.com www.reuters.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 g2.gumgum.com js.datadome.co
7 api.segment.io js.datadome.co
7 cdn.cookielaw.org www.reuters.com
cdn.cookielaw.org
js.datadome.co
6 cds.connatix.com cds.elements.video
cds.connatix.com
6 cds.elements.video cd.elements.video
cds.elements.video
6 px.moatads.com www.reuters.com
blank
6 api-reuters-reuters-prod.cdn.arcpublishing.com www.reuters.com
5 googleads.g.doubleclick.net www.reuters.com
5 x.bidswitch.net 4 redirects www.reuters.com
5 protected-by.clarium.io www.reuters.com
5 ads.pubmatic.com a.pub.network
assets.bounceexchange.com
4 ssp.wknd.ai assets.bounceexchange.com
4 events.bouncex.net www.reuters.com
blank
4 bidder.criteo.com js.datadome.co
4 tlx.3lift.com js.datadome.co
4 api.permutive.com cdn.permutive.com
4 analytics.google.com js.datadome.co
4 match.adsrvr.org 3 redirects js.datadome.co
4 sb.scorecardresearch.com 2 redirects www.reuters.com
4 a.pub.network www.reuters.com
a.pub.network
4 www.googletagmanager.com www.reuters.com
www.googletagmanager.com
cdn.segment.com
p.ad.gt
3 capi.connatix.com 1 redirects cds.elements.video
3 www.google.com www.reuters.com
tpc.googlesyndication.com
3 fastlane.rubiconproject.com js.datadome.co
3 cm.g.doubleclick.net 1 redirects www.reuters.com
a.pub.network
3 pixel.tapad.com 3 redirects
3 s2124157686.t.eloqua.com 1 redirects www.reuters.com
img.en25.com
3 scaredsnakes.com www.reuters.com
js.datadome.co
2 as-sec.casalemedia.com assets.bounceexchange.com
2 capi.elements.video cds.elements.video
2 s0.2mdn.net www.reuters.com
2 ssum-sec.casalemedia.com 1 redirects a.pub.network
2 static.criteo.net a.pub.network
js.datadome.co
2 eus.rubiconproject.com assets.bounceexchange.com
a.pub.network
2 js-sec.indexww.com assets.bounceexchange.com
a.pub.network
2 ad.360yield.com 2 redirects
2 secure.adnxs.com 2 redirects
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 static.reutersmedia.net www.reuters.com
2 ib.adnxs.com 1 redirects cdn.permutive.com
2 api.btloader.com js.datadome.co
freestar-io.videoplayerhub.com
2 ad-delivery.net www.reuters.com
2 id5-sync.com js.datadome.co
2 mug.criteo.com www.reuters.com
2 lexicon.33across.com 1 redirects www.reuters.com
2 gum.criteo.com 1 redirects
2 ad.doubleclick.net www.reuters.com
2 10844217.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 static.chartbeat.com www.reuters.com
2 www.facebook.com www.reuters.com
2 btloader.com www.reuters.com
js.datadome.co
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 s.yimg.com www.reuters.com
s.yimg.com
2 connect.facebook.net www.reuters.com
connect.facebook.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 tru.am www.reuters.com
tru.am
1 assets.connatix.com www.reuters.com
1 ins.elements.video cds.elements.video
1 cd.elements.video www.reuters.com
1 zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com www.reuters.com
1 rtb.gumgum.com a.pub.network
1 prebid.a-mo.net a.pub.network
1 match.sharethrough.com 1 redirects
1 z.moatads.com www.reuters.com
1 googleads4.g.doubleclick.net www.reuters.com
1 e.cdnwidget.com www.reuters.com
1 ids.cdnwidget.com assets.bounceexchange.com
1 stags.bluekai.com 1 redirects
1 eb2.3lift.com a.pub.network
1 usersync.gumgum.com a.pub.network
1 acdn.adnxs.com a.pub.network
1 contextual-analytics.wunderkind.co assets.bounceexchange.com
1 pixel.quantserve.com www.reuters.com
1 i.liadm.com b-code.liadm.com
1 api.bounceexchange.com assets.bounceexchange.com
1 hbx.media.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 pixels.ad.gt p.ad.gt
1 view.cdnbasket.net assets.bounceexchange.com
1 page.cdnbasket.net assets.bounceexchange.com
1 data.cdnbasket.net assets.bounceexchange.com
1 lb.eu-1-id5-sync.com js.datadome.co
1 sync.colossusssp.com www.reuters.com
1 d.turn.com 1 redirects
1 token.rubiconproject.com www.reuters.com
1 image2.pubmatic.com www.reuters.com
1 p.ad.gt a.ad.gt
1 tag.bounceexchange.com assets.bounceexchange.com
1 sp.analytics.yahoo.com www.reuters.com
1 www.google.co.jp www.reuters.com
1 7cc31a9cfa56fad9a4f45ece8b5e1ff4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pa.openx.net a.pub.network
1 a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co cdn.permutive.com
1 secure.quantserve.com a.pub.network
1 idx.liadm.com js.datadome.co
1 api.rlcdn.com js.datadome.co
1 ups.analytics.yahoo.com js.datadome.co
1 cdn.edkt.io a.pub.network
1 cdn.hadronid.net a.pub.network
1 c.go-mpulse.net s.go-mpulse.net
1 ping.chartbeat.net www.reuters.com
1 mab.chartbeat.com static.chartbeat.com
1 rp4.liadm.com www.reuters.com
1 rp.liadm.com 1 redirects
1 cdn.permutive.com www.reuters.com
1 freestar-io.videoplayerhub.com 1 redirects
1 api-js.datadome.co js.datadome.co
1 analytics.twitter.com www.reuters.com
1 t.co www.reuters.com
1 b-code.liadm.com www.googletagmanager.com
1 www.datadoghq-browser-agent.com www.reuters.com
1 static.ads-twitter.com www.googletagmanager.com
1 optimise.net js.datadome.co
1 beacon.tru.am tru.am
1 js.datadome.co www.reuters.com
1 img.en25.com www.reuters.com
1 s.go-mpulse.net www.reuters.com
0 hbopenbid.pubmatic.com Failed assets.bounceexchange.com
0 sync.intentiq.com Failed
488 138

This site contains no links.

Subject Issuer Validity Valid
www.reuters.com
COMODO RSA Organization Validation Secure Server CA
2024-07-01 -
2025-07-01
a year crt.sh
tru.am
WE1
2024-07-15 -
2024-10-13
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
scaredsnakes.com
E5
2024-07-07 -
2024-10-05
3 months crt.sh
*.segment.com
Amazon RSA 2048 M03
2023-11-14 -
2024-12-13
a year crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-07-29
a year crt.sh
dianomi.com
E5
2024-06-28 -
2024-09-26
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.cdn.arcpublishing.com
Entrust Certification Authority - L1K
2024-01-08 -
2025-02-08
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2024-04-25 -
2025-05-24
a year crt.sh
pub.network
WE1
2024-07-21 -
2024-10-19
3 months crt.sh
*.datadome.co
Gandi RSA Domain Validation Secure Server CA 3
2023-10-10 -
2024-11-09
a year crt.sh
d.pub.network
WR3
2024-07-17 -
2024-10-15
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
optimise.net
WR3
2024-07-12 -
2024-10-10
3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-05-22 -
2024-08-20
3 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-07-30 -
2024-09-18
2 months crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-08-03
a year crt.sh
*.liadm.com
Amazon RSA 2048 M03
2023-12-02 -
2024-12-29
a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-08 -
2025-05-07
a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-10-31
a year crt.sh
confiant-integrations.net
WE1
2024-07-12 -
2024-10-10
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2024-05-15 -
2025-06-06
a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3
2023-12-26 -
2024-12-25
a year crt.sh
*.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1
2023-11-20 -
2024-12-20
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-18 -
2024-09-17
3 months crt.sh
hadronid.net
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
edkt.io
WR3
2024-08-03 -
2024-11-01
3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-07-30 -
2025-01-22
6 months crt.sh
id.hadron.ad.gt
WE1
2024-07-23 -
2024-10-21
3 months crt.sh
*.id5-sync.com
E6
2024-07-01 -
2024-09-29
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
btloader.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
ad-delivery.net
WE1
2024-07-15 -
2024-10-13
3 months crt.sh
quantserve.com
R10
2024-06-24 -
2024-09-22
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M03
2024-02-28 -
2025-03-29
a year crt.sh
*.t.eloqua.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-26 -
2025-04-10
a year crt.sh
api.btloader.com
WR3
2024-08-02 -
2024-10-31
3 months crt.sh
*.prmutv.co
R3
2024-05-23 -
2024-08-21
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
c.pub.network
WR3
2024-07-14 -
2024-10-12
3 months crt.sh
pa.openx.net
WR3
2024-07-22 -
2024-10-20
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
static.reuters.com
COMODO RSA Organization Validation Secure Server CA
2023-12-21 -
2024-12-20
a year crt.sh
assets.bounceexchange.com
WR3
2024-07-17 -
2024-10-15
3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03
2023-11-16 -
2024-12-15
a year crt.sh
*.google.co.jp
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
a.ad.gt
WE1
2024-08-07 -
2024-11-05
3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-07-30 -
2025-01-22
6 months crt.sh
api.permutive.com
R10
2024-06-13 -
2024-09-11
3 months crt.sh
tag.bounceexchange.com
R10
2024-07-17 -
2024-10-15
3 months crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3
2023-11-09 -
2024-11-07
a year crt.sh
*.ad.gt
Amazon RSA 2048 M02
2024-03-10 -
2025-04-08
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2
2023-09-08 -
2024-10-09
a year crt.sh
*.eu-1-id5-sync.com
R10
2024-07-01 -
2024-09-29
3 months crt.sh
*.segment.io
Amazon RSA 2048 M03
2023-12-13 -
2025-01-11
a year crt.sh
data.cdnbasket.net
WR3
2024-07-02 -
2024-09-30
3 months crt.sh
page.cdnbasket.net
WR3
2024-07-10 -
2024-10-08
3 months crt.sh
view.cdnbasket.net
WR3
2024-07-11 -
2024-10-09
3 months crt.sh
pixels.ad.gt
WE1
2024-07-08 -
2024-10-06
3 months crt.sh
s2s.t13.io
WR3
2024-07-08 -
2024-10-06
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
sp-ad-exch-prd-two-eks.prd.eks.sp.adexchange.gumgum.com
Amazon RSA 2048 M02
2024-04-05 -
2025-05-04
a year crt.sh
*.wunderkind.co
R10
2024-08-02 -
2024-10-31
3 months crt.sh
indexww.com
WE1
2024-08-03 -
2024-11-02
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
*.ad-server.k8s.sp.ggops.com
Amazon RSA 2048 M02
2024-05-07 -
2025-06-05
a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-27 -
2024-09-24
3 months crt.sh
casalemedia.com
E5
2024-06-17 -
2024-09-15
3 months crt.sh
ids.cdnwidget.com
R11
2024-07-10 -
2024-10-08
3 months crt.sh
e.cdnwidget.com
R11
2024-07-03 -
2024-10-01
3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M03
2024-04-25 -
2025-05-23
a year crt.sh
tpc.googlesyndication.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
*.a-mo.net
R11
2024-08-12 -
2024-11-10
3 months crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-27 -
2025-02-19
a year crt.sh
elements.video
E6
2024-07-14 -
2024-10-12
3 months crt.sh
cds.connatix.com
WE1
2024-08-09 -
2024-11-07
3 months crt.sh
capi.elements.video
WE1
2024-07-11 -
2024-10-09
3 months crt.sh
capi.connatix.com
WE1
2024-07-11 -
2024-10-09
3 months crt.sh
ins.elements.video
WE1
2024-06-16 -
2024-09-14
3 months crt.sh
assets.connatix.com
WE1
2024-07-18 -
2024-10-16
3 months crt.sh

This page contains 61 frames:

Primary Page: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Frame ID: BB2CDAB9FFD6E1E8FBF9CFFC053F5054
Requests: 341 HTTP requests in this frame

Frame: https://10844217.fls.doubleclick.net/activityi;dc_pre=CNGwsaHc8IcDFYzyTAIdxhIyBw;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=1968428325;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Frame ID: 618FA39DC2031A9E30417B53110A68A6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 151635AF1BE04245AD2AFEC8517C21A1
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 2CCE50F9D5D1AADC08D3B376ED1B92CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 1FF1DBFD4B2C67D6FC3F35F47384FE96
Requests: 1 HTTP requests in this frame

Frame: https://7cc31a9cfa56fad9a4f45ece8b5e1ff4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D1921C1B0D9CE1DB61BFAF5AE01F085
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Frame ID: 118A542E2771979356FFB9DE1DC825E4
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=45764&numAds=3&cf=545.2383.Reuters%20New&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-45764-Zrqp-sAtrCqylRG89sjT9gAAADc0&responsiveHeight=1&contextfeedFrameId=2383-568&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 274C4AC293E01195AE2A2FCC163BA2E1
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: B9E2FDECFEA743FE42A666128E3FB43E
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=50378&numAds=3&cf=545.2615.Reut%20(In%20A)&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50378-Zrqp-UJReelkANlPUlDUCAAAADc0&responsiveHeight=1&contextfeedFrameId=2615-666&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 0EAC3EE92677EC372BAB955EF35627D5
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: 67A51F17364D8CE3481D6C20CA0A6328
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=10415&numAds=12&cf=545.1480.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10415-Zrqp-m3b-Bek3wv3fvqhGQAAAEE0&responsiveHeight=1&contextfeedFrameId=1480-194&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 9F12C03B983557A83A7C24CD5FB09AEE
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: C4E09B947D754D365259EC084EFB2C59
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=10165&numAds=6&cf=545.1479.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10165-Zrqp-lwBWamzejWp0_PMCgAAAAA0&responsiveHeight=1&contextfeedFrameId=1479-141&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: C758801D60A611786456973E312257CD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKRROhqEaf5NjXTcOebtrDT24Qjc3g0NczuDqL3ni-tSxsURLCsorfMoJjYoBdpONPeH5APePSo7BQggA4_gyO0YACjGiZpbedbloIsCgNXIOukXorZvUz19JM-IOcg7w6olnZTWsK-9duNw-73LOkDhVmgVCklWUf9lZjq8ArOlx-UKCmUmqVdjZ7Ilx99CSxA2DxtO0SGlfxmfSN0EtIhTIrrWf_ge9n_USpTYRs6fRACNb0N8SqIrjCeZmh1sczdImEoeppVCEw2vrgXL7e38EA7Km3Bj2ehf2653Y-MzcNprj57HOJoMA_Fat5zvOpeipnwMwKH-ix6zpcy_TpbLGuGA&sai=AMfl-YTclytgSxnWcrjIS-ptfL-nGuXpTcFPq9--3kMDDDExe-xpXV_7fqRgwGl64yDmQVd4FJMEq3LcrYtGltQgRY3wUGNFuTT_vnZB69ddnxCmtVNmmibbH57gZEKmR5o&sig=Cg0ArKJSzOsfyqUQENVMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E445B8CD7E02DAEBC77D06F5B219B878
Requests: 8 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 4D5D443975590D8F9F2E711F29C72270
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-07no?duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&euns=0&s=&us_privacy=1---&version=v2.14.3&cd=.reuters.com
Frame ID: 9845639C9DF313E05121C24E98847C76
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C1673342E910B27119371C1F6FD296A2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: A9DD3A18FE67DAFA1856C4308FC9ED6E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Frame ID: A624D9552E485942FFFE57214D05978D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4CFB20874A8ADBC2159154FF65C7A033
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=a0c430d7-4bc6-4605-a7c9-893b05a89995
Frame ID: 7E7AAB0C8B1AD8573FB849082D8C9D5C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
Frame ID: 40A28E463FD5F59FE28B70D9B98C7986
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 67C74FD0F346FF76D77978B2A3ABA86C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5FAF4A4B964E57252155524725851E36
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80NDE0NTAxYy03MGE4LTQyM2YtYjI0MS1kNTRmOWI1ODIwNzE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 0CFC6A0631F83C22D673702C1DB8ADF0
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: B1601061DFD544DCAF16411D211943EB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: EA8DD0FFC3C90D531201EA0CEC96AFEF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Frame ID: B01193FCF17E9B2430567243F2D1BB90
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss59ToDS3Sgw3aRQLYvJICV7LFmYai-2d15XwRudUUUuCilgutjzHmNDi-asfUWlEksGyW44ai26Vl9DuQqtNLIzyt6TYWLR0K6uBhPtne3_KLwPpJVGDuMfgQQMG6F-R3nbLGGApPllZ0eXvEcdLzqR2gXYusbqnxjgLpUfSfoxRH59JakWJbsK4IhJiODkW9-0FW347pwlbc8jRrMDjxBTzlCA-kejwdSX7c8XPcURIopd8wu-5jWZQE7isC4rGk3eJ9romKXSB1YRvTXt5zcaux8ZZ3I_2KLU6g4sMX955zgRw_baaYY5H7qW_uRHe00JTW7DkUx8R-IyIfOeWj_5nPe7gniLJ4sWYX8jHfMe7jB9zJpUqNAxktn6wC28CituEvPBQ&sai=AMfl-YSOm2k-7w5Zc2EP12MfXqwcroE9e1V7M_srxqFXIQ0-jnFY07WhhkwIfQaDPt5i4F3IzNWl0JHo99S0AzJ1Mw-Ccwll75curmVgl7IydDqyYviAaMGEr7Eftsp5_hM&sig=Cg0ArKJSzN3smlTadRqKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6875328E37AB6487B95B0263815EBA52
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=300x250&pubId=4711333878&chanId=22029718962&placementId=6703581563&pubCreative=138471995887&pubOrder=3240396856&cb=1576390976&custom=native&custom2=reuters_desktop_native_1&custom3=111&custom4=
Frame ID: 94F616FDB923476ABE966C71663E4461
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTxf0UKdAA4o2YVy1Ll7Ztu92A2NeA1DFY2svo-eAPPdHBD2BKbHmBgIPg49DfPXDg0K6XveaBdP-KAsCBbVy2cVbd4PYSyXDhvuKd-3V8j079OMYEdHKg2-EJ4FJEguz8c5fC0NUARMX8Qf2kcn0IDqk42Rmpos74gigzwH5SPT3fo-DFpEmmE9pTo0UTFUL3jiWzoth75nqc8t8e3SaM9-QOnF4bA7uUP6wCsfqTPB1oF4bmDUkypbMQsAfjC2yuUkg6pUtb0C2PCuWUkQHQSdo3Rz7_a5oJ3OdewVR3Q3cPsydDPKQBpLaRM7liuN9W2JxA671ihP7v0YPZvulWTXEEhZ8uWvkcBHoMBVe4g8bIwOGIJ7YkrH8i4CIws2aVCbVkWBBzUOCdVAKhjHQXfiBT4KM&sai=AMfl-YQcSoQqP1qMSZXrxG3XlGtOFn7bYKxgNcgbxAm3qbxNQTaySTIwKWXH1_c0I3Pkwbk5D3TZPwL22WnRwbo3Wf3zyGMcYyYcN0IIQnkN3-waulT9E1hj3TZHWXF6WAM&sig=Cg0ArKJSzJZ1DRp-qXMDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E28117DE44CC42860CD24ED4E24B6FCA
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Frame ID: FDDD256E64E41B5786D6946A3F0E1F7A
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=50359&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50359-Zrqp_Qi_fbD1ZsFlLLREkwAAAE40&isWaterfall=true&contextfeedFrameId=2611-667&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 39C16F462E9727AC63D57657E7202E98
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=120x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138402384520&pubOrder=3045656367&cb=852702310&custom=mpu2&custom2=reuters_desktop_right_rail_2&custom3=111&custom4=
Frame ID: 960874E5E638A872A7B7E2B45CBA7922
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: BF8C294B92FF78AD32CD2161C76F8D4D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 63A11AFF0D2680679D3CF4128108214F
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=50352&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50352-Zrqp_Qi_fbD1ZsFlLLREkwAAAE41&isWaterfall=true&contextfeedFrameId=2611-667&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 0DB7D407D26AB8CB8F274769A298D64D
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOG197ALVAh83x2LsF7ZYhLcxnQlwT9g4n_EK9WSV3QMXZHeuAMjgGLqDiVS-PNnI3z5Qr3vzf4_4bDWMSJ4XtTI8TUSEk__YAsVaSuZft9Xw1a_f4_icjCgFxhVIPYjDLKb_kxeC6B3rEXAcDz5gS391SBlDPZ7R3_FtXJ6MEUlr189iSZMvM-pEemZl0e0pgJaOURELcWT6J7qN5Np9a30E8OuISjyTnUcLbaFFM1hp0gY0h-8kxWWtWt6h1H4fz-sGjfOtWEbMigG9sbD0W2FG4ZccdsSdS54tRGInIabJU9Fy_R8waITwFRn6oJLnWn_Pot1sY4PDFSryeuC9PnhaOX4nSq40JSoyEU4mQJL4ecQ00Y70ouuJm0Eezot82gRuVP_6_OPqYT0XkrIJTI0UhVNJC9YjuRo8z81-k2Wwb_gqUW5xHbdWoCiU3d954pPBEQiMXqt9xc-nt5YoK6WPtnvTPEuWemAARGRGF&sai=AMfl-YTNpjy_yyfoABT05dt2ZXFq_VmBuRsEFokEizjeNbiPyhx4s8LM3KlHydvusQ1OJI4z1wzI_xObZeRGnoEQ1XgPXVMkZxkQvs4SixYhaURJNVweYCAH1SjHUjmGs88&sig=Cg0ArKJSzNIz69KTx9tsEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Frame ID: 0A6D5C3E90F1728249029DED9FAC4888
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=970x250&pubId=5346136462&chanId=22029718962&placementId=6481097255&pubCreative=138461204534&pubOrder=3325415747&cb=1161751658&custom=leaderboard&custom2=reuters_desktop_leaderboard_atf&custom3=111&custom4=
Frame ID: D19DDAC1D91B8A29A5788E6832CCAE2B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 24E191D7D57559B54315C168C2CB42D2
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12716696777594286866/Center_EN_Brand_HTML5_Golf_970x250/970x250.html?ev=01_252
Frame ID: EDA0128FEFD17D37721D9EBC410A6F44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html
Frame ID: 48642561F238337829EFA36C20C7548D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418260&abgtt=6&lmt=1723509245&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=32_18~30_19&aiixl=32_9~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509245262&bpp=2&bdt=115&idt=391&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&nras=1&correlator=8430018918745&frm=23&ife=4&pv=2&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=120&ish=600&ifk=2450469050&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531706%2C95331690%2C95334524%2C95334829%2C95337868%2C95338229%2C31086072%2C95339233%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1181440383859132&tmod=511896304&uas=0&nvt=1&fsapi=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.fqkzhjcowr6h&btvi=1&fsb=1&dtd=489
Frame ID: 718152DC10AB14F9A580FF3CAD19CDBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=6321033981&adk=3391077790&adf=776189450&pi=t.ma~as.6321033981&w=120&abgtt=6&fwrn=3&lmt=1723509245&format=120x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509245262&bpp=1&bdt=116&idt=408&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&prev_fmts=0x0&nras=1&correlator=8430018918745&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1128&ady=1625&biw=1600&bih=1200&isw=120&ish=600&ifk=2450469050&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531706%2C95331690%2C95334524%2C95334829%2C95337868%2C95338229%2C31086072%2C95339233%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1181440383859132&tmod=511896304&uas=0&nvt=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.ydel36ncrbju&btvi=2&fsb=1&dtd=502
Frame ID: 9656BBAD308A87D131B3F6D146114705
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 7B358E62E1780AB9407115BC54833AA8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1A48B4F497BBEC133D9F99A2AA3B5B0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D6FD11A8191CD9060D307E50E535987F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVwKpslwz2wVrigmWR7LeGvfB6LX2V8foNRoyWGCGwigCaFdCPAostPOFy1igUZTt9V3hqqlspNlz7L2VuKbiw0VdA575F3eiltWwiHKAOgx_TwlpokOiPiY75ht6o_gcX1xi4q103C8V4QfutGEAkd7Taj4YFnct7mGecxAHgdOIYsJhe1AgXISdt0cSY7Ssp8zRB8qwEX2MTJUCXuy3SGSvSh-cXxB_-HWhFfB4YwxIemGjZ5qWfZL37eBA1aypIBGMCnU6AnbBw_htnuav1fcw9ODvCJxXoYq1CRdbbub8H3KcZYvOHuq_a_9fxwbvoMkFwHFU5rBhNvzlpfaKDnhAUqQTemYC5afadEA_cTaI2hEpxIk4PnOi89l1nRy_WF3nEsP6iN2lYVdE6-cLPNJRbR_k&sai=AMfl-YSsNiUyYGNFVnrZYVbK6U8YquUoUdeTNyh_G8pVoxRX8FLPStevkBVWbS3prnjla0rl2k16D3OFG2BcGxiUQV5Swhudb3D6pnEtsed0n8CKWUTeZTp2rYZkW5RCt6o&sig=Cg0ArKJSzFnHB3Z1S5mXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 45DB42FAC4434FBF78119115365A826C
Requests: 13 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=120x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138420678142&pubOrder=3045656367&cb=1937964185&custom=mpu&custom2=reuters_desktop_right_rail_1&custom3=111&custom4=
Frame ID: 13FA24D7B91A6CFD2F65D5313E7EE096
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 6FA230B465E8776B2BA0FA115A081AEB
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 93C77E0EE0D1727852A3267C5013964E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418258&abgtt=6&lmt=1723509246&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~27_14~30_19&aiixl=29_5~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509246136&bpp=1&bdt=97&idt=23&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&nras=1&correlator=8430018918745&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=120&ish=600&ifk=2677120663&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531705%2C44795922%2C95334529%2C95334828%2C95337869%2C95338228%2C31086072%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=668571988309923&tmod=511896304&uas=0&nvt=1&fsapi=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.uo25tskh8420&fsb=1&dtd=59
Frame ID: F189928B19BA86A88F48FA4AA766B903
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=6321033981&adk=3391077790&adf=776189452&pi=t.ma~as.6321033981&w=120&abgtt=6&fwrn=3&lmt=1723509246&format=120x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509246136&bpp=1&bdt=97&idt=40&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&prev_fmts=0x0&nras=1&correlator=8430018918745&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1128&ady=393&biw=1600&bih=1200&isw=120&ish=600&ifk=2677120663&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531705%2C44795922%2C95334529%2C95334828%2C95337869%2C95338228%2C31086072%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=668571988309923&tmod=511896304&uas=0&nvt=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.v5lzvzc2a3cq&fsb=1&dtd=70
Frame ID: 30F36D5313D874FB8DB93791AC880A31
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: A926126A0C905F56C138EB559AE5E271
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC74FEB9E34EDEB283DB0A3357D14558
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D0BD837B35D3E2C0FA43F4DDE9BCEE4
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: A41806762C26466E2CAD4C1D3FFF7AE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF7FDD161F78E638100F8BEADF528C46
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A39159860164907C67C48FB5DDFCB065
Requests: 1 HTTP requests in this frame

Frame: https://cd.elements.video/player.js?cid=undefined
Frame ID: 57AD79983CD5C8BB3F61A240834FB988
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-di... HTTP 301
    https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-di... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Overall confidence: 10%
Detected patterns
  • basket.*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

488
Requests

93 %
HTTPS

30 %
IPv6

84
Domains

138
Subdomains

122
IPs

8
Countries

4815 kB
Transfer

20671 kB
Size

150
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT HTTP 301
    https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=762&optin=disabled HTTP 302
  • https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=762&optin=disabled&elqCookie=1
Request Chain 78
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 89
  • https://sb.scorecardresearch.com/cs/37296053/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 92
  • https://10844217.fls.doubleclick.net/activityi;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=1968428325;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F HTTP 302
  • https://10844217.fls.doubleclick.net/activityi;dc_pre=CNGwsaHc8IcDFYzyTAIdxhIyBw;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=1968428325;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Request Chain 94
  • https://rp.liadm.com/j?dtstmp=1723509242501&aid=a-07no&se=e30&duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1723509242501&aid=a-07no&se=e30&duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg&i6=MjAwMTphYzg6NDA6MWQ6OjFl&n3pc=true
Request Chain 104
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=pX6xcf%2F%2F%2FwgtYa0gWU7n%2Fu6JSAjDaC0bS0fAiFIvrj4%3D
Request Chain 106
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reuters.com%2F&domain=www.reuters.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Nr6Lenx2Wm9kdHNJRHRDQ25DRlN6RjlCQ29PWUJMb1U1VWpDc2hVMEJobE5XN0IwdHNrR1pVeEFRaDJ1cGRuLzNIRUdqRlVWcmRCVXBSam4yeWNnUmwzV1NRK0s1cjFibnpQN01UT3lxTFRwQlh2UjVHSCsrK3ptTzl1Y0prRjhSUmJaWmdjYlJHY3gwNzhhRS9HdlBjWFVpbk5RcWJHZmdVZXAvOTFId3k4ZE9JL3oyOW9yaHlTZ2JndmhDSXY2ZDY0NThGWGdwN3J0UkcwSzAvNjVrV3VMV05XbUE4RmZ0eCsrdUhuNzFMVEd0dHFsOU0vZGEzaGlMcmV4WlhId2RKZ3I3fA&cppv=2
Request Chain 124
  • https://sb.scorecardresearch.com/b?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723509242980&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723509242980&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9=
Request Chain 177
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&adnxs_id=6058041479265940066&gdpr=0
Request Chain 178
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723509243-T0ZB54BD-1QAD&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
Request Chain 181
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723509243-T0ZB54BD-1QAD&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723509243-T0ZB54BD-1QAD&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=331db1b0-a1fa-4f79-8ad1-1bf44137f043%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001723509243-T0ZB54BD-1QAD%252526tapad_id%25253D331db1b0-a1fa-4f79-8ad1-1bf44137f043%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a0c430d7-4bc6-4605-a7c9-893b05a89995&ttd_puid=331db1b0-a1fa-4f79-8ad1-1bf44137f043%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001723509243-T0ZB54BD-1QAD%2526tapad_id%253D331db1b0-a1fa-4f79-8ad1-1bf44137f043%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&tapad_id=331db1b0-a1fa-4f79-8ad1-1bf44137f043
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723509243-T0ZB54BD-1QAD HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&google_gid=CAESEHEYURXME0TjzzBOkIjK8wk&google_cver=1&google_ula=450542624,0
Request Chain 183
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723509243-T0ZB54BD-1QAD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwOTI0My1UMFpCNTRCRC0xUUFE
Request Chain 184
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&impr_uid=b11367b5-d99b-4a47-b2f1-fc0e34ad04ba
Request Chain 185
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723509243-T0ZB54BD-1QAD HTTP 302
  • https://ids.ad.gt/api/v1/amo_match?turn_id=3629956221129028175&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
Request Chain 236
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3665108441268306000V10
Request Chain 268
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=a0c430d7-4bc6-4605-a7c9-893b05a89995
Request Chain 274
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/92145?id=3060b713-2f20-439d-aa81-86de87c2d06f&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Request Chain 275
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=6058041479265940066
Request Chain 287
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=1--- HTTP 302
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=d4250aa9-51be-44d5-ae43-81cf35b58400
Request Chain 290
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Request Chain 350
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=aa0fc3fb-e92b-44d2-9c28-496ce6dd0b3f
Request Chain 465
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0

488 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Redirect Chain
  • https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT
  • https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
593 KB
66 KB
Document
General
Full URL
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
95bb51aaec5baf9af95d4710807c5eddf5e207349db89a265ae15a44a3487ecd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 00:34:01 GMT
etag
W/"930ec-mung6zCN05pPcMC9ES9rZwUAr+0"
expires
Tue, 13 Aug 2024 00:35:01 GMT
last-modified
Tue, 13 Aug 2024 00:26:22 GMT
report-to
{"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
server
openresty
server-timing
cdn-cache; desc=HIT edge; dur=15 origin; dur=0 ak_p; desc="1723509241185_386099223_41986664_1547_8040_1_0_-";dur=1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-akamai-transformed
9 64021 0 pmb=mRUM,2
x-amz-cf-id
QkIIrgFj-heVz7PLji-8x9IaEdustbXN4XsJ8a0hKOhEtHwhFEuUPA==
x-amz-cf-pop
NRT12-P5
x-arc-pb-request-id
2e9fdb7a-0dd8-4313-8dc8-486a8fed3954 62ba6090-6efd-45fa-8ddf-e58d900b4fb8
x-arc-request-id
0.17680317.1723509241.280aa68
x-arc-ttl
-1
x-cache
Miss from cloudfront

Redirect headers

cache-control
private, max-age=60
content-length
166
content-security-policy
frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
content-type
text/html
date
Tue, 13 Aug 2024 00:34:01 GMT
expires
Tue, 13 Aug 2024 00:35:01 GMT
location
/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
report-to
{"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=512 origin; dur=4 ak_p; desc="1723509240629_386099204_54951530_51571_6980_1_0_-";dur=1
strict-transport-security
max-age=31536000
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-id
jrc0bta8ELZHDeEhQzx3pmWMnnw1YSGlER-pWmo9_jJTZ4VKDlevSg==
x-amz-cf-pop
NRT12-P5
x-arc-request-id
0.4680317.1723509240.3467e6a
x-arc-ttl
-1
x-cache
Miss from cloudfront
index.js
www.reuters.com/pf/resources/dist/reuters/js/
201 KB
52 KB
Script
General
Full URL
https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ea57209d83b887799897a609dcaa1e3833559ee5604083b5a877b8d09886b62f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.17680317.1723509241.280a934
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241253_386099223_41986356_21_7237_1_0_-";dur=1
content-length
52813
last-modified
Thu, 08 Aug 2024 14:08:18 GMT
server
openresty
etag
W/"d1e813b7bf5a37b035f55d6ecfbe4b97"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-arc-ttl
31536000
cache-control
public, max-age=31536000
x-amz-cf-id
j4L6HjY-e3J23avqKeSr4LwqV-Zf4FsKk21Dn8DIqoQ9NF4ll9qLsA==
expires
Wed, 13 Aug 2025 00:34:01 GMT
p.min.js
www.reuters.com/arc/subs/
119 KB
25 KB
Script
General
Full URL
https://www.reuters.com/arc/subs/p.min.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbdf2a38caf189ac22e81145825d2fcc067aceadcc641dd93cb0b5c08bb4c2d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
gfytwwJTXxto8ShpnoKr88TJWLONg3WU
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509241.3467e48
x-cache
Miss from cloudfront
server-timing
ak_p; desc="1723509241248_386099204_54951496_96_8352_1_0_-";dur=1
content-length
24936
last-modified
Mon, 12 Aug 2024 19:23:22 GMT
server
AmazonS3
etag
W/"31b14345d2aa68b10c013946391c749d"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
content-type
application/javascript
x-arc-ttl
48
cache-control
public, private, max-age=48
x-amz-cf-id
cT0K7jHY11jgsWVJQ1ecNZyQq7DpJ7zvby6_PJUlXHACZTAbw4hp3g==
expires
Tue, 13 Aug 2024 00:34:49 GMT
react.js
www.reuters.com/pf/dist/engine/
293 KB
93 KB
Script
General
Full URL
https://www.reuters.com/pf/dist/engine/react.js?d=207
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
f1c8051bb7e652b262a63f1eee66303294ec06c18c905c40a047383a20edda5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.17680317.1723509241.280abd7
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241298_386099223_41987031_36_7157_1_2_-";dur=1
content-length
94736
last-modified
Thu, 08 Aug 2024 14:08:19 GMT
server
openresty
etag
W/"65478869f30a51f929d2e0d23c779ed4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
x-amz-cf-id
UkfLIgvKQKiYtRFka7n9uYwsPKiT6DVUa_ZRQqgaiNHt0G2pZK4UWQ==
expires
Wed, 13 Aug 2025 00:34:01 GMT
article.js
www.reuters.com/pf/dist/components/combinations/
2 MB
479 KB
Script
General
Full URL
https://www.reuters.com/pf/dist/components/combinations/article.js?d=207
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
dcd3508ddea2fb0e5b18608d9a8210a7ae4af09e0b93561e6eb4e48a7af50bdc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4680317.1723509241.3467e70
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241295_386099204_54951536_27_7502_4_0_-";dur=1
content-length
488877
last-modified
Thu, 08 Aug 2024 14:08:19 GMT
server
openresty
etag
W/"b007e43fbb0e884b28b5d3259d7ada67"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
x-amz-cf-id
5NMykx4PIntB52NMwrScwS1HuaoPkZOhQI5cZ3iZYsdrn6oKQ0JyJQ==
expires
Wed, 13 Aug 2025 00:34:01 GMT
article.css
www.reuters.com/pf/dist/components/combinations/
303 KB
38 KB
Stylesheet
General
Full URL
https://www.reuters.com/pf/dist/components/combinations/article.css?d=207
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
8bce13fdc604cb862198eb7f204e2121f6a40333810a4154215ff45c07857cc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4680317.1723509241.3467eac
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241238_386099204_54951596_33_9128_2_0_-";dur=1
content-length
38172
last-modified
Thu, 08 Aug 2024 14:08:19 GMT
server
openresty
etag
W/"b0d1c34750a68a2753ca8742b392e512"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-arc-ttl
31536000
cache-control
public, max-age=31536000
x-amz-cf-id
VhL-MEYeHsUt2SbF5DIK8VwmUv8niSiY-dnTeZC8ilAPTtC72Qi8bA==
expires
Wed, 13 Aug 2025 00:34:01 GMT
style.css
www.reuters.com/pf/resources/dist/reuters/css/
15 B
799 B
Stylesheet
General
Full URL
https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=207
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
6d6068180a5c710c68c8ee0e290cb9b37b3450492d3f9e3ae46083deb152fbcf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4680317.1723509241.3467ee9
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241241_386099204_54951657_24_8628_1_11_-";dur=1
content-length
35
last-modified
Thu, 08 Aug 2024 14:08:18 GMT
server
openresty
etag
"3c7253c0b17971959285c18f6eea6509"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-arc-ttl
31536000
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yzRNbjfXz203Gaz_jrYPElOkBiLM1acXOOlcbukf7BIUZysBZYXZmw==
expires
Wed, 13 Aug 2025 00:34:01 GMT
reuters.js
tru.am/scripts/custom/
749 B
1 KB
Script
General
Full URL
https://tru.am/scripts/custom/reuters.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33eb92d91ab56940b23fbe85241ed60ee72464255a9b50dd949c472e48be928

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1408170
x-guploader-uploadid
ABPtcPqbT8VFtGd3X-2YT5Tpj9EnWwWTdElg0hbIEb3oQOQ-zvP35-UAsjwo-rOBJCl6u5a84xt-tJNTIw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 20 Sep 2023 17:10:10 GMT
server
cloudflare
etag
W/"6321b656b97e96b22c1064f3ab2db369"
vary
Accept-Encoding
x-goog-hash
crc32c=fdtiSQ==, md5=YyG2Vrl+lrIsEGTzqy2zaQ==
x-goog-generation
1695229810364294
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=87IBtRH1UTuNPJ%2By6u8goP1gNLkGnsfR3SLZA%2BIgfKqlR8fKUYwiTp%2BQQ7TNv977snl5m27F0X1Ts%2BScGTnCL%2B2m%2BPNNtCYCm1y9yi3kjg2XHEeaU5bavSohbQCDfwpcmC%2BRJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
x-goog-stored-content-length
749
cf-ray
8b249df61d25f6c1-NRT
expires
Sun, 27 Jul 2025 17:22:31 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Wbr2pAeg61Hfi+2FuD0cYA==
age
16603
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Mon, 12 Aug 2024 16:54:52 GMT
server
cloudflare
etag
0x8DCBAEF7C83B20A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c4e76802-d01e-0101-58e8-ecd422000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b249df5bc80f5a7-NRT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202405.1.0/
450 KB
109 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
FvJhOHkAv4E9FRANYIql4g==
age
8611
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
111551
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:01:48 GMT
server
cloudflare
etag
0x8DCA5E2E4131AEC
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1588e6db-901e-0002-1ccc-d79170000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b249df5bc82f5a7-NRT
https%3A%2F%2Farchive-images.prod.global.a201836.reutersmedia.net%2F2021%2F05%2F16%2FLYNXNPEH4F0DI-OCATC.JPG
www.reuters.com/resizer/v2/
26 KB
26 KB
Image
General
Full URL
https://www.reuters.com/resizer/v2/https%3A%2F%2Farchive-images.prod.global.a201836.reutersmedia.net%2F2021%2F05%2F16%2FLYNXNPEH4F0DI-OCATC.JPG?auth=28572ba9ea2d8b479c8853b71b8b775ef1a414bd6b41290aa14fc4bf73481cc7&width=640&quality=80
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7ccdf8f4143f8144ed0c03cbc9d351fb85718fcf89b5ad9d70b41deee2d44222
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-arc-request-id
0.4680317.1723509241.3467e79
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241242_386099204_54951545_78_14397_4_0_-";dur=1
content-length
26211
last-modified
Thu, 08 Aug 2024 03:43:26 GMT
server
Akamai Image Manager
etag
"cee90bcdab2f5c667579441845f97ea5"
report-to
{"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=31115350
x-amz-cf-id
Huw13Y7NH0BXgGpIeka3esI-g2JgliZuwjKVbzv308JmjmYW7b2d5w==
expires
Fri, 08 Aug 2025 03:43:11 GMT
gtm.js
www.googletagmanager.com/
279 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1229c290a9a1cc7d666da220eb745e15550f61a67538415cba594a4ebd52fa89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95432
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 00:34:01 GMT
GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
s.go-mpulse.net/boomerang/
202 KB
51 KB
Script
General
Full URL
https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a00:6a3::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Mon, 17 Jun 2024 05:21:43 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
knowledge-bold.woff2
www.reuters.com/static/fonts/knowledge/
18 KB
19 KB
Font
General
Full URL
https://www.reuters.com/static/fonts/knowledge/knowledge-bold.woff2
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fceb9ef8db2a2793edb4cad84716b12c3eac8d25e543598b53dd5f6b44cef5e

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
GCfLjdtW4OIcOjKNOWieNq.n5cgF9ogm
date
Tue, 13 Aug 2024 00:33:34 GMT
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P5
age
28
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
18776
last-modified
Thu, 08 Aug 2024 19:52:17 GMT
server
AmazonS3
etag
"10a65819df66989fcf3386c18b1aede9"
vary
Accept-Encoding, Origin
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
HVB1EjqTr2321xuVhZNgu0NEtQrE2ktXZDt9f5euhWNzd489OwoSvA==
knowledge-medium.woff2
www.reuters.com/static/fonts/knowledge/
19 KB
20 KB
Font
General
Full URL
https://www.reuters.com/static/fonts/knowledge/knowledge-medium.woff2
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34eca4293b3f87a1abd31c2c4c1623a12d42384698d1805e39a8a198b698c723

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
DbS1RouMfZpEEd.GA7G7UVkb2n6NFvOr
date
Tue, 13 Aug 2024 00:32:10 GMT
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P5
age
112
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
19804
last-modified
Tue, 02 Jul 2024 14:37:41 GMT
server
AmazonS3
etag
"166d13b9ba7aa0d3b4996c951e8b1841"
vary
Accept-Encoding, Origin
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
sDYf-sr_kjSoWyGzMVV22TJIHx8I3xB7YtQTC5c9obbB6XGAvJt9Xw==
knowledge-regular.woff2
www.reuters.com/static/fonts/knowledge/
19 KB
20 KB
Font
General
Full URL
https://www.reuters.com/static/fonts/knowledge/knowledge-regular.woff2
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdf1aead5ad82438cbd2105c1884c7889f0b3d8fd6870f40c1066b5f821ff180

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6Q0pb79f6Dmkb3NVdvA6sJ.1DRC_2SRX
date
Tue, 13 Aug 2024 00:32:27 GMT
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P5
age
95
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
19676
last-modified
Thu, 08 Aug 2024 19:52:17 GMT
server
AmazonS3
etag
"d7bef618d45c11f8acda99f68be70e79"
vary
Accept-Encoding, Origin
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
P1sPYH2I2j_Pm85WHaj5lz6pnp-xVGlOZwgF_WwgtL6ubD1aUHA2Jw==
f5805236156d0cce9f4b89727f9c6f459ab2.js
scaredsnakes.com/j/
72 KB
25 KB
Script
General
Full URL
https://scaredsnakes.com/j/f5805236156d0cce9f4b89727f9c6f459ab2.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9fdde46722c356245515ab09100065679c75e804e922fcc602284d9018794ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=15724800; preload
cf-cache-status
MISS
x-buildnumber
1389703183
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
etag
W/"22d999d288fafa817e13f43c165dcd4e08c6b244811768a13805fdac61ac4add"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-asia-east1-test-4hfj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
cf-ray
8b249df6aef23469-NRT
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
12319
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1cbc1a24-b01e-0048-511f-2424b4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b249df68dbdf5a7-NRT
analytics.min.js
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/
103 KB
28 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6094d38d7fe9480541d52a653499ff659b068815ca85351a654839a020bad839

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
4g1zXPcizD7i6SabuHtuX5PuGoUxSXyx
content-encoding
br
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:32:59 GMT
x-amz-cf-pop
NRT20-C1
age
72
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 30 Jul 2024 22:08:40 GMT
server
AmazonS3
etag
W/"3b8de7eb206b03cfdc5b157010ac6735"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
nErnI4o0h0ZFMuQ8bKjgkMFgawEHjlJ9kHNTyp6Wy3pqCRK5iZgoJw==
elqCfg.min.js
img.en25.com/i/
6 KB
3 KB
Script
General
Full URL
https://img.en25.com/i/elqCfg.min.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.99.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-99-108.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 13 Aug 2024 00:34:01 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection
keep-alive
Content-Length
2183
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 12 Jul 2024 05:36:33 GMT
ETag
"5fbd42741dd4da1:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Tue, 13 Aug 2024 00:34:01 GMT
38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/
7 KB
3 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fd832eec514aac44b1f2b8cc6540ed6f8259e41c96fa5c05324317f2842cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
36278
content-md5
zfXKHr0ebpIk50Hmp1jBtw==
content-length
2066
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jul 2024 14:27:51 GMT
server
cloudflare
etag
0x8DCACB5F6DCDFED
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b2f8a87-801e-00f3-6b9e-de40e3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b249df6fee9af6a-NRT
expires
Wed, 14 Aug 2024 00:34:01 GMT
ta-pagesocial-sdk.js
tru.am/scripts/
27 KB
11 KB
Script
General
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1403972
x-guploader-uploadid
ABPtcPocCf3-XdHIXuYP_SWHp78PdiwyUhR8UCRUwWP7toL-dIWot4bTWaUsmR18tklA62kd9wjVib85Bw
x-goog-storage-class
REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Jul 2022 07:45:14 GMT
server
cloudflare
etag
W/"2925c8da90d1d29f7899fa52629fe37d"
vary
Accept-Encoding
x-goog-hash
crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation
1658389514760491
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mZU7Y%2F1FAf%2FOiJg8Ozyk7409gMQ6DCM8LppnHYPk5VJh4CGMmXH%2BMJ56NwDn0sZtkaDQPsXN2nQp00y0z4p4wSCm9GjVzR6PEMUbv0%2F%2Fia2UcG%2FqqXe4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
x-goog-stored-content-length
27860
cf-ray
8b249df6fb9b687c-NRT
expires
Sat, 27 Jul 2024 18:34:39 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
70 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fworld%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
0ff7fbfd839ac9dbeacd1e1226bb8905325f9a8c0ee0dff5d82bc232fb0fba06
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
49225222-10eb-466c-adc7-6d5b7238fda6, 49225222-10eb-466c-adc7-6d5b7238fda6
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509241.3467f1f
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241681_386099204_54951711_17_7577_1_3_-";dur=1
content-length
4852
last-modified
Tue, 13 Aug 2024 00:31:34 GMT
server
openresty
etag
W/"11759-YAgF7uR0EdB5LmeEvmwfuchzqiM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
282
cache-control
max-age=154
x-amz-cf-id
w2YFz4uZy_nOZy0EtBOLk9e7Nxcq0FMo-sEVST9rLdomU3lYpiaYnQ==
expires
Tue, 13 Aug 2024 00:36:35 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
61 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fbusiness%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
8df14e12641582027690285d2ed7398de091a3335383d547468969fc42683b14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
cc15e02e-6263-4d6c-8b06-4dca43d2fec3, cc15e02e-6263-4d6c-8b06-4dca43d2fec3
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280abfd
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241684_386099223_41987069_19_7612_1_2_-";dur=1
content-length
4193
last-modified
Tue, 13 Aug 2024 00:31:35 GMT
server
openresty
etag
W/"f5bd-sFAhJtXIHtelbP3oblk7ajaAdmo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
258
cache-control
max-age=154
x-amz-cf-id
8_zEhFSPkocZJV3H_uE-TP17OKMD7Y-2ALqDmPLCx-MiJbxcQSQTKg==
expires
Tue, 13 Aug 2024 00:36:35 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
78 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fmarkets%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
29c511fefca64e798e43f8d5460e9a164333d9c3b3f2505e363c4c645e2bfd08
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
9943e7a6-b621-4827-aa36-970118260b09, 9943e7a6-b621-4827-aa36-970118260b09
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280abff
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241687_386099223_41987071_22_7788_1_2_-";dur=1
content-length
4422
last-modified
Tue, 13 Aug 2024 00:28:32 GMT
server
openresty
etag
W/"1392d-sy1TJnCLQxhb1VzVdFuAbxWrUmA"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
120
cache-control
max-age=38
x-amz-cf-id
kb7z0LbBtQ2G6JCZGDY41YjzPwFwRHsDnaFuX2WikEqe3PKEXSaoLw==
expires
Tue, 13 Aug 2024 00:34:39 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
62 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fsustainability%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1d02097681394ad6eef93d032c5f044141e6b89131fbbe0a0ee88d39f5713fa8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
87cd31cb-1a52-4f19-b356-213a2878c55b, 87cd31cb-1a52-4f19-b356-213a2878c55b
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509241.3467d37
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241686_386099204_54951223_15_7907_1_0_-";dur=1
content-length
4743
last-modified
Tue, 13 Aug 2024 00:32:41 GMT
server
openresty
etag
W/"f688-lYslgs1fjw7op41LD3e76lxwYdo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
254
cache-control
max-age=221
x-amz-cf-id
CgiYaJ54yETkw_ZsNK2Nb7XLUJ4IOL_kPKuHfo1LtXpLMR-n6bU1uQ==
expires
Tue, 13 Aug 2024 00:37:42 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
62 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Flegal%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ac6eaae89e3bb38cc362917c72836b2bf2484901208a5c608577e9afd3f90055
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
e729b9ad-c32d-43e5-926b-51bc6aa83f95, e729b9ad-c32d-43e5-926b-51bc6aa83f95
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280ac01
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241691_386099223_41987073_20_9627_1_3_-";dur=1
content-length
4571
last-modified
Tue, 13 Aug 2024 00:29:41 GMT
server
openresty
etag
W/"f68a-ggx8MlNMm8o8X8t6pO/mnVmeOlI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
249
cache-control
max-age=41
x-amz-cf-id
-Pa9Q0TLiMfD4QJPhoNBFAQ5jLx6peMqx2a7poQMKcnHfmwHMxL8fw==
expires
Tue, 13 Aug 2024 00:34:42 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
62 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fbreakingviews%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
b0cec1148d29c292b051ef4b8a5f07b423aa9ad71626d5aa4145776dddd05ea6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
53392970-368d-46ab-a0b3-e107deaa55d4, 53392970-368d-46ab-a0b3-e107deaa55d4
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280ab3d
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=158, origin; dur=0, ak_p; desc="1723509241683_386099223_41986877_15773_8763_1_0_-";dur=1
content-length
4634
last-modified
Tue, 13 Aug 2024 00:29:13 GMT
server
openresty
etag
W/"f8a1-zRUNshw+p3K5Rn1j5Icwzdd5e40"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
60
cache-control
max-age=13
x-amz-cf-id
xQ_LnYOuugV3j_lFHLNzjQ-v9KX_2UEFK2e2Un__l20L99oVvjkRFA==
expires
Tue, 13 Aug 2024 00:34:14 GMT
recent-stories-by-sections-v1
www.reuters.com/pf/api/v3/content/fetch/
71 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Ftechnology%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
05cd6b59b9bd19aab8ea512f132c22843b1f75c3d7c99dc159fbd2c39fcd9f79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
5d64347d-7d37-4421-91b3-d8f47048a527, 5d64347d-7d37-4421-91b3-d8f47048a527
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509241.3467f26
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241683_386099204_54951718_20_6225_3_11_-";dur=1
content-length
4719
last-modified
Tue, 13 Aug 2024 00:29:53 GMT
server
openresty
etag
W/"11b04-En6mgVEZrS2M9T3XEOeDv6gZ/Xw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
225
cache-control
max-age=53
x-amz-cf-id
1nVQfmqL2aQyFke47j1OnRNxohbF3Ab_SnKrEzAFC5hOKrHnjyK9hQ==
expires
Tue, 13 Aug 2024 00:34:54 GMT
articles-by-trends-v1
www.reuters.com/pf/api/v3/content/fetch/
79 KB
6 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/articles-by-trends-v1?query=%7B%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
edb21f70af1b43062153b4463a6ae8da1d7825246d5a62d6dea0f9e31a64e495
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
37b216fc-ddfe-418b-a6f1-c11acf981a27, 37b216fc-ddfe-418b-a6f1-c11acf981a27
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509241.3467f21
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241684_386099204_54951713_16_6593_1_2_-";dur=1
content-length
5633
last-modified
Tue, 13 Aug 2024 00:33:28 GMT
server
openresty
etag
W/"13d32-0XgmuW6NSv6N2yEC0Ois6mZ2w+M"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
277
cache-control
max-age=267
x-amz-cf-id
CbHkmxSU62R1xkBaGn8_ENA89CRiLp5QeBFLQ0S2UxVqqa9WQa5aPA==
expires
Tue, 13 Aug 2024 00:38:28 GMT
site-hierarchy-by-name-v1
www.reuters.com/pf/api/v3/content/fetch/
25 KB
4 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/site-hierarchy-by-name-v1?query=%7B%22hierarchy_name%22%3A%22Website%22%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
568bb32cad39bd6e3e0494542374ce2b70d2917a4145766ddbe37d96e7256162
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

If-Modified-Since
1723508612705
Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
7ae9b8d1-c77f-4c65-9f40-bf77074ff4f8, 7ae9b8d1-c77f-4c65-9f40-bf77074ff4f8
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280a886
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241684_386099223_41986182_16_8371_6_0_-";dur=1
content-length
3825
last-modified
Tue, 13 Aug 2024 00:28:32 GMT
server
openresty
etag
W/"630e-OMR1Q4uFHU1KnwWmMbIfHXfc89s"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
205
cache-control
max-age=0
x-amz-cf-id
6RdYLZ6uQdJNhN6qzqp-wTGozZ_-vIlsG01hDNdKlTWDHfS3Rg0mog==
expires
Tue, 13 Aug 2024 00:34:01 GMT
articles-by-section-alias-or-id-v1
www.reuters.com/pf/api/v3/content/fetch/
93 KB
7 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/articles-by-section-alias-or-id-v1?query=%7B%22fetch_type%22%3A%22collection_or_section%22%2C%22section_id%22%3A%22%2Ftechnology%2F%22%2C%22size%22%3A6%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
da535d10affe3aa479b98b6e9d7ac53fffed080af75cebfdbe56a1de7125c4e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

If-Modified-Since
1723508686526
Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
79f73141-0008-4492-9b2f-1857120e8621, 79f73141-0008-4492-9b2f-1857120e8621
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509241.3467f28
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1723509241699_386099204_54951720_928_7828_1_1_-";dur=1
content-length
6413
last-modified
Tue, 13 Aug 2024 00:29:47 GMT
server
openresty
etag
W/"173c1-gCkdbY+YbQjO4enelBLuiUfzmDE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
241
cache-control
max-age=47
x-amz-cf-id
RfZmun1cfHt9f_7z6u70ZVvFNUcI9XDXlLriIRQ44t-aqYSM6extjw==
expires
Tue, 13 Aug 2024 00:34:48 GMT
images-by-alias-v1
www.reuters.com/pf/api/v3/content/fetch/
23 KB
2 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/images-by-alias-v1?query=%7B%22alias%22%3A%22lseg_image%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
417ff167413bf025775395a6e15697366cc5682a0817c335974a8e3f0ca72371
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

If-Modified-Since
1723508612729
Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
e94b609c-7d2d-49ef-87a5-a4f9b1da6871, e94b609c-7d2d-49ef-87a5-a4f9b1da6871
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280ac08
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241705_386099223_41987080_22_7570_0_1_-";dur=1
content-length
1266
last-modified
Tue, 13 Aug 2024 00:28:32 GMT
server
openresty
etag
W/"5dfb-ynZEdR5Zs6607VmuHYPpiEUnTxA"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
120
cache-control
max-age=61
x-amz-cf-id
qsmzTSJORWBBdqSGUDsjMPUfd0Q3vDGYkK0fcNAI6jOCSWoONEc1cw==
expires
Tue, 13 Aug 2024 00:35:02 GMT
contextfeed.js
www.dianomi.com/js/
298 KB
46 KB
Script
General
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd1589f452fb979ca876d514c0560ce0504047e6845b3fb70316104e3cde439
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
0
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 05 Aug 2024 13:58:20 GMT
server
cloudflare
etag
W/"4a9e8-61ef011dd6fc8"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
8b249df89cd080cf-NRT
expires
Tue, 13 Aug 2024 00:36:01 GMT
video-channel-by-id-v1
www.reuters.com/pf/api/v3/content/fetch/
104 KB
11 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/video-channel-by-id-v1?query=%7B%22id%22%3A%22d45538fb92ef02a065c15e16d3dd6a297c2ae7d7%22%2C%22region%22%3A%22US%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
52a83bcc3f0b4331fd5316545c1de035905bb3a6d53c9f8286f1ee1fa1f441b3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

If-Modified-Since
1723508641611
Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
1e2b6b0e-97c8-464a-8e29-83800dbf3bf1, 1e2b6b0e-97c8-464a-8e29-83800dbf3bf1
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280ac0a
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=161, origin; dur=0, ak_p; desc="1723509241706_386099223_41987082_16113_8059_1_4_-";dur=1
content-length
10151
last-modified
Tue, 13 Aug 2024 00:29:01 GMT
server
openresty
etag
W/"1a102-WV9ngcQwXVHbWOp/9dn+KnIOqFI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
120
cache-control
max-age=97
x-amz-cf-id
4-pMrZNPdEvk8NfaAYKbO5sKt9XErAncklrtATlYGxeSB4JF-FG_7Q==
expires
Tue, 13 Aug 2024 00:35:38 GMT
articles-by-section-alias-or-id-v1
www.reuters.com/pf/api/v3/content/fetch/
102 KB
7 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/articles-by-section-alias-or-id-v1?query=%7B%22fetch_type%22%3A%22section%22%2C%22orderby%22%3A%22last_updated_date%3Adesc%22%2C%22section_id%22%3A%22%2Ftechnology%2F%22%2C%22size%22%3A6%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
38b3f3657c028f7947ece595a204ff2c879bc4c0254da2c94eb125ae79762977
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

If-Modified-Since
1723508627508
Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
055f7007-1e8c-454f-a290-194f7fd8f4c4, 055f7007-1e8c-454f-a290-194f7fd8f4c4
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.17680317.1723509241.280ac0d
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1723509241717_386099223_41987085_665_7937_1_2_-";dur=1
content-length
6412
last-modified
Tue, 13 Aug 2024 00:28:47 GMT
server
openresty
etag
W/"19757-wnCICerW+TnxQoGe4s/auUVNDns"
vary
accept-encoding
content-type
application/json; charset=utf-8
x-arc-ttl
120
cache-control
max-age=60
x-amz-cf-id
RX13633PrTqpHYE_EUsXycrYud10KUIKkHABHXYcf3H8uUQylNRaMw==
expires
Tue, 13 Aug 2024 00:35:01 GMT
https%3A%2F%2Farchive-images.prod.global.a201836.reutersmedia.net%2F2021%2F05%2F16%2FLYNXNPEH4F0DI-OCATC.JPG
www.reuters.com/resizer/v2/
26 KB
0
Image
General
Full URL
https://www.reuters.com/resizer/v2/https%3A%2F%2Farchive-images.prod.global.a201836.reutersmedia.net%2F2021%2F05%2F16%2FLYNXNPEH4F0DI-OCATC.JPG?auth=28572ba9ea2d8b479c8853b71b8b775ef1a414bd6b41290aa14fc4bf73481cc7&width=640&quality=80
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7ccdf8f4143f8144ed0c03cbc9d351fb85718fcf89b5ad9d70b41deee2d44222
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Tue, 13 Aug 2024 00:34:01 GMT
content-security-policy
frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P5
x-arc-request-id
0.4680317.1723509241.3467e79
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509241242_386099204_54951545_78_14397_4_0_-";dur=1
content-length
26211
last-modified
Thu, 08 Aug 2024 03:43:26 GMT
server
Akamai Image Manager
etag
"cee90bcdab2f5c667579441845f97ea5"
report-to
{"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
content-type
image/avif
x-arc-ttl
31536000
cache-control
private, no-transform, max-age=31115350
x-amz-cf-id
Huw13Y7NH0BXgGpIeka3esI-g2JgliZuwjKVbzv308JmjmYW7b2d5w==
expires
Fri, 08 Aug 2025 03:43:11 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
314 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
291ac3898f3f28bd32810a5ef0f380363afee480e535632f0254da751f775c63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8b249df8bb9c3c15-NRT
access-control-allow-headers
Content-Type
entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/
95 B
997 B
XHR
General
Full URL
https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:7693 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload

Request headers

Cache-Control
no-store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Referer
https://www.reuters.com/

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000 ; preload
max-age
900
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-allow-origin
https://www.reuters.com
x-arc-ttl
-1
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-arc-request-id
0.93252d17.1723509241.6637d7d
access-control-allow-headers
Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
expires
Tue, 13 Aug 2024 00:34:02 GMT
entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame
0
0
Preflight
General
Full URL
https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:7693 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin
https://www.reuters.com
access-control-max-age
7200
cache-control
max-age=0, no-cache, no-store
date
Tue, 13 Aug 2024 00:34:01 GMT
expires
Tue, 13 Aug 2024 00:34:01 GMT
pragma
no-cache
strict-transport-security
max-age=31536000 ; preload
x-arc-request-id
0.93252d17.1723509241.6637cfa
x-arc-ttl
-1
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
75 B
245 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19aab8d6e42cc4d6e44909cfffe27ffda20bc671425389fe5d3cdd6dcd83c2e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
8b249df90cac80cc-NRT
vary
Accept-Encoding
content-type
text/javascript
svrGP.aspx
s2124157686.t.eloqua.com/visitor/v200/
Redirect Chain
  • https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappe...
  • https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-di...
49 B
448 B
Image
General
Full URL
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=762&optin=disabled&elqCookie=1
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
HTTP/1.1
Server
192.29.13.138 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Tue, 13 Aug 2024 00:34:02 GMT
X-Content-Type-Options
nosniff
Content-Type
image/gif
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
49
X-Xss-Protection
1; mode=block
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Tue, 13 Aug 2024 00:34:02 GMT
X-Content-Type-Options
nosniff
Content-Type
text/html; charset=utf-8
Location
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=762&optin=disabled&elqCookie=1
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
461
X-Xss-Protection
1; mode=block
Expires
-1
skeleton.gif
static.adsafeprotected.com/
43 B
482 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=tdaadh_728x90_
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
DrndklWva8XjUoF__-9R8vWqOrra_XXcjTuh0v72sVXK70UKc6qKdA==
pubfig.min.js
a.pub.network/reuters-com/
151 KB
49 KB
Script
General
Full URL
https://a.pub.network/reuters-com/pubfig.min.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
892331505e4a765c86728fa0a8e183eb60267192537f8bfed4afa1e836589b90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
10658
x-guploader-uploadid
AHxI1nM22ELzoF2v4EC-AdH4kmjggvbTcU6QW7qNjg6QXppIojG9EEYU-i8fVl4xs1yn5gXouyVD8FUjqA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 12 Aug 2024 19:07:08 GMT
server
cloudflare
etag
W/"57201fe96a05525db963a16a07301ea0"
vary
Accept-Encoding
x-goog-hash
crc32c=oolPAA==, md5=VyAf6WoFUl25Y6FqBzAeoA==
x-goog-generation
1723489628352389
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=1800
x-goog-stored-content-length
154361
access-control-expose-headers
*
cf-ray
8b249df95e9cca1f-NRT
link
<https://d.pub.network/v2/sites/reuters-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Tue, 13 Aug 2024 01:04:01 GMT
entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/
95 B
993 B
XHR
General
Full URL
https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:7693 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload

Request headers

Cache-Control
no-store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Referer
https://www.reuters.com/

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000 ; preload
max-age
900
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-allow-origin
https://www.reuters.com
x-arc-ttl
-1
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-arc-request-id
0.93252d17.1723509242.6637de9
access-control-allow-headers
Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
expires
Tue, 13 Aug 2024 00:34:02 GMT
entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame
0
0
Preflight
General
Full URL
https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:7693 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin
https://www.reuters.com
access-control-max-age
7200
cache-control
max-age=0, no-cache, no-store
date
Tue, 13 Aug 2024 00:34:01 GMT
expires
Tue, 13 Aug 2024 00:34:01 GMT
pragma
no-cache
strict-transport-security
max-age=31536000 ; preload
x-arc-request-id
0.93252d17.1723509241.6637d2f
x-arc-ttl
-1
entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/
95 B
993 B
XHR
General
Full URL
https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:7693 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload

Request headers

Cache-Control
no-store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Referer
https://www.reuters.com/

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000 ; preload
max-age
900
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type
application/json
access-control-allow-origin
https://www.reuters.com
x-arc-ttl
-1
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-arc-request-id
0.93252d17.1723509242.6637e77
access-control-allow-headers
Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
expires
Tue, 13 Aug 2024 00:34:02 GMT
entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame
0
0
Preflight
General
Full URL
https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:7693 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin
https://www.reuters.com
access-control-max-age
7200
cache-control
max-age=0, no-cache, no-store
date
Tue, 13 Aug 2024 00:34:02 GMT
expires
Tue, 13 Aug 2024 00:34:02 GMT
pragma
no-cache
strict-transport-security
max-age=31536000 ; preload
x-arc-request-id
0.93252d17.1723509241.6637d30
x-arc-ttl
-1
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202407.1.0/
451 KB
110 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OB5ZPaM1F+xqSvW4fnjknQ==
age
27970
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112090
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jul 2024 02:02:43 GMT
server
cloudflare
etag
0x8DCAB84B4C53B13
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
40aab4d2-001e-0048-0fd9-dda117000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b249df9691bf5a7-NRT
tags.js
js.datadome.co/
157 KB
29 KB
Script
General
Full URL
https://js.datadome.co/tags.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-21.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
xwE673c.fkzJ8mdhNbpSFitxZIm0Cv_u
content-encoding
gzip
via
1.1 455703b7dffa8019c7d38e3064346e50.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:27:06 GMT
strict-transport-security
max-age=15768000
x-amz-cf-pop
NRT57-C2
age
415
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 01 Aug 2024 11:41:36 GMT
server
AmazonS3
etag
W/"ee8364483523f4897404c6a35e76d353"
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
max-age=3600, public
x-amz-cf-id
Om5y4T8R0rspp7MI3L-PqLlqGKKO2wjGsQkCn1l-OHmpcxPblyoh6g==
settings
cdn.segment.com/v1/projects/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/
39 KB
9 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c24bd2b08320d1ccb2c5271d79a8f0c0544c5f234298de9a6010edb2dab938a2

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
QDmLJgim4Mn.frrvqqwnpJn5qNUALluj
content-encoding
gzip
via
1.1 e8cc67dac801883a467c565f16878d92.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 21:48:41 GMT
x-amz-cf-pop
NRT20-C1
age
9921
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 25 Jul 2024 20:02:50 GMT
server
AmazonS3
etag
W/"c88b6ef98ad6501d86d6fda4d1911834"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
vLVT0173T_dsc1Gu9LBEy7v-wFPLrn9H3tBHKz0ZQfnH7x_svpobkQ==
beacon
beacon.tru.am/
0
0
Fetch
General
Full URL
https://beacon.tru.am/beacon
Requested by
Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
surrogate-control
no-store
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTGDvH4Y5GAxtr1McAueoQ%2FoCcRAMC8Vg%2BHvGTvJUjTwRK6v5aiBw%2BGxoaEtaEsahLYMUMhTr7p2QI3piQRL7wkL%2BmTfRoTaH2qkxMAs2aRkq6Hsec%2Fwi90y3m%2BfsBU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
8b249df9bd5180f5-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 UTC
context.pl
www.dianomi.com/cgi-bin/
2 KB
957 B
Fetch
General
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=2615&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ffada9376c8e637c99be63eb01487d58785c67137ba7a170815d2b32fc7258
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://www.reuters.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8b249df9ee5c80cf-NRT
x-xss-protection
1; mode=block
context.pl
www.dianomi.com/cgi-bin/
2 KB
952 B
Fetch
General
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=2383&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d02656bac39c3b626a42e09af1d824dee4792b40c4f9670a3b547f80daf4da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://www.reuters.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8b249df9ee5d80cf-NRT
x-xss-protection
1; mode=block
context.pl
www.dianomi.com/cgi-bin/
435 B
359 B
Fetch
General
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=1479&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2a96fcd018da1f559c3a4c1caa4ee89e03f2be031622b9d1fd7cd4247cfaf9d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://www.reuters.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8b249df9ee5e80cf-NRT
x-xss-protection
1; mode=block
context.pl
www.dianomi.com/cgi-bin/
478 B
484 B
Fetch
General
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=1480&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f063e364fa8823669aa5ebe5664215e6a1437c82494539945b024246a95a092e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://www.reuters.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8b249df9ee6080cf-NRT
x-xss-protection
1; mode=block
configs
d.pub.network/v2/sites/reuters-com/
175 KB
10 KB
Other
General
Full URL
https://d.pub.network/v2/sites/reuters-com/configs?env=PROD
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a23d6f84a8a72ed44be306055d36ce817bee44ff2abc01b022ffd5fac076d754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/
9 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 28 Jul 2024 00:13:49 GMT
x-amz-version-id
9qvxEzhMdkuAWyrcAUYn2gyyZogKC5qo
content-encoding
br
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
1383614
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 26 Jul 2024 21:05:36 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
FnrJzS9NLE7EBQ2AAFCMA7oMussbR66yO7BTQmLUcArD38xlXg4w3w==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
157 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e8ea5edb2b9888ad72d7b561f595e55d476aa6555d0c2d8e1c10c0fbb8f0a169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52599
x-xss-protection
0
server
cafe
etag
11791236606753550484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 13 Aug 2024 00:34:02 GMT
en.json
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/01902773-595e-7ddc-8430-a8a73eb3153d/
273 KB
42 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/01902773-595e-7ddc-8430-a8a73eb3153d/en.json
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22f8b1f99c2ee5032f2bba7fbe15d5ba7b8626288a2ed9667aa711a617946b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
36271
content-md5
TzqhqbJJpJCI0Uy0ORgrkw==
content-length
43077
x-ms-lease-status
unlocked
last-modified
Thu, 25 Jul 2024 14:28:11 GMT
server
cloudflare
etag
0x8DCACB603039DD6
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7b2f8ac3-801e-00f3-219e-de40e3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8b249dfacbd6af6a-NRT
expires
Wed, 14 Aug 2024 00:34:02 GMT
/
optimise.net/
524 B
1 KB
Fetch
General
Full URL
https://optimise.net/?k=0&d=reuters.com&t=desktop&c=JP
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
5954d9f0e0823187d29251ad67df6223bbec8a86ff9209fb12b8d64bd67441a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
fs-client-rtt
1
fs-country
JP
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
fs-client-rtt,fs-country
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
3c58595d-e17b-4919-b038-feed35e099d4
https://www.reuters.com/
597 B
0
Other
General
Full URL
blob:https://www.reuters.com/3c58595d-e17b-4919-b038-feed35e099d4
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Jul 2024 00:27:17 GMT
x-amz-version-id
GZkxxGQYnMYoYVnKFcnwLSgzjntbsOOq
content-encoding
gzip
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT20-C1
age
2938006
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 09 Jul 2024 22:18:04 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
O0PTR5Qydt7K5Q1P9i4K6hSEiKMpIsTwO5aBHJJKycwN4W_wqLqd9w==
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2024 20:58:07 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kcgs7200117-IAD, cache-tyo11948-TYO
destination
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10844217&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea759771001c100387e8eded764aebc36ce2c5222ef46370d655c915a4d089da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78444
x-xss-protection
0
last-modified
Tue, 13 Aug 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Aug 2024 00:34:02 GMT
fbevents.js
connect.facebook.net/en_US/
225 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Aug 2024 00:34:02 GMT
document-policy
force-load-at-top
x-fb-server-load
39
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58865
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=15, mss=1368, tbw=2810, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
jsc5jJVj8JiFhJNzly3YbxQCM+nrEYtNmaRi9inRj9CabSAxNnioOsDSQs6yzvgZgkRTjUcIjc+vZSAUmgbmnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ytc.js
s.yimg.com/wi/
19 KB
7 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:807::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Tue, 13 Aug 2024 00:15:33 GMT
x-amz-version-id
VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
H19H51CTJ96MQP8X
age
1110
x-amz-server-side-encryption
AES256
content-length
6672
x-amz-id-2
BMV9+8KX4YAp/D05ja978HzkxCOjC9bVbrIyOM1pjMMYe+mVmdlpH0Xp6neDdqDQRjqLquulzSQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 10 Jul 2024 13:59:59 GMT
server
ATS
etag
"b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
datadog-rum-v4.js
www.datadoghq-browser-agent.com/
150 KB
48 KB
Script
General
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.39.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-39-3.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
via
1.1 532c50c8dc03f4cf8bce6bbd88ba55e2.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 11:26:13 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
1
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
OKnaNsvrsmn5w84toKksPLA2lPaFqFCssGDXsBeWSewI7ubVP8KWrQ==
a-07no.min.js
b-code.liadm.com/
101 KB
36 KB
Script
General
Full URL
https://b-code.liadm.com/a-07no.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:c200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
90932472b6e39c392dee868ffb46cef80a253047e904b41803554c957dc02f62

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:31:52 GMT
content-encoding
gzip
via
1.1 9a57190cf6aa7b1142210e5f804431fc.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P2
age
3730
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public,max-age=86400
x-amz-cf-id
mUlxR5jZz8RIV4Bp-8Xes2EVsLnCtQJzm8AGLoo7W4cEhNSqQdBm9w==
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/otCommonStyles.css
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
HyPJ72TNHxdfOI82cqKVqA==
age
3387
x-ms-lease-status
unlocked
last-modified
Wed, 24 Jul 2024 02:02:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d562afed-f01e-005d-56d3-dd638e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8b249dfb3c7eaf6a-NRT
696290db1b58ec303210.js
cdn.segment.com/next-integrations/actions/google-analytics-4-web/
196 KB
55 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/696290db1b58ec303210.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b504b32cdcea5e389725b80ed023c44131253f75085868220e15cf3256a1a713

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6N4AAXWiqwQVAy6JTPjfze3RJBZpz_SQ
content-encoding
br
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 04:21:46 GMT
x-amz-cf-pop
NRT20-C1
age
72737
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:56 GMT
server
AmazonS3
etag
W/"613c38bd3305cb30ef4a09fc282a8241"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
SYq3Ja8qkyIzDf7Vc_LC0ie8YYWwnfiu6jie8lpYNmN84dnVMYcPXQ==
adsct
t.co/i/
43 B
377 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=c9075ad7-0846-44ce-a77e-1e827fd37c86&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8e66c293-8e2b-456c-8866-d6c417a06448&tw_document_href=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61xp&type=javascript&version=2.3.30
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.195 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
95
date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=0
server
tsa_m
content-type
image/gif;charset=utf-8
x-transaction-id
1300ba4c716d38a9
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
44567e696a4540cd18e9c2d671faca97a7874fef4a20ba42783d7c53a34dca9f
content-length
43
adsct
analytics.twitter.com/i/
43 B
396 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c9075ad7-0846-44ce-a77e-1e827fd37c86&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8e66c293-8e2b-456c-8866-d6c417a06448&tw_document_href=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61xp&type=javascript&version=2.3.30
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time
245
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=631138519
server
tsa_m
content-type
image/gif;charset=utf-8
x-transaction-id
ac23163040d4715b
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
99391056567e98c2856d509ba96d0d9b5c5239e37549d628417f54899775e540
content-length
43
/
api-js.datadome.co/js/
232 B
410 B
XHR
General
Full URL
https://api-js.datadome.co/js/
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.150.112.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-112-144.ap-northeast-1.compute.amazonaws.com
Software
DataDome /
Resource Hash
766e02735383428469000e5113b034fa60aa6152fe7c68341cd2c680c7507a0b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
server
DataDome
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
232
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/
105 KB
32 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
77e09d22c5c016e7a22d42e00d23a145d7a8e43fa9865c56c333369f05e807be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32698
x-xss-protection
0
server
cafe
etag
702 / 19948 / m202408080101 / config-hash: 11703879449924443192
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:34:02 GMT
pubfig.engine.js
a.pub.network/core/pubfig/5.76.1/
361 KB
105 KB
Script
General
Full URL
https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bc90e5c022cd53ed2d03490bb105cb27c0097272d336ee9d05c41e0b2eab50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
11089
x-guploader-uploadid
AHxI1nPgs4Oqwh5jpz7WKN4347fw2Rfxl_2lzvnd3uLwwdz1_GQ6OC-G4YdAKYdHb2OPyRpVjSc7Qi48SQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2024 11:47:21 GMT
server
cloudflare
etag
W/"522c88214aea10cad8dc21322d085959"
vary
Accept-Encoding
x-goog-generation
1719316041459753
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=5LwbPw==, md5=UiyIIUrqEMrY3CEyLQhZWQ==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
370139
cf-ray
8b249dfbc8f7ca1f-NRT
expires
Tue, 13 Aug 2024 01:34:02 GMT
1586315481640631
connect.facebook.net/signals/config/
77 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1586315481640631?v=2.9.164&r=stable&domain=www.reuters.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ae718f7ecf0409e554c04c716a473acc8778c51e276d928bafdf5164c5cddd2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 13 Aug 2024 00:34:02 GMT
document-policy
force-load-at-top
x-fb-server-load
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15440
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=63, mss=1368, tbw=64423, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
I/09I8VkmM8GrdCEe7cMmAkvtWQiMm+0wUcAm4LgOmuSZVvHYLZFE2AWQt2yHkz8Lj5R+h6oUE7JP5fOnVim/Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
2d04d1da143afcea0dd4.js
cdn.segment.com/next-integrations/actions/845/
27 KB
8 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/696290db1b58ec303210.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6QwFHwiTFjRaoadUFPfbiMxzeAQ1Qs2f
content-encoding
br
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
date
Mon, 12 Aug 2024 15:55:40 GMT
x-amz-cf-pop
NRT20-C1
age
31103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:54 GMT
server
AmazonS3
etag
W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
eDhPprUDWfw1hH4zvln_bY2WXMQptIag1c4LdOfhjSWo1NOzZQDNPQ==
config.js
cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/
95 KB
22 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14d5433683a48a866a5467d9b85ccbb6a6e90131699ec4783ab5a7fa10d5441

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
HMF97ZJKZ4KQEZMZ
age
74
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
22538
x-amz-id-2
hFZfh9hUL8vpycd6utiPB/htzIWwat/eFr/Kqwd2h3TyW0Oj2y2uuKyqCiasA7BCsjMCLb2azow=
last-modified
Tue, 13 Aug 2024 00:28:38 GMT
server
cloudflare
etag
"a3631f5bb3878a248c6ae58237134d63"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
8b249dfcaf068a4a-NRT
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
55 KB
18 KB
Script
General
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e6b8c097ed798b561e51796fc897c5d6a60f9049e49ad7f40d0ce858644447c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2024 23:54:51 GMT
server
cloudflare
age
2346
etag
"82f221c1f91a4ac64326ad18896b765a"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8b249dfdb8a3268a-NRT
content-length
18586

Redirect headers

date
Tue, 13 Aug 2024 00:34:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnO5pEGA813QCRnxIwxcKBFCZsB8%2FIk8xXNsDk87Yui40T6EQWOPe7b4uXsfYsWHNffqjq5zYcTjkWkWxpm8oWCN5wMr6nrXPQEGbXyY6m%2BJswf2NRLypEvsWv886Cmdf%2BDVOZMJJj0wa5O67tmTgucnei22yoaErTQR0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
8b249dfcb91ef57f-NRT
content-length
167
expires
Tue, 13 Aug 2024 01:34:02 GMT
prebid-analytics-8.49.2.js
a.pub.network/core/
581 KB
194 KB
Script
General
Full URL
https://a.pub.network/core/prebid-analytics-8.49.2.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f466e8eb144636ff511dfab8f04a6a1df6ae357b69d979da098a206f656321fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
11090
x-guploader-uploadid
AHxI1nMe5EruFaPzo2_bLwkI1pqdo7JsVUFKC_BYgnguP0wx2opA52PFi17BAqssad80T3ueyTmCZNVQ3g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 17 Jun 2024 18:34:26 GMT
server
cloudflare
etag
W/"9122692025ce50d2fad0a821dce36b40"
vary
Accept-Encoding
x-goog-generation
1718649266295872
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=ueWS3g==, md5=kSJpICXOUNL60Kgh3ONrQA==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31524910
x-goog-stored-content-length
595373
cf-ray
8b249dfca9cbca1f-NRT
expires
Tue, 12 Aug 2025 21:29:12 GMT
analytics.min.js
a.pub.network/core/analytics/1.4.2/
13 KB
6 KB
Script
General
Full URL
https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
11090
x-guploader-uploadid
AHxI1nOxOp5PuEhfOnrKFMw7qZiWB4XXjL-S1yUm4vr1Vd7EzPL7TpfZp08C0pIYi6rrezAJt2sgSyeMpw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 May 2024 13:59:25 GMT
server
cloudflare
etag
W/"35dcda30703508261b9c4d8f98f94a6a"
vary
Accept-Encoding
x-goog-hash
crc32c=vucjuw==, md5=NdzaMHA1CCYbnE2PmPlKag==
x-goog-generation
1716386365851052
access-control-allow-origin
*
report-to
{"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
13601
access-control-expose-headers
*
cf-ray
8b249dfca9ceca1f-NRT
cross-origin-opener-policy-report-only
same-origin; report-to="gfe-default_product_name"
expires
Tue, 13 Aug 2024 01:34:02 GMT
google-analytics.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/
16 KB
5 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 17:04:33 GMT
content-encoding
gzip
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
x-amz-version-id
EFE9lusc4JimpUbDBPawD3guBabh51Lw
x-amz-cf-pop
NRT20-C1
age
2964570
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4743
last-modified
Mon, 03 Jun 2024 14:40:12 GMT
server
AmazonS3
etag
"6a3ed21f9b6777c0c37e6e248ea22387"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
AQGG7scmSTxMgqWY15qN9t2xhH6K9My-gDzaX32QfHxHsOiJUlj-pw==
visual-tagger.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/
45 KB
16 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3999ddde00a86aa8cac52ba54aa3cbf69ccd2ff81a1ecbf5d179eeee6ac835c1

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 17:04:22 GMT
content-encoding
gzip
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
x-amz-version-id
DoW4mJHS0hsNZpGbS4scbmBbg7UReS6C
x-amz-cf-pop
NRT20-C1
age
2964581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15523
last-modified
Mon, 03 Jun 2024 14:40:13 GMT
server
AmazonS3
etag
"1e6ed20ae1ef59e0a54725d717b8454f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
djDui_w-7afNRTqfYT0bO3dDwon7kr93Al-_omMN3MCoKssGBR1XXg==
js
www.googletagmanager.com/gtag/
313 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WBSR7WLTGD
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e08d34fcab14f26ab8d909c3b2bd3b7210694d59b25eb234ae8452ed419e4b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103723
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 00:34:02 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1586315481640631&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&rl=&if=false&ts=1723509242363&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4125&fbp=fb.1.1723509242357.781286196698486832&cs_est=true&ler=empty&cdl=API_unavailable&it=1723509242221&coo=false&rqm=GET
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=2815, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Aug 2024 00:34:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1586315481640631&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&rl=&if=false&ts=1723509242363&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4125&fbp=fb.1.1723509242357.781286196698486832&cs_est=true&ler=empty&cdl=API_unavailable&it=1723509242221&coo=false&rqm=FGET
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 13 Aug 2024 00:34:02 GMT
document-policy
force-load-at-top
x-fb-server-load
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402415830243293436", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1368, tbw=3132, tp=-1, tpl=-1, uplat=290, ullat=0
pragma
no-cache
x-fb-debug
zvyMrgHs4IQFm9GGzFdMjj9F/R2uQQTluYf+3gUrsDFvG57BT2l+gnpD9MlACD9dVUVeeqCS0DFOmWJ3s7AsQw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402415830243293436"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/
71 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:3a00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 17:50:04 GMT
content-encoding
gzip
via
1.1 b8e884b65aaa43a17f87e13ea791a8e2.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 00:07:44 GMT
server
nginx
x-amz-cf-pop
NRT57-P3
age
24238
etag
W/"665fac50-11d74"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
G3CMt234Au2DkLEv02MeePfIMkE4jiELG77ErcFC6ndl7CqEoo90cQ==
expires
Tue, 13 Aug 2024 17:50:03 GMT
chartbeat_mab.js
static.chartbeat.com/js/
24 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:3a00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 04:30:05 GMT
content-encoding
gzip
via
1.1 b8e884b65aaa43a17f87e13ea791a8e2.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
NRT57-P3
age
72237
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
BeiNmy4DGs39Yv3esP3DZ6V3_dG5GMpsI36LphAHxsQoOvfaBdLQxA==
expires
Tue, 13 Aug 2024 04:30:05 GMT
iasPET.1.js
static.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id
UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Jun 2021 13:42:44 GMT
server
AmazonS3
etag
W/"51636de3ce868a2172f9e6996c2934e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
coIScnWeG_ApOqcJQyJjuFg4Uz7Rr0rK75Nk_U00c5ft2jtA7KWREQ==
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/37296053/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
13.32.50.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-88.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 21:12:30 GMT
content-encoding
gzip
via
1.1 082329696d49819d97bc7da98006304c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-C1
age
12093
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
kzoftteqN7QrYYaa3s0ZRGIn39XdBffBPo60QSiwGIWRTGE58FJSkw==

Redirect headers

date
Tue, 13 Aug 2024 00:34:02 GMT
via
1.1 082329696d49819d97bc7da98006304c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-C1
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
yxTDarsT_LeiE-eq74CFuwVxxZ-vf7w0BOCBut2M-9QN6isURUyNJg==
a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
cdn.permutive.com/
617 KB
140 KB
Script
General
Full URL
https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7711 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09ba9d469727e2f09cf9c9c12073ab1c22b4797680bd5f19207d1f470ce43c7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
a55a84b3-9632-4869-b625-3d8ef43ed18d
age
0
x-guploader-uploadid
AHxI1nM4ZbEvsb_pdUUKDp_94KVlZrBbpapswofUL8Dg-6JZO1S3yMi7bzG4Sl73l-EKmimHXEFTfkMWAg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
143013
last-modified
Sat, 10 Aug 2024 00:09:30 GMT
server
cloudflare
etag
"57e44beb5573bc67eb9340ea4d280bae"
vary
Accept-Encoding
x-goog-generation
1723248570203379
content-type
application/javascript
x-goog-hash
crc32c=ydN9nQ==, md5=V+RL61VzvGfrk0DqTSgLrg==
cache-control
public, max-age=900
x-goog-stored-content-length
143013
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8b249dfcf9bb80f5-NRT
expires
Tue, 13 Aug 2024 00:49:02 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/
474 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 10:20:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
51191
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151130
x-xss-protection
0
server
cafe
etag
11205447520193479331
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 12 Aug 2025 10:20:51 GMT
activityi;dc_pre=CNGwsaHc8IcDFYzyTAIdxhIyBw;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-c...
10844217.fls.doubleclick.net/ Frame 618F
Redirect Chain
  • https://10844217.fls.doubleclick.net/activityi;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-product...
  • https://10844217.fls.doubleclick.net/activityi;dc_pre=CNGwsaHc8IcDFYzyTAIdxhIyBw;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reut...
0
0
Document
General
Full URL
https://10844217.fls.doubleclick.net/activityi;dc_pre=CNGwsaHc8IcDFYzyTAIdxhIyBw;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=1968428325;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10844217&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.134 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
477
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:02 GMT
expires
Tue, 13 Aug 2024 00:34:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:02 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10844217.fls.doubleclick.net/activityi;dc_pre=CNGwsaHc8IcDFYzyTAIdxhIyBw;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=1968428325;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipel...
ad.doubleclick.net/
0
23 B
Image
General
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10844217;type=remarket;cat=allpages;ord=7695401760417;npa=0;auiddc=95922369.1723509242;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=1968428325;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F?
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"10275769739769163240"}],"aggregatable_trigger_data":[{"filters":[{"14":["11180872"]}],"key_piece":"0xe851e10a96f88442","source_keys":["12","13","14","15","16","17","18","19","20","21","16785176","16785177","16785178","16785179","628551132","628551133","628551134","628551135"]},{"key_piece":"0x92e912fd53fe2ba","not_filters":{"14":["11180872"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16785176","16785177","16785178","16785179","628551132","628551133","628551134","628551135"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16785176":163,"16785177":163,"16785178":163,"16785179":15892,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628551132":32,"628551133":32,"628551134":32,"628551135":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"16959676710885370164","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"10275769739769163240","filters":[{"14":["11180872"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"10275769739769163240","filters":[{"14":["11180872"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"10275769739769163240","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"10275769739769163240","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10844217"]}}
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1723509242501&aid=a-07no&se=e30&duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline...
  • https://rp4.liadm.com/j?dtstmp=1723509242501&aid=a-07no&se=e30&duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipelin...
13 B
348 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1723509242501&aid=a-07no&se=e30&duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg&i6=MjAwMTphYzg6NDA6MWQ6OjFl&n3pc=true
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
3.225.71.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-71-245.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-pixel-event-id
ad6b19ce-0aee-4e79-b376-78124651ea25
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
null
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
13

Redirect headers

location
https://rp4.liadm.com/j?dtstmp=1723509242501&aid=a-07no&se=e30&duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg&i6=MjAwMTphYzg6NDA6MWQ6OjFl&n3pc=true
access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:02 GMT
access-control-expose-headers
*
access-control-allow-credentials
true
content-length
0
access-control-allow-methods
GET
f56e89f8_90ca6467d30941a41536e54c74b742ecdae5de
scaredsnakes.com/d9e91b/
299 B
714 B
Fetch
General
Full URL
https://scaredsnakes.com/d9e91b/f56e89f8_90ca6467d30941a41536e54c74b742ecdae5de
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
905eecc7f77154b4ac1afc3c1482519c4b80b2bdbf69bf9ef8e879bb8c162955
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
br
x-buildnumber
1389703183
alt-svc
h3=":443"; ma=86400
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reuters.com
x-hostname
fen-hoothoot-asia-east1-test-4hfj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8b249dfdbf9f2612-NRT
expires
Tue, 13 Aug 2024 00:34:01 GMT
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/
70 KB
22 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-27-29.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 17:04:22 GMT
content-encoding
gzip
via
1.1 3c0190220d7b3ab896def13f86f295aa.cloudfront.net (CloudFront)
x-amz-version-id
V.SxMmReU8g28xcE4bFlqm5TAakYuTpt
x-amz-cf-pop
NRT20-C1
age
2964581
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Mon, 03 Jun 2024 14:40:11 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
OTao2iPFmaQqzAtoThTur_VvHekL_uO6tCE830OKYdeQ9T2UeW46PQ==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202402121010/
300 KB
107 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
335GZGA3F2MC3B2C
age
6395004
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
109265
x-amz-id-2
7IrhZ9IlFGZ2j+9iy244a3xvv4ov5hX3CLnhTzy7Od2IGD8zCpxduMLBjL/4dJUyulM+R/BtDB4=
last-modified
Mon, 12 Feb 2024 15:11:18 GMT
server
cloudflare
etag
"3d93a0af15b12fc9dbbc93edd96a2b7f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8b249dfdb8558a4a-NRT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
263 B
557 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=reuters.com&domain=reuters.com&path=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37fa714e469dacbc174f44741436eb7b7325daf3aa670f921526db70f2e6bf90

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sun, 11 Aug 2024 00:34:02 GMT
date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
203
x-served-by
cache-tyo11953-TYO
x-timer
S1723509243.532557,VS0,VE167
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
x-cache-hits
0
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=reuters.com&p=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&u=DXtCAACV7bXBcKfxn&d=reuters.com&g=52639&g0=Technology&g1=Raphael%20Satter&g4=regular-article&nc=1&c=0&x=0&m=0&y=5172&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&b=2013&t=Ct9AJyL7vyPD_FDvtBQIbznDz5PJ0&V=147&i=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&tz=-540&_acct=anon&sn=1&sv=BmUbZ5B8mdq5C0CaU0KyzJGSlju&sr=external&sd=1&im=067b0cff&_
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.141.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-141-191.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
0
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
content-type
image/gif
config.json
c.go-mpulse.net/api/
51 B
214 B
XHR
General
Full URL
https://c.go-mpulse.net/api/config.json?key=GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW&d=www.reuters.com&t=5745031&v=1.632.0&sl=0&si=uxx54n66xsq-si4s8p&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=656997
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:400:696::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6aff8294af9ed8a0de81943befa1bf28a20befd348f4df64bd30a201d37b8504

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 00:34:02 GMT
cache-control
private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
51
content-type
application/json
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reuters.com%2F&domain=www.reuters.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 13 Aug 2024 00:34:02 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
322484
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
hadron.js
cdn.hadronid.net/
56 KB
12 KB
Script
General
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNMNHQXA94JVW78
age
4495
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
8b249dfeb8b2f6d9-NRT
x-amz-id-2
FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=
edgekit.min.js
cdn.edkt.io/PV483g/
22 KB
8 KB
Script
General
Full URL
https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c509862f8eeee6bff0dadf913f679fe1d7b9a0e1706c4d5927cc494a0ee54b99

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 18:21:26 GMT
content-encoding
gzip
age
22356
x-guploader-uploadid
AHxI1nNj9M05257FShHwiQVW2FwsHXS6_qd6wvRbIW61fZUQ70XOmfZQr_mrMZlIbiCb3ARKx4s
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7359
last-modified
Fri, 26 Jul 2024 15:48:38 GMT
server
UploadServer
etag
"3780a6ce450ee27499532356da75f0ca"
x-goog-generation
1722008918218582
x-goog-hash
crc32c=7Siytw==, md5=N4CmzkUO4nSZUyNW2nXwyg==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7359
accept-ranges
bytes
expires
Tue, 13 Aug 2024 18:21:26 GMT
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=pX6xcf%2F%2F%2FwgtYa0gWU7n%2Fu6JSAjDaC0bS0fAiFIvrj4%3D
42 B
138 B
Fetch
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=pX6xcf%2F%2F%2FwgtYa0gWU7n%2Fu6JSAjDaC0bS0fAiFIvrj4%3D
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 13 Aug 2024 00:34:02 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://www.reuters.com
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=pX6xcf%2F%2F%2FwgtYa0gWU7n%2Fu6JSAjDaC0bS0fAiFIvrj4%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fed
ups.analytics.yahoo.com/ups/58657/
2 B
381 B
Fetch
General
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/&pixelId=58657
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.228.126.19 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.134
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.reuters.com
content-type
application/json
access-control-allow-credentials
true
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reuters.com%2F&domain=www.reuters.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=Nr6Lenx2Wm9kdHNJRHRDQ25DRlN6RjlCQ29PWUJMb1U1VWpDc2hVMEJobE5XN0IwdHNrR1pVeEFRaDJ1cGRuLzNIRUdqRlVWcmRCVXBSam4yeWNnUmwzV1NRK0s1cjFibnpQN01UT3lxTFRwQlh2UjVHSCsrK3ptTzl1Y0...
349 B
643 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Nr6Lenx2Wm9kdHNJRHRDQ25DRlN6RjlCQ29PWUJMb1U1VWpDc2hVMEJobE5XN0IwdHNrR1pVeEFRaDJ1cGRuLzNIRUdqRlVWcmRCVXBSam4yeWNnUmwzV1NRK0s1cjFibnpQN01UT3lxTFRwQlh2UjVHSCsrK3ptTzl1Y0prRjhSUmJaWmdjYlJHY3gwNzhhRS9HdlBjWFVpbk5RcWJHZmdVZXAvOTFId3k4ZE9JL3oyOW9yaHlTZ2JndmhDSXY2ZDY0NThGWGdwN3J0UkcwSzAvNjVrV3VMV05XbUE4RmZ0eCsrdUhuNzFMVEd0dHFsOU0vZGEzaGlMcmV4WlhId2RKZ3I3fA&cppv=2
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
c2dee0a3bffdcf10477ce76b9dd73778c445bf3593576fa11a434d6035524645
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
610304
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.reuters.com
location
https://mug.criteo.com/sid?cpp=Nr6Lenx2Wm9kdHNJRHRDQ25DRlN6RjlCQ29PWUJMb1U1VWpDc2hVMEJobE5XN0IwdHNrR1pVeEFRaDJ1cGRuLzNIRUdqRlVWcmRCVXBSam4yeWNnUmwzV1NRK0s1cjFibnpQN01UT3lxTFRwQlh2UjVHSCsrK3ptTzl1Y0prRjhSUmJaWmdjYlJHY3gwNzhhRS9HdlBjWFVpbk5RcWJHZmdVZXAvOTFId3k4ZE9JL3oyOW9yaHlTZ2JndmhDSXY2ZDY0NThGWGdwN3J0UkcwSzAvNjVrV3VMV05XbUE4RmZ0eCsrdUhuNzFMVEd0dHFsOU0vZGEzaGlMcmV4WlhId2RKZ3I3fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
256240
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/
227 B
318 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.reuters.com
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7522414b9a7d076f4978fd6d895b083a6c9131b477d315b481431caac9c5bb97

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
br
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
8b249dfeebaa5eb9-NRT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/
194 B
664 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.reuters.com
content-type
application/json;charset=UTF-8
date
Tue, 13 Aug 2024 00:34:03 GMT
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
envelope
api.rlcdn.com/api/identity/
0
279 B
Fetch
General
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13928
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
188.165.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
any
idx.liadm.com/idex/did-0047/
0
372 B
Fetch
General
Full URL
https://idx.liadm.com/idex/did-0047/any?duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&did=did-0047&cd=.reuters.com&pu=https%3A%2F%2Fwww.reuters.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.218.0.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-0-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
1
access-control-allow-origin
https://www.reuters.com
cache-control
max-age=3599, private
access-control-allow-credentials
true
trace-id
418d3e3af688fa8c
expires
Tue, 13 Aug 2024 01:34:03 GMT
rid
match.adsrvr.org/track/
109 B
566 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
71d5f2c9f54039e8ee63dc5d02d9287f45637fcc076c51231ea1f62cfae611a0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 12 Sep 2024 00:34:02 GMT
22876227373
fundingchoicesmessages.google.com/i/
203 KB
67 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/22876227373?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad4afed40478130a14712b563085523a3c4d244f468b17f5147e200198ded738
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DRg6Q_Txd8qsfS7kVd4emA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-DRg6Q_Txd8qsfS7kVd4emA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDh-XX61lU3gxPI_s5iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDA31DMzjCwwAw5dAlA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Aug 2024 22:50:20 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6222
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 13 Aug 2024 00:50:20 GMT
websiteconfig
btloader.com/
728 B
663 B
Fetch
General
Full URL
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=reuters.com
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271bdec2cdd30742b94baeb064fc1d66e8f3fffbf3d7252ffaff60b3cecbe031

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Mon, 12 Aug 2024 23:53:21 GMT
server
cloudflare
age
2235
etag
"8f4493fab1fe620c7ae325f571b3d7e2"
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
8b249dff5a3025f2-NRT
content-length
381
px.gif
ad-delivery.net/
43 B
342 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
818225
x-guploader-uploadid
ABPtcPpag7yP9AhBVuaaF3oPtfX3M-Brg_TQfmpbxEYES8rw9pR5YL-HLNb1OUzD9fZh4PppaDBjeA4j-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01JKfONcbBMtSpnI64FVnq1JMfkcheLtye5ZCwxZeUH8lCBpHfPZYRKvctMaDFHuFsTLTpnN2yjIxKJhfE%2FTjS%2BLT%2BQNCCvG5%2B7fQtThgq%2Fe8QncgQwQYmyaD48I5YgPDNnaFGZsMuxXhuGrrA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b249dff6ee8e086-NRT
expires
Wed, 14 Aug 2024 00:34:02 GMT
favicon.ico
ad.doubleclick.net/
1 KB
130 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 08:35:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 08:35:21 GMT
px.gif
ad-delivery.net/
43 B
928 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.10257688764948925
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
818225
x-guploader-uploadid
ABPtcPpag7yP9AhBVuaaF3oPtfX3M-Brg_TQfmpbxEYES8rw9pR5YL-HLNb1OUzD9fZh4PppaDBjeA4j-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPuDMTMZ%2FJkSgD1FJWHfA6ZrWa9hV2QRE14DyKnbdTVBmz%2FKeJTrz7k%2F9sSj9EfOIff%2Bd%2BwK6DlH5nv6z%2F7FRtHJ7Q3p671EvSzG1VZWhDSxAlFog9BUjRdpH0GYC%2BixK61N9ECx8zKP%2FOw91w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8b249dff6ee6e086-NRT
expires
Wed, 14 Aug 2024 00:34:02 GMT
quant.js
secure.quantserve.com/
23 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 20 Aug 2024 00:34:03 GMT
pub
pixel.adsafeprotected.com/services/
653 B
630 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_1x1_bouncex,ss:%5B1.1%5D,p:/4735792/reuters.com/bouncex,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
02e4ea401a678b865bac19dbd023ff3e5756e07a659bed4b8b932af0e74095be

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=Nr6Lenx2Wm9kdHNJRHRDQ25DRlN6RjlCQ29PWUJMb1U1VWpDc2hVMEJobE5XN0IwdHNrR1pVeEFRaDJ1cGRuLzNIRUdqRlVWcmRCVXBSam4yeWNnUmwzV1NRK0s1cjFibnpQN01UT3lxTFRwQlh2UjVHSCsrK3ptTzl1Y0prRjhSUmJaWmdjYlJHY3gwNzhhRS9HdlBjWFVpbk5RcWJHZmdVZXAvOTFId3k4ZE9JL3oyOW9yaHlTZ2JndmhDSXY2ZDY0NThGWGdwN3J0UkcwSzAvNjVrV3VMV05XbUE4RmZ0eCsrdUhuNzFMVEd0dHFsOU0vZGEzaGlMcmV4WlhId2RKZ3I3fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 13 Aug 2024 00:34:02 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
215304
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
10160484.json
s.yimg.com/wi/config/
2 B
521 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10160484.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:807::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 13 Aug 2024 00:20:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
AK9B0AZJNQGTV9XS
age
788
content-length
22
x-amz-id-2
X59vk3Qnp6UcT+6/FnKYOC+eLJR3+lY3r/a55D5dbESva62ZseOmgY/kxF25dTUB2E1IGAQhqNnBvok7/y9nps4r6s7kxKpj
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
c44397a2-e4a1-4334-a2cf-863281135eee
https://www.reuters.com/
389 KB
0
Other
General
Full URL
blob:https://www.reuters.com/c44397a2-e4a1-4334-a2cf-863281135eee
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60683094c3e55c42f072fb9394c040403ebb8fa2b198a6a920dc10960cab00a0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
398339
Content-Type
svrGP
s2124157686.t.eloqua.com/visitor/v200/
79 B
581 B
Script
General
Full URL
https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=2124157686&ms=762
Requested by
Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.29.13.138 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
4c3c72137144bf77e66f8d9e97b8f14ae3aecb4ed1be4fc2b616a4dd8ac88793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Tue, 13 Aug 2024 00:34:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
106
X-Xss-Protection
1; mode=block
Expires
-1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723509242980&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2F...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723509242980&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2...
0
227 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723509242980&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
13.32.50.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-50-88.nrt57.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
via
1.1 082329696d49819d97bc7da98006304c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-C1
x-amz-cf-id
SlNwLHnDUJQ6-N1XVOyYIHVYSO3kqOdje42PJfQkxdvjp28vvNxglA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 13 Aug 2024 00:34:03 GMT
via
1.1 082329696d49819d97bc7da98006304c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
NRT57-C1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723509242980&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9=
content-length
0
x-amz-cf-id
JM3X77_F5tmMENOUntFAy-QZwdLSMsA_juGxASbbVNT1VMWgz8ATPw==
hadron.json
id.hadron.ad.gt/v1/
121 B
257 B
XHR
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.reuters.com&url=https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77545ad0a65a4b050a7de9a545a0506c0ca4c7472766c508b7c2d1a7ce08cf28

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization,content-type
cf-ray
8b249e016efc5eb9-NRT
hadron.json
id.hadron.ad.gt/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.reuters.com&url=https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8b249e00adfd5eb9-NRT
content-length
0
content-type
application/json
date
Tue, 13 Aug 2024 00:34:03 GMT
debug
OPTIONS block
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/
27 B
86 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
8b249e017f205eb9-NRT
country
api.btloader.com/
37 B
215 B
Fetch
General
Full URL
https://api.btloader.com/country?o=5714937848528896
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
2fc364844767afcfcadb2bd75ae41d008d1ac70351d355f03d3d4814c09bc09d

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
f56e89f8_90ca6467d30941a41536e54c74b742ecdae5de
scaredsnakes.com/d8e91b/
3 B
455 B
Fetch
General
Full URL
https://scaredsnakes.com/d8e91b/f56e89f8_90ca6467d30941a41536e54c74b742ecdae5de
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=15724800; preload
via
1.1 google
cf-cache-status
DYNAMIC
x-buildnumber
1389703183
alt-svc
h3=":443"; ma=86400
content-length
3
server
cloudflare
x-datacenter
gce-asia-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reuters.com
x-hostname
fen-hoothoot-asia-east1-test-4hfj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray
8b249e00bc122612-NRT
expires
Tue, 13 Aug 2024 00:34:02 GMT
rtd
id.hadron.ad.gt/api/v1/ Frame
0
0
Preflight
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cf-cache-status
DYNAMIC
cf-ray
8b249e00be0a5eb9-NRT
content-length
0
content-type
application/json
date
Tue, 13 Aug 2024 00:34:03 GMT
debug
rtd-nx-sv
server
cloudflare
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80e::200e Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:41:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
3165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Aug 2024 00:41:18 GMT
pxid
a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co/v2.0/
46 B
384 B
XHR
General
Full URL
https://a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co/v2.0/pxid?k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
85ea780238be6b5df6d9f24937d9886a94ff482e751d91ac75ef934334ff0955

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
getuidj
ib.adnxs.com/
11 B
701 B
XHR
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
an-x-request-uuid
7f7d8aca-fa27-4b0f-bee9-d98368d74348
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxVxf57L-5mQExWK2VGFkyisKDzPGhDipEXs5gyEbnynGFxYxXZ2Da9uqMHpTdTB7TZlQDBLmnD6CoUfbzWQLhtj-nlWEsy9PKflRwf4uMBFhqfnlo3zcWUS4zG-wKLU6KJxP9_x1w==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVxf57L-5mQExWK2VGFkyisKDzPGhDipEXs5gyEbnynGFxYxXZ2Da9uqMHpTdTB7TZlQDBLmnD6CoUfbzWQLhtj-nlWEsy9PKflRwf4uMBFhqfnlo3zcWUS4zG-wKLU6KJxP9_x1w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTA5MjQzLDMzMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5yZXV0ZXJzLmNvbS9hcnRpY2xlL3VzLXVzYS1wcm9kdWN0cy1jb2xvbmlhbC1waXBlbGluZS1yYW5zb20vbW9yZS1yYW5zb213YXJlLXdlYnNpdGVzLWRpc2FwcGVhci1pbi1hZnRlcm1hdGgtb2YtY29sb25pYWwtcGlwZWxpbmUtaGFjay1pZFVTS0NOMkNYMEtULyIsbnVsbCxbWzgsIm9rbFZaTjNoSHc4Il0sWzksImphIl0sWzIyLCJ0cnVlIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b131867fe122dc4c9e41bf425c38a2daabdf762b6bf1b55c39a5362567f5594d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j8bzYPa3Wm5RMJjD3wiA_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-j8bzYPa3Wm5RMJjD3wiA_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDl-X361lU3gxfrHCkoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBhaGhnoG5vEFBgB7lUAg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 1516
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29247
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 23:54:27 GMT
expires
Tue, 13 Aug 2024 00:44:27 GMT
last-modified
Mon, 12 Aug 2024 19:45:17 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pv
api.btloader.com/
0
66 B
XHR
General
Full URL
https://api.btloader.com/pv?tid=Np6lUDIWtF&w=5689481349824512&o=5714937848528896&cv=2.1.48&widget=false&checksum=f9133749&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&sid=7uPOIW4i8O&pm=true&upapi=true
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ Frame
0
0
Preflight
General
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.reuters.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 13 Aug 2024 00:34:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
topics_frame.html
pa.openx.net/ Frame 2CCE
0
0
Document
General
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2998
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Mon, 12 Aug 2024 23:44:05 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
AHxI1nNKYbdQa2l7fXI8wgrTP5M3KvkYDUCG3e-hV36_D3QkXg0U1S5HVW4fWTovwrK3kkRSpJQ
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 1FF1
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=158034
content-encoding
gzip
content-length
859
content-type
text/html
date
Tue, 13 Aug 2024 00:34:03 GMT
expires
Wed, 14 Aug 2024 20:27:57 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/
28 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=185098633813002&correlator=1087370772766664&eid=31079956%2C31086034%2C31085718%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Cbouncex&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=1929461166&sfv=1-0-40&eri=33&sc=1&cookie_enabled=1&abxe=1&dt=1723509243072&lmt=1723508782&adxs=0&adys=5172&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=1600x5171&msz=1600x0&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723509241216&idt=1432&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D9134d8cb-c13b-4f9a-8e22-4a4a0710570b%26fs_placementName%3Dreuters_1x1_bouncex%26fs_ad_product%3Dbanner&cust_params=fs_session_id%3D861f4e5f-ce72-422f-ba34-c09e9b95410b%26fs_pageview_id%3D4b2190ce56a74633a683b23c26fec26f%26fsitf%3DYYYYYNYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D1%26fs_clientservermask%3D13033132300201320012002%26fs_testgroup%3Dexperiment&adks=491726623&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
587d5ce5eeec73df9e17deb62985bea62a55ec23d35776d13dc88f8866ede42b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12561
x-xss-protection
0
google-lineitem-id
6706797525
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138472987123
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7cc31a9cfa56fad9a4f45ece8b5e1ff4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D19
0
0
Document
General
Full URL
https://7cc31a9cfa56fad9a4f45ece8b5e1ff4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:804::2001 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:03 GMT
expires
Tue, 13 Aug 2024 00:34:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxV8lw1JeK-3mjb0cw-JTdOYph_5tA7jHRVlt40PYesfSEl47j7RlPH1bmDm_LoLiYDWFxOKxS1U82LDKZlOmHgMpsDiFCdbFJbmRdWCAjJnAKSFxRFjp8EPPr3yUTv9qN7G9mrlzw==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV8lw1JeK-3mjb0cw-JTdOYph_5tA7jHRVlt40PYesfSEl47j7RlPH1bmDm_LoLiYDWFxOKxS1U82LDKZlOmHgMpsDiFCdbFJbmRdWCAjJnAKSFxRFjp8EPPr3yUTv9qN7G9mrlzw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTA5MjQzLDEzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImphIl0sImh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdXMtdXNhLXByb2R1Y3RzLWNvbG9uaWFsLXBpcGVsaW5lLXJhbnNvbS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIixudWxsLFtbOCwib2tsVlpOM2hIdzgiXSxbOSwiamEiXSxbMjIsInRydWUiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
e0fd840394a7c3853269ac1f2ec70c065dbf684fd07423a4bd07edfd380340c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jFYg-JZ5Cs0kFzwKFFisIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-jFYg-JZ5Cs0kFzwKFFisIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFuDl-X361lU1gw_FXAUoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBhaGhnoG5vEFBgB-ZkA2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame 118A
169 B
324 B
Stylesheet
General
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
5231
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
8b249e01c9b980cf-NRT
expires
Tue, 13 Aug 2024 04:34:03 GMT
smartads.epl
www.dianomi.com/ Frame 274C
0
0
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=45764&numAds=3&cf=545.2383.Reuters%20New&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-45764-Zrqp-sAtrCqylRG89sjT9gAAADc0&responsiveHeight=1&contextfeedFrameId=2383-568&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8b249e01e929f64d-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:03 GMT
expires
now
link
</img/a/pss/4248/83.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 118A
1 KB
1 KB
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
132506
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8b249e01c9c480cf-NRT
expires
Thu, 12 Sep 2024 10:34:03 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 118A
77 B
259 B
Image
General
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.2383.Reuters%20New&geo_ccod=jp
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
8b249e01c9c780cf-NRT
content-length
77
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 00:34:03 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame B9E2
1 KB
0
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
132506
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8b249e01c9c480cf-NRT
expires
Thu, 12 Sep 2024 10:34:03 GMT
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame B9E2
169 B
0
Stylesheet
General
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5231
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
8b249e01c9b980cf-NRT
expires
Tue, 13 Aug 2024 04:34:03 GMT
smartads.epl
www.dianomi.com/ Frame 0EAC
0
0
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=50378&numAds=3&cf=545.2615.Reut%20(In%20A)&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50378-Zrqp-UJReelkANlPUlDUCAAAADc0&responsiveHeight=1&contextfeedFrameId=2615-666&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8b249e01e92cf64d-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:03 GMT
expires
now
link
</img/a/pss/4248/83.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame B9E2
77 B
137 B
Image
General
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.2615.Reut%20(In%20A)&geo_ccod=jp
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
8b249e01c9cd80cf-NRT
content-length
77
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 00:34:03 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame 67A5
1 KB
0
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
132506
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8b249e01c9c480cf-NRT
expires
Thu, 12 Sep 2024 10:34:03 GMT
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame 67A5
169 B
0
Stylesheet
General
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5231
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
8b249e01c9b980cf-NRT
expires
Tue, 13 Aug 2024 04:34:03 GMT
smartads.epl
www.dianomi.com/ Frame 9F12
0
0
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=10415&numAds=12&cf=545.1480.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10415-Zrqp-m3b-Bek3wv3fvqhGQAAAEE0&responsiveHeight=1&contextfeedFrameId=1480-194&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8b249e01e92bf64d-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:03 GMT
expires
now
link
</img/a/pss/4205/19.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 67A5
77 B
137 B
Image
General
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.1480.Reuters&geo_ccod=jp
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
8b249e01d9e480cf-NRT
content-length
77
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 00:34:03 GMT
dianomi-max-200x38.png
www.dianomi.com/img/ Frame C4E0
1 KB
0
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
132506
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8b249e01c9c480cf-NRT
expires
Thu, 12 Sep 2024 10:34:03 GMT
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame C4E0
169 B
0
Stylesheet
General
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5231
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
8b249e01c9b980cf-NRT
expires
Tue, 13 Aug 2024 04:34:03 GMT
smartads.epl
www.dianomi.com/ Frame C758
0
0
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=10165&numAds=6&cf=545.1479.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10165-Zrqp-lwBWamzejWp0_PMCgAAAAA0&responsiveHeight=1&contextfeedFrameId=1479-141&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8b249e01e92af64d-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:03 GMT
expires
now
link
</img/a/pss/4203/15.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame C4E0
77 B
137 B
Image
General
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.1479.Reuters&geo_ccod=jp
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
8b249e01d9e580cf-NRT
content-length
77
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 00:34:03 GMT
Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame B9E2
24 KB
25 KB
Font
General
Full URL
https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:7c00:f:e061:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:14:10 GMT
x-amz-version-id
DbaVTgAAtc_EnW57ITdheJlY66L21oBm
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P5
age
4794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
24720
last-modified
Thu, 21 Dec 2023 05:28:25 GMT
server
AmazonS3
etag
"cb2231d363ef66f1b18bd8fe996f3e25"
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
xQezFiRpssYE_jBtynIwMkSWUkWPtvaBMUR9DJOTgBtAN_itsBXqqQ==
Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame 118A
24 KB
0
Font
General
Full URL
https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:7c00:f:e061:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:14:10 GMT
x-amz-version-id
DbaVTgAAtc_EnW57ITdheJlY66L21oBm
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-P5
age
4794
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
24720
last-modified
Thu, 21 Dec 2023 05:28:25 GMT
server
AmazonS3
etag
"cb2231d363ef66f1b18bd8fe996f3e25"
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
xQezFiRpssYE_jBtynIwMkSWUkWPtvaBMUR9DJOTgBtAN_itsBXqqQ==
view
securepubads.g.doubleclick.net/pcs/ Frame E445
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKRROhqEaf5NjXTcOebtrDT24Qjc3g0NczuDqL3ni-tSxsURLCsorfMoJjYoBdpONPeH5APePSo7BQggA4_gyO0YACjGiZpbedbloIsCgNXIOukXorZvUz19JM-IOcg7w6olnZTWsK-9duNw-73LOkDhVmgVCklWUf9lZjq8ArOlx-UKCmUmqVdjZ7Ilx99CSxA2DxtO0SGlfxmfSN0EtIhTIrrWf_ge9n_USpTYRs6fRACNb0N8SqIrjCeZmh1sczdImEoeppVCEw2vrgXL7e38EA7Km3Bj2ehf2653Y-MzcNprj57HOJoMA_Fat5zvOpeipnwMwKH-ix6zpcy_TpbLGuGA&sai=AMfl-YTclytgSxnWcrjIS-ptfL-nGuXpTcFPq9--3kMDDDExe-xpXV_7fqRgwGl64yDmQVd4FJMEq3LcrYtGltQgRY3wUGNFuTT_vnZB69ddnxCmtVNmmibbH57gZEKmR5o&sig=Cg0ArKJSzOsfyqUQENVMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame E445
2 KB
1 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:50:59 GMT
content-encoding
br
ad-auction-allowed
true
age
1629784
x-guploader-uploadid
AHxI1nP3Qs87Ar8BCGDQfkX_6QbNbFfk63oJCbqvUboD5otnXurGJQolI0PX0VRuse80VYhlXK4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
834
last-modified
Wed, 24 Jul 2024 15:05:31 GMT
server
UploadServer
etag
W/"e834a0cd12abffd04acda8e08953a77a"
vary
Accept-Encoding
x-goog-generation
1721833531399431
x-goog-hash
crc32c=PdRfKg==, md5=6DSgzRKr/9BKzajgiVOneg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
2317
accept-ranges
none
content-type
text/javascript; charset=UTF-8
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E445
204 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64724
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=EUC-KR
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:39:40 GMT
pixel
protected-by.clarium.io/ Frame E445
68 B
244 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzM1MzkwMDQ0MTM6MXgx&v=5&s=v31i54ifvbs&id=eyJkZnAiOnsiYWQiOjQ5NTc1MzQwMTksImMiOjEzODQ3Mjk4NzEyMywibCI6NjcwNjc5NzUyNSwibyI6MzUzOTAwNDQxMywiQSI6Ii80NzM1NzkyL3JldXRlcnMuY29tL2JvdW5jZXgiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfMXgxX2JvdW5jZXgifX0%3D&cb=4031944&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TTFNemt3TURRME1UTTZNWGd4Iiwid2QiOnsibyI6MzUzOTAwNDQxMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
content-type
image/png
collect
analytics.google.com/g/
0
254 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723509241273&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=2013332329.1723509243&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&_s=1&sid=1723509243&sct=1&seg=0&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&en=ad_impression&_fv=1&_ss=1&ep.query_id=CICW0KHc8IcDFVfJFgUddjQg_w&tfd=2786
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
245 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WBSR7WLTGD&cid=2013332329.1723509243&gtm=45je4880v9105432122za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WBSR7WLTGD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c06::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/
42 B
63 B
Image
General
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WBSR7WLTGD&cid=2013332329.1723509243&gtm=45je4880v9105432122za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1527769641
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
474
a.ad.gt/api/v1/u/matches/
13 KB
4 KB
Script
General
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22f94b9363e83a490215650ff0e73872d5cd4760564370e1b440502cca61869

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 00:28:26 GMT
server
cloudflare
age
151
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8b249e032b933c09-NRT
sp.pl
sp.analytics.yahoo.com/
43 B
669 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2013%20Aug%202024%2000%3A34%3A03%20GMT&n=-9&b=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&.yp=10160484&f=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&enc=UTF-8&us_privacy=1---&yv=1.16.0&tagmgr=gtm
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.140.156.156 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-156-156.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.134
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:03 GMT
identify
api.permutive.com/v2.0/
50 B
88 B
XHR
General
Full URL
https://api.permutive.com/v2.0/identify?k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
974eea1e82174c5198c1405039eb85a59db4e98f6b7329718bc89ad845c3ef98

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
i.js
tag.bounceexchange.com/5431/
5 KB
3 KB
Script
General
Full URL
https://tag.bounceexchange.com/5431/i.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
1b420d5f4d5b45fae15afb30c074f34ea0d08fc0824eba6e5d71e4422c49d9d4

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:33:23 GMT
content-encoding
gzip
x-envoy-decorator-operation
tag-router.tag-router.svc.cluster.local:80/*
via
1.1 google
age
40
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2313
server
istio-envoy
etag
474f1c7e9b72eb
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
gen_204
pagead2.googlesyndication.com/pagead/ Frame E445
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
474
p.ad.gt/api/v1/p/
40 KB
13 KB
Script
General
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
081964cb42fb3168a6ccacae28e19cef8ca6d1aab6e7e4c4445f6da1442e3da7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 13 Aug 2024 00:28:46 GMT
server
cloudflare
age
45
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8b249e03a80b2641-NRT
halo_match
ids.ad.gt/api/v1/
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&halo_id=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif
ip_match
ids.ad.gt/api/v1/
0
191 B
Image
General
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
server
nginx/1.24.0
content-length
0
content-type
text/html; charset=utf-8
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&adnxs_id=6058041479265940066&gdpr=0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&adnxs_id=6058041479265940066&gdpr=0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
an-x-request-uuid
8e679a15-0438-4c56-975b-8ec36aff3496
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&adnxs_id=6058041479265940066&gdpr=0
x-proxy-origin
146.70.201.171; 146.70.201.171; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723509243-T0ZB54BD-1QAD&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
date
Tue, 13 Aug 2024 00:34:03 GMT
server
Kestrel
content-length
259
UCookieSetPug
image2.pubmatic.com/AdServer/
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723509243-T0ZB54BD-1QAD
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 13 Aug 2024 00:33:50 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
content-type
text/html; charset=utf-8
token
token.rubiconproject.com/
0
1 KB
Image
General
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001723509243-T0ZB54BD-1QAD&gdpr=0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723509243-T0ZB54BD-1QAD&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723509243...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723509243-T0ZB54BD-1QAD&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=331db1b0-a1fa-4f79-8ad1-1bf44137f043%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=a0c430d7-4bc6-4605-a7c9-893b05a89995&ttd_puid=331db1b0-a1fa-4f79-8ad1-1bf44137f043%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&tapad_id=331db1b0-a1fa-4f79-8ad1-1bf44137f043
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&tapad_id=331db1b0-a1fa-4f79-8ad1-1bf44137f043
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&tapad_id=331db1b0-a1fa-4f79-8ad1-1bf44137f043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&google_gid=CAESEHEYURXME0TjzzBOkIjK8wk&google_cver=1&google_ula=450542624,0
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&google_gid=CAESEHEYURXME0TjzzBOkIjK8wk&google_cver=1&google_ula=450542624,0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&google_gid=CAESEHEYURXME0TjzzBOkIjK8wk&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723509243-T0ZB54BD-1QAD
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwOTI0My1UMFpCNTRCRC0xUUFE
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwOTI0My1UMFpCNTRCRC0xUUFE
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwOTI0My1UMFpCNTRCRC0xUUFE
date
Tue, 13 Aug 2024 00:34:03 GMT
server
nginx/1.24.0
content-length
453
content-type
text/html; charset=utf-8
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001723509243-T0ZB54BD-1QAD%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&impr_uid=b11367b5-d99b-4a47-b2f1-fc0e34ad04ba
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&impr_uid=b11367b5-d99b-4a47-b2f1-fc0e34ad04ba
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001723509243-T0ZB54BD-1QAD&impr_uid=b11367b5-d99b-4a47-b2f1-fc0e34ad04ba
access-control-allow-origin
*
date
Tue, 13 Aug 2024 00:34:04 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
content-type
text/plain
amo_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODI0MTY1OC90LzA/url/https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Famo_match%3Fturn_id%3D%24!%7BTURN_UUID%7D%26id%3DAU1D-0100-001723509243-T0ZB54BD-1QAD
  • https://ids.ad.gt/api/v1/amo_match?turn_id=3629956221129028175&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
43 B
143 B
Image
General
Full URL
https://ids.ad.gt/api/v1/amo_match?turn_id=3629956221129028175&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Server
52.37.4.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-4-167.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/amo_match?turn_id=3629956221129028175&id=AU1D-0100-001723509243-T0ZB54BD-1QAD
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ebfa23da174faa55634171c5e49d0152.gif
sync.colossusssp.com/
0
202 B
Image
General
Full URL
https://sync.colossusssp.com/ebfa23da174faa55634171c5e49d0152.gif?puid=AU1D-0100-001723509243-T0ZB54BD-1QAD&redir=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fcolossus%3Fcls_id%3D%5BUID%5D%26id%3DAU1D-0100-001723509243-T0ZB54BD-1QAD
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.240.155.100 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 00:34:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
Content-Type
text/plain
runtime_6459738026535cda4232dc813c61447d.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
3 KB
2 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/5431/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:05 GMT
content-encoding
br
ad-auction-allowed
true
age
1630318
x-guploader-uploadid
AHxI1nPNQW-MIcb3tjy4-vklmb-ArRQFGO4Dba_vO47siPKU6CYZKanMdb4P3lVPQEX1JbjCt6Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1316
last-modified
Wed, 24 Jul 2024 15:06:02 GMT
server
UploadServer
etag
"09512239cb2a22728ca9f8608dfc2181"
x-goog-generation
1713883050962681
x-goog-hash
crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1316
accept-ranges
bytes
content-type
text/javascript
truncated
/ Frame E445
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae2301a8d3ca8d4cf3276e6be61873594f37d3a32259df31b6270ae5abf0cafa

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
v1
lb.eu-1-id5-sync.com/lb/
33 B
275 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
1427bd48864a35ad01c60c85e0904741c6edc6e401e5c3e91f4858197b9face1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
main-v2_61b786ae467e37270c1161244ee81e37.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
505 KB
110 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/5431/i.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7d5e663d14a945bf88339ef783adf85c43a0dc4605b021b0c7643c1c966f6117

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:14:02 GMT
content-encoding
br
ad-auction-allowed
true
age
33601
x-guploader-uploadid
AHxI1nOuLsT--w51lX9JgpvSXj4osvqZsQ0IkgBMADZAZJDMXbnQhB3b3RpZ1so3INoTd1xqEII
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112974
last-modified
Mon, 12 Aug 2024 15:13:52 GMT
server
UploadServer
etag
"083b58cbb038c9e9f14bc6c552e85138"
x-goog-generation
1723475632160300
x-goog-hash
crc32c=K6NMfg==, md5=CDtYy7A4yenxS8bFUuhROA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
112974
accept-ranges
bytes
content-type
text/javascript
cjs_min_3a843477d8e318f67237a66d0a58c542.js
assets.bounceexchange.com/assets/smart-tag/versioned/
49 KB
15 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/5431/i.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:42:05 GMT
content-encoding
gzip
ad-auction-allowed
true
age
1630318
x-guploader-uploadid
AHxI1nOW6aLsJ2Oz1PyqnXbV4QqwdPo0iFoY9HjlKHAS0xato12y3-zICHxgq7Od-zE1_BQ3PI4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15748
last-modified
Mon, 22 Apr 2024 20:59:52 GMT
server
UploadServer
etag
"1eb885454ea6bef1c9747800702959de"
x-goog-generation
1713819592631797
x-goog-hash
crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
15748
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
p
api.segment.io/v1/
21 B
173 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=322600617&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACgCIAB~&jid=908133510&gjid=1919646095&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&_slc=1&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&z=1913834984
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
148 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24152976-22&cid=2013332329.1723509243&jid=908133510&gjid=1919646095&_gid=1068806202.1723509243&_u=aGBAgEAjAAAAAGgCIAB~&z=342427296
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c06::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
api.segment.io/v1/
21 B
173 B
Fetch
General
Full URL
https://api.segment.io/v1/i
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/
21 B
173 B
Fetch
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=322600617&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Markets&ea=lseg.logo.seen&el=LSEG%20Logo%20seen&ev=0&_u=aGBAgEAjAAAAAGgCIAB~&jid=&gjid=&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1396876400
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 10:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
t
api.segment.io/v1/
21 B
173 B
Fetch
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=322600617&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=application.web.vitals&el=FCP&ev=862&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1129382340
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 10:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
t
api.segment.io/v1/
21 B
174 B
Fetch
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=322600617&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=caption&ea=license.caption.view&el=article&ev=0&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1615375646
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 10:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51839
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
data.cdnbasket.net/
14 B
338 B
XHR
General
Full URL
https://data.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.102.183.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
59.183.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7b76d239f05204d1e888c22f82f7df88953b3f8ff4b518c69d8f33fd736deb64

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 00:34:03 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/
14 B
338 B
XHR
General
Full URL
https://page.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.127.98.34.bc.googleusercontent.com
Software
/
Resource Hash
9d7beaa548a30109a908bb6215cb802d2efe90f81a5ca09d6bb451ef52a55eef

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 00:34:03 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/
14 B
338 B
XHR
General
Full URL
https://view.cdnbasket.net/
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.244.177.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.177.244.35.bc.googleusercontent.com
Software
/
Resource Hash
320de587a569204eddd02bceaf7081fb9f993c2f20195c7e4d314d6254fc7d77

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2024 00:34:04 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
655 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:39:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
3301
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Aug 2024 00:39:02 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:52:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2483
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 13 Aug 2024 00:52:40 GMT
js
www.googletagmanager.com/gtag/
254 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.136 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c0e2edfde5b45fbdb2cb3356d46aaea0f5fd72d667bc6bcfac544677cff16f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91667
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Aug 2024 00:34:03 GMT
onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
16 KB
5 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:41:59 GMT
content-encoding
br
ad-auction-allowed
true
age
1630324
x-guploader-uploadid
AHxI1nOXu9cyfPp-kTwaaYMLegyRTVaqzz5OQja6XIMWzExewTfyRtqZ_H4tF5akdCPR-Zv_eYod5Ev9aw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5003
last-modified
Wed, 24 Jul 2024 15:05:55 GMT
server
UploadServer
etag
"7ff99b6f1cea743cef749de91009e764"
x-goog-generation
1713883044855037
x-goog-hash
crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
5003
accept-ranges
bytes
content-type
text/javascript
ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
164 KB
37 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f591b2dd67ab481453b5cc07706b51c1ce242e0840a6a237563d261c99749546

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:13:48 GMT
content-encoding
br
ad-auction-allowed
true
age
33615
x-guploader-uploadid
AHxI1nP9tXSV8TQWB1BB-CR9fMHd-qANZ9fvIan-x5-1asFF1tyvRG-fc7U5YFut9nOtExwWgqI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37693
last-modified
Mon, 12 Aug 2024 15:13:38 GMT
server
UploadServer
etag
"c2404bb5cc46f445920a4bb863742d91"
x-goog-generation
1723475618615123
x-goog-hash
crc32c=mQf2Wg==, md5=wkBLtcxG9EWSCku4Y3QtkQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
37693
accept-ranges
bytes
content-type
text/javascript
collect
a.ad.gt/api/v1/
0
93 B
XHR
General
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:03 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8b249e04ad293c09-NRT
vary
Origin
getpixels
pixels.ad.gt/api/v1/
0
88 B
Script
General
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=0da83bd5ef4657948e1ac021ad9f1a22&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8b249e056991f5d0-NRT
view
securepubads.g.doubleclick.net/pcs/ Frame E445
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2-b0z784N15b9pi9b6IToZ56soH3Uz1puNgsQj4o_ytv4C0FRpkasqlVtDlMk55GnOgJAgAsZJrR0hKP9a4FgzDDDyOH0bkcueBXpcqgnvvLJPWhoBeM53e0TT6mtbvUb8cwpA4r0jq4bHTE62a8fXkSEoPOIq5AbKSFQKCwvLW6FIZUmgFD76oml73glWEaRW6yRE9yDAEHtiw9cQVcrlEkG-GShOUC2bLj717VLiM6tCl_pGpm_dYSbGyxmgWdRnrZ6C2-F9_-WBFC6Vb_2jdpJqI9tLdBgaMtt0ILLTCAgLFbrXdMhx8eSwkreMMYxSVTuGiEWkKU47pRXOBNdsjkZ-KbC&sai=AMfl-YTec-KuvrkYJ3I_9zP0y1oP938p4WTRMjXiNG-5_iw5ehhsOhhr7vTtiLeQ3EjPHSI-yhTwLUpDESdVURkRCBkxUOgWeHMwRZ5mNI9I0gFQkM6ioczX-edvsr68Tb0&sig=Cg0ArKJSzNh26qJTDUx1EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 00:34:03 GMT
pub
pixel.adsafeprotected.com/services/
740 B
676 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_leaderboard_atf,ss:%5B1.1,728.90,950.90,970.90,980.90,1140.90,728.100,750.100,1100.100,970.120,980.120,930.180,750.200,728.250,970.250%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
ba5de40b7cbe6f03873aff1cc840f6305ef15ac5dd8ef943e7fb36f9b5720f2e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
723 B
666 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_native_1,ss:%5B1.1,200.200,300.200,250.250,300.250,320.250,336.280,400.280,1100.375,1.1%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
0967d970546ba23248b29f7d64a09a2ff7bf43b670f398167564eb6da723cfbe

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
723 B
666 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_native_2,ss:%5B1.1,2.2,200.200,300.200,250.250,300.250,320.250,336.280,400.280,1100.375,1.1%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
1ad05e1c7f3e7156b61e7747925f1474aaff954df6ce22858fafca3699c9a051

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
727 B
669 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_recirc_end_unit,ss:%5B1.1,1.1%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
5ae1c4b5dde213a7e08eae460893f3da84b0c766e93b833d9c83c721e09868c1

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
737 B
673 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_right_rail_1,ss:%5B1.1,200.200,300.200,250.250,300.250,300.333,250.360,240.400,300.400,300.420,120.600,160.600,300.600%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
4932512f686fd1e51873bd4fbd518e684a46335e77d6b54b0a27c7b3a6b1f3dc

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
732 B
674 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_right_rail_2,ss:%5B1.1,200.200,300.200,250.250,300.250,300.333,250.360,240.400,300.400,300.420,120.600,160.600,300.600%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=875cfd88-f269-37f8-abc9-cef7f6388dd1&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a7833afc36ef15a3f9a23a89551a5d5674004ff4557d67e0f1e31009949e6e22

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
rtd
id.hadron.ad.gt/api/v1/
27 B
83 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
8b249e04db195eb9-NRT
rtd
id.hadron.ad.gt/api/v1/
27 B
83 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
8b249e04eb295eb9-NRT
rtd
id.hadron.ad.gt/api/v1/
27 B
83 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
8b249e04eb335eb9-NRT
rtd
id.hadron.ad.gt/api/v1/
27 B
83 B
Fetch
General
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
allow
POST, OPTIONS, GET
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-sv
access-control-allow-headers
*
content-length
27
cf-ray
8b249e04eb3b5eb9-NRT
jquery-3.7.1.min.js
assets.bounceexchange.com/assets/bounce/
85 KB
30 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 04 Aug 2024 20:35:29 GMT
content-encoding
br
ad-auction-allowed
true
age
705514
x-guploader-uploadid
AHxI1nPS8ul9g-iU3O6NRoOtod671gtKOBFICDTDVEaQrZfDLnYeBJdgnmq2q7cGupVexvdYwnCEd3iP2g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31023
last-modified
Thu, 01 Aug 2024 20:45:26 GMT
server
UploadServer
etag
W/"2c872dbe60f4ba70fb85356113d8b35e"
vary
Accept-Encoding
x-goog-generation
1722545126757282
x-goog-hash
crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
87533
accept-ranges
none
content-type
text/javascript; charset=UTF-8
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/
2 KB
1 KB
Script
General
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:f600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:40:48 GMT
content-encoding
gzip
via
1.1 a018f45f18ec9558f7e1e2440b769070.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
age
3196
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
N499od5DbKTgRmMbYYsj07dJzWNVlRRXdhV0tgX7dXv1CqBI5_evCw==
cookie_sync
s2s.t13.io/
3 KB
816 B
Fetch
General
Full URL
https://s2s.t13.io/cookie_sync
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f27e26e010a63cd13f8f32a7d1038e665d31fc9e3bee9bcdfc9b258a2b84ab15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
588
expires
0
auction
s2s.t13.io/openrtb2/
15 KB
6 KB
Fetch
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b49a7cc51de35b2e0ae15de49d83d9452e0d43a93369c5ecc1790cbd04a6140c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
x-prebid
pbs-java/2.15.0
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6364
expires
0
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.2&referrer=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tmax=708&us_privacy=1---
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status
29
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
14 KB
7 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=499610&zone_id=2978038&size_id=15&alt_size_ids=9%2C8%2C10%2C221&us_privacy=1---&rp_schain=1.0,1!freestar.com,792,1,,,&eid_criteo.com=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA%5E1&eid_audigent.com=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my%5E1&eid_pubcid.org=3011e5f9-a850-4322-9ffd-ccd48111ddd4%5E1&tpid_tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&eid_adserver.org=a0c430d7-4bc6-4605-a7c9-893b05a89995&rf=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&kw=HACK%2CPPL%2CUS&tg_v.id=557c0825-78a8-4723-ba62-89c92c883058&tg_i.domain=reuters.com&tg_i.page=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tg_i.name=reuters-com&tg_i.cat=IAB12-1&tg_i.sectioncat=IAB12-1&tg_i.pagecat=IAB12-1&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=1783&tg_i.fs_ad_product=lazyLoad&tg_i.pbadslot=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_2&tk_flint=pbjs_lite_v8.49.2&x_source.tid=241a02cc-4c8d-444f-9bad-b98fe4d3664b&l_pb_bid_id=2795f67c51e2f15&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5a00948f-6881-493a-bc5e-7d0e6be4d88e&rp_maxbids=1&p_gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_2&m_ch_mobile=%3F0&slots=1&rand=0.7737218287674503
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e749ae363731e85323d580f772e277135805911e8b2858682c86ef8867043d9f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
imp
g2.gumgum.com/hbid/
25 KB
10 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509243727&to=-540&aun=reuters_desktop_right_rail_2&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_2&maxw=300&maxh=600&si=340493&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0c382b4f6b0703ef7940cdd4d947345f92c68603f1b1ee6839102ffcd63e016f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
4 KB
2 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509243727&to=-540&aun=reuters_desktop_right_rail_2&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_2&maxw=300&maxh=600&si=340492&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a602fd8949bf13e4b7d58c649f4549818798128eb49a30b664effd8a8e6e5657

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
4 KB
2 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509243727&to=-540&aun=reuters_desktop_right_rail_2&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_2&maxw=300&maxh=600&si=340497&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fd38758c4d624a2eb5a966528696a610433eae5436f92d9ee5b9dbf07a9a2710

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
cdb
bidder.criteo.com/
2 KB
2 KB
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.2&cb=30344433437&lsavail=1&bundle=y47C-l9adm5kUm45cGhqbkRJcHV5VHFxcnlzcjZsRUJZcGJkc0lqYldVampMNHh0MXYlMkJhbHVVc0xQV3JoV0FoSGhiQWUyZHZiUTlhaTVCWmVISDU4TzhLRXRmUEs3YlNzNDJBdFQyUTBHalBubTY4V28lMkZqODJTYjRFdm5oclZPclpaenQ
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cb683ce0ae1698f59fa71b98ee9897aa919259731df539a043265a6a0a534066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
s2s.t13.io/openrtb2/
1 KB
490 B
Fetch
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b8baa093b795d307fb6d8a9f6860489a82221cf87de6d5b56bb6385e4db7ffce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
x-prebid
pbs-java/2.15.0
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390
expires
0
cdb
bidder.criteo.com/
2 KB
2 KB
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.2&cb=90299474235&lsavail=1&bundle=y47C-l9adm5kUm45cGhqbkRJcHV5VHFxcnlzcjZsRUJZcGJkc0lqYldVampMNHh0MXYlMkJhbHVVc0xQV3JoV0FoSGhiQWUyZHZiUTlhaTVCWmVISDU4TzhLRXRmUEs3YlNzNDJBdFQyUTBHalBubTY4V28lMkZqODJTYjRFdm5oclZPclpaenQ
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f0d7bb1a7b226cdb3a85ff8fe71a7ddc20ff50f58dc3f00e1f6032ec9326ee2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.2&referrer=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tmax=708&us_privacy=1---
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr
x-auction-status
29
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&redirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dmedianet%2...
  • https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3665108441268306000V10
86 B
118 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3665108441268306000V10
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 13 Aug 2024 00:34:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://s2s.t13.io/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=3665108441268306000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
154
x-mnet-hl2
E
expires
Tue, 13 Aug 2024 00:34:04 GMT
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 4D5D
0
0
Document
General
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
ad-auction-allowed
true
age
207507
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Sat, 10 Aug 2024 14:55:36 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Thu, 08 Aug 2024 18:00:03 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1723140002917464
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
AHxI1nM6fhvP3uWXMPdRD7yv-JmDIWSGWacSSIDCIhP9vuZjtELBPyMVV-kmtXI9SokdBYuhcbz0AVEEQQ
init1.js
api.bounceexchange.com/bounce/
42 KB
9 KB
Script
General
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=677&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAmAZgFYAGATmIBZTrLTNgAvEKAWnLsswDuAUwBGOVMCEB9VABMovUvkwAnIThAAbOGgwEAbJUoAPfMSOqhMISrUqo2AIabNqBAHMpcFZqgALYGAABxwAUlIAQVDiADFomIFEgDo1HRscJKQQAFt4xxU0JE0heLgcLjLHLiCVEFk4XC4szQxUZ2rUIKFXBCEuFUcEDVzY7JA1fsHhgXy+4TEJdS5ZVBxHIK78rjcuRxhJFWzHYD8uEBgmrVb2oM7utz6-RyQAa23ZAFUAZQBpAGEAHLEP4ADUoPwAKvFMAA3VYSKRZEAvVBCKChQgAIWixE0QRx4SixGIAWCYWI5Ei0XIsWpsUSAhSQjSKgyWRGNJi+UKxTpMTKFTW1Vq9UazWumg6XR6fQGQxyfLGEzl01mXHm4kk5RWaw2Qi2Oz2ByOJzOF3FCDaktu0oeXCer3e33+QNB4KhFNpxOifxxKgJVO93sIABFsCBkaj0VicStZAGicR8NQzJQAByUfRZuj6NOESgMQikAnAnFw+PeyJEMhUWgMNPUNP4JsYsMw-I4ADaZRsUha7ncQlkMgQAF1YM4cEJw5HpKAQH38oOJ5op5gREEoPwhMEoJ3R5ggsA8OHskFXIMkNIYJpHO4HDCnlAgA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fae53af17cda85c6482aabeead1dbb2cb119f2d08ba01e3668ba87610f764fc8

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
gzip
x-envoy-decorator-operation
legacy-api-tier1.legacy-api.svc.cluster.local:80/*
last-modified
Tue, 13 Aug 2024 00:34:03 GMT
via
1.1 google
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
9
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
a-07no
i.liadm.com/s/c/ Frame 9845
0
0
Document
General
Full URL
https://i.liadm.com/s/c/a-07no?duid=f511229f0ef8--01j54jfycrvra8zst36mp2853h&euns=0&s=&us_privacy=1---&version=v2.14.3&cd=.reuters.com
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-07no.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.70.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-70-114.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
667
Content-Type
text/html; charset=UTF-8
Date
Tue, 13 Aug 2024 00:34:04 GMT
Request-Time
17
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
pixel;r=1781821907;labels=keywords.HACK%2Ckeywords.PPL%2Ckeywords.US%2Ccategory.HACK%2Ccategory.PPL%2Ccategory.US%2Ccategory.Technology%2Ctitle.More%20ransomware%20websites%20disappear%20in%20after...
pixel.quantserve.com/
35 B
1 KB
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1781821907;labels=keywords.HACK%2Ckeywords.PPL%2Ckeywords.US%2Ccategory.HACK%2Ccategory.PPL%2Ccategory.US%2Ccategory.Technology%2Ctitle.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%2Ctitle.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%2Ctitle.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters%2Cauthor.Raphael%20Satter;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;uht=2;fpan=1;fpa=P0-1053854103-1723509243689;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;us_privacy=1---;ref=;d=reuters.com;dst=0;et=1723509243955;tzo=-540;ogl=title.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ereuters%252Ecom%2Fpf%2Fresources%2Fimages%2Freuters%2Freuters-default%252Ewebp%3Fd%3D207%2Curl.https%3A%2F%2Fwww%252Ereuters%252Ecom%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in%2Cdescription.Two%20more%20ransomware%20operators%20appear%20to%20have%20disappeared%20from%20the%20web%252C%20a%20cyberse%2Clocale.en_US%2Csite_name.Reuters%2Cimage%3Aurl.https%3A%2F%2Fwww%252Ereuters%252Ecom%2Fpf%2Fresources%2Fimages%2Freuters%2Freuters-default%252Ewebp%3Fd%3D207%2Cimage%3Awidth.1200%2Cimage%3Aheight.628%2Cimage%3Aalt.Reuters%20logo%2Clocale%3Aalternate.en_US%2Carticle%3Amodified_time.2021-05-16T21%3A51%3A28%252E000Z%2Cupdated_time.2021-05-16T21%3A51%3A28%252E000Z%2Carticle%3Apublished_time.2021-05-16T21%3A51%3A28%252E000Z;ses=ff15012f-d517-4aec-859c-0d47ae2beda4;mdl=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["LQQ92PJpqWDd4WW6LWwl2A=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["zoFO++w2/6v9llci9SAJiQ=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["kPmuOAIJ7cfFHRlyq2/tyA=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["RBZeUgp13OMAb9fY1Ccyog=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["oEBjngAWdGsmpMbp0W+DQg=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["ejeE3DcGnne2XMEXX3jW6A=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["uMqBrKJuyeYBjLCPG5v4eA=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["UfHmZbndmL31r/JQMAQpjw=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["gp9giuAdiqzslB+8bv0Whg=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["ohP5rVo1gktzitaDi0cZMA=="],"pcode":["p-UeXruRVtZz7w6"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ixmatch.html
js-sec.indexww.com/um/ Frame C167
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
397
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8b249e077dd7f577-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
Tue, 13 Aug 2024 04:34:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A9DD
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=136060
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
Wed, 14 Aug 2024 14:21:44 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A624
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.85.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-85-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:04 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
contextual
contextual-analytics.wunderkind.co/api/
167 B
332 B
XHR
General
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&website_id=5431
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
c812d6502bd73930d3d5cdb5244d339a2a70b6303d32b362873d2f973d5b1056

Request headers

Accept
*/*
Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:04 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
content-type
application/json
creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 03:41:51 GMT
content-encoding
gzip
ad-auction-allowed
true
age
1630333
x-guploader-uploadid
AHxI1nM4U34jlJhbyIwoRw110TFdkZhcocqRjtCx0SKcVioz0rjg-vnuEFzw2I5c8wU337HQqtN0aqwm9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6053
last-modified
Tue, 13 Dec 2022 17:12:22 GMT
server
UploadServer
etag
"54f61bdcbfb6f81427c8a6803f48b02f"
vary
Accept-Encoding
x-goog-generation
1670951542233151
x-goog-hash
crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6053
accept-ranges
bytes
content-type
text/css
visit
events.bouncex.net/track.gif/
42 B
206 B
Image
General
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoANARm8oGYAQmwAyITLAAebSQA4AbAH15AFgCUbAIIAHbaQQB1BACMA0lBoN+Adkb95bdqYASAFTwiaAYTakQAawQ2AHEEAGN-Ag1qZi8ACyQCAFsgum5qW2YWFjYAZRQAMxQkEEt6Gzt5ADJQCBgkBALkBqQcGvAoaApMABNxNG10BFgkUhw4yEhtMBpyzVm6BdoAd1XGBthIZDBGMOSl4sgQMP0l+ABaeBRz7USe2DDIMHO90gJMEBRSG5BtBD9MAhzqhMGB9tR6HQkgQGsCUKDkstikDliY6ghnn0wChdAhiudxOdClskEkUJA4ucCAUXgQ3h8vj8-gCgXEUBECT0AKq5UxeABy1C8nGYplcS3adWgDTBpE2IHekhw3HkzGYks6Mrp8veAE9lTF1bVOmF4JBksBip9jPowDhKNZhNRqPBkIo3mgMD1FOIaNQBPNnUVSIg-Q6ACIamB7Aj+EAIe2Ov19Hph-iB6jcACc6WYsmY8kLKnksmszBUNn4YaFftAqedAe41mo-HozCz1ArWdk-FkKlYNaDwEgac0TZbbY7Fe8fpQBFHA58ztI2lHfomUxmEPTSyWq2W62GJJ2eySByQRxOqUhtAuVxudweT1p9M+320v3+4iBILBZ4hUIwj+8J-kisKosY6KYuAOJ-PihLEsgZIUlSNKvO8b5Ml+gLnGyHIgNyvICkKIpiruDaDtQKBbv66aLrW2jAKOfCUfWtEZmxM7Okga4Uf6lFhMOzHNq27adlWlEQJx6bnCxS7UGgYQ8Q26b0A4lH-ux9HLkJKljiJk7iVx1BhCgSSDCAaCgmuSbOtwsjULIWZljZTrUMATF6dp1CkLp7HjqJU5VtY4YRsZnnsQ6wghRGVSuqgGDYNAxiJMsiCtPEiQpHF6VDElwDbAqmAGpk2TqvFeUwHo5IFDCSQ4GIEiSDlyCVdAPQIKAYQIJAup-DgHVgP45raFUppgOaKRINAbJgHsmAFReCA9Dg6oYAQ0B7LA2BILqewdTgABSAAKVTrZtBDbZAu37Qg-BHcd-JnQgG1bTtuqYGZCaHTi8LPRtDRoEVyr8P90oIED7yfSkOCuLGuoEGDYRQPqcP+AjYPaAQE1fLdyr9ucarMNwYMUEckCwAdraMNU530kDFMHdw-BZow1hI+8RyAtgeOaLkVTQgd6oQeiBE4PQFYk8aRwrQFhldj2fbqh1XUIGL2a5vmhaqCWZYVtYoODBgoAIMs6tVIgACOsBYN1Yvqic8bYEcKQ4+ZyoGWJKj9vYY1+FgkA4iAi0QO8OCB2goMq8cCY9FUFIgEg3qDBeuqKBNMJDIoWIoDay04MGiDx0QBA4OcEvqmCIzdTgEFVJVODxUAA
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/
42 B
99 B
Image
General
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdKhMrhKoUwMYD2AW3ohUuGD3QR6yQgFoZIWcFR8AJsh645-dHwB2MEOiUxgEdDD0RZqEHsKD6Avqxt2HA+COvwIAI0IYDjlVGEIQYDMRWUtZEAAzDlQBEFxsWT542R19Q2NgU3NLa2wQHgBrGNUAVQBlAGkAYQA5KkaADQAGeoAVegAyUEhYBEQeGVxBKBFDP0lCTGIAdgAhaioZTgB9XTBIVS3LdbJKKip4o0IpM+WAEUHwaDgkfj5yuECALwhMUgBOABsD2GzzGdlyPCMOHwRBO9HojHgLDYSW4-CEtBEYgk1xoHB42D0fF2AE8nC5rLZ7IIvK5fAEghAQmEIlFUDE9HFEpwUmkMlkcgYjCYzBYrLJShUqnUmq0Ot0+rRgU9Rq93hAtpM+DsRJBMBd0FdlSMXnw3nBNSSzL9gIbjaC1Ravj8qAAWToARn66OAYwEwEwnW9gl9uB48UwXp9KEIAajIcQYEigeD-pjvsIuFQljAkdk+f6rF0IFUjRA-pAMDA9gAalQU85VD8g-TAhwYKpMABWV2kL2wNsdyNLKikLudP5u-4ADlI0-d-SbsB4ECHHr+HqonWnnQBe9dAOnS06vaWpHtCDX-SuAEdkBA9CurxI4Hp8DABEzcOW4yOxxO3XdUglm9CwH2-AooE4QJ9Ewb8wHPJdxB+VR+jSGBUAOUBRBJLZMxcR4tlCcI5ggTsDSNXBPj4TBZB7IMHDQFdMHpfpHjfTBNlQIA
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
article_view
events.bouncex.net/track.gif/
42 B
96 B
Image
General
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgLkmeBeAsgexHApAJgAYRgA7AZ0wFsB3UPImuAI3IjDnIMIBMJzgAB0FxQ3CKW7AAZhxBVgYABbdM07gGFMMTKQjAY3AAoQRMCQ0JLgUANYAyUJFiIAriBiolYMIK4BmAEECADFQmgiAOhxXOXJIqGpQp2h4UI4oJVJtTABzAE9Qqmw4AFoSCmo6HFKmVnZOUr4BYVEQUolSmTkFZVK1UsSdPQNSwVM4c1Iy6zsOngBVAGUAaQ0AOXwNAA1CFYAVUMdwVMQIBVy4Lx8-XCDQ8KiYuISk-BDBdXecSncoTlC52Aly43zgsTgIFBIWekPITTg0mArhgYEidUEdxCPDuABEiAB2Y7OeAIQSuZg8RRXIj4ACMpUIAFZSnSAGz7el3QJMunc-AADkihBFAC1iacEDxOFAQKZILpUPsaJhuMUcNwKpRaPRVCISGBsKDCEIRGIiIbuNYAG6WZqmtpwHFEaQgN6EZSWOoEDRSbhQfLMOFwKDudiFIg-NqZSHcAQQZ2EXTcJauUhUiO+ogSKTZT0gbiCTAcUiQAxSWRwpSYOzcaTaHQ0CS5bjKfhq3TKADkxtmtlUX0IC0iS0iddck1bWqL4H91EEZAjhC0w30hiIJjMFkiEpcCGRymwqAASkJrJOiEtFHJd6TbHB8iqQDxyKhcEyAEIEfAACUCGhWb8fW-IwjAAGSArZv2WICmVxW9EBgMhclcYErjgUhSmWBCECQ8gwGKHhUFpBlmVZDkuSCXl+SFEVCHFQirkIew6jYDgE1QJkABZ-DpexrX4dgOLpAl8H8JlCAATnwHjJIFfwBS45jpQE-5hMkukiAFQg2V0ri2QFAlCB4gl-HsBdLgEuAmyIvjyDgABHCdSDUoj8HsWAIAwnxzk4MBgCoQRUBEsSJOkrilK4ySPPMbyhAgW0oQgRV-NyMyVOgK4eHsNtnwAfQXcB8jy-DsDQvL7WYeAiKRGB7JygAvTBUFKbjmN+EB-lQOpHEuUtUFceyQCAA
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
adlog.php
fundingchoicesmessages.google.com/f/AGSKWxUCkP0hdhpeaB4r0WI6I0AFNwwku28entv2D3hFVYvzyrRHBhtyrojuDBHBJrpXHvxIAqbO02c8Q99CP7924XFKEE-EzOaQlm4L246Txf_485PvbwZaqRhsYp8qf5PZtjHTVMJ-O1Tr_Q-pY9X3BZljhKQwq...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUCkP0hdhpeaB4r0WI6I0AFNwwku28entv2D3hFVYvzyrRHBhtyrojuDBHBJrpXHvxIAqbO02c8Q99CP7924XFKEE-EzOaQlm4L246Txf_485PvbwZaqRhsYp8qf5PZtjHTVMJ-O1Tr_Q-pY9X3BZljhKQwqSx4va3nGVuiduz3e-pOtozx_089i4LY/_/slafc.js/ad-template./ads728./adlog.php?/ad_entry_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxiShJaWXZOPqB2XGzV-j1Kw5bUvA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
a9c4864ee6e27a1e8eb6a27acdbc1eacd207cbf2bff858bed156bff238efb6cc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4fRGUoaJJ5zksibadhESBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4fRGUoaJJ5zksibadhESBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QLz34yXWo0DsyHGZ1ROIhbg5_lx-tZVN4EZfm5WSRlJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalG8kYGRiYGFoaGegXl8gQEAiypEwg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
59 KB
22 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxiShJaWXZOPqB2XGzV-j1Kw5bUvA/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7e57f023475e085ccb55cbb1c37501115fd0e746b60d30eedd1dea100bdb9586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:18:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22046
x-xss-protection
0
server
cafe
etag
1319350126586531441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 01:18:28 GMT
AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WIKUxZzc_DKOUOM06Vh79w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-WIKUxZzc_DKOUOM06Vh79w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw05BicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIib48_lV1vZBE5sfheg5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMLAwN9QzM4wsMAJzhNNk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
auction
s2s.t13.io/openrtb2/
1 KB
576 B
Fetch
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
dd3df42171977ba483118cb045354657fac32777b08ccab6e6a70af9ec2ef33f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
x-prebid
pbs-java/2.15.0
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
515
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
721 B
754 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=499610&zone_id=2978038&size_id=2&alt_size_ids=55%2C57%2C221&us_privacy=1---&rp_schain=1.0,1!freestar.com,792,1,,,&eid_criteo.com=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA%5E1&eid_audigent.com=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my%5E1&eid_pubcid.org=3011e5f9-a850-4322-9ffd-ccd48111ddd4%5E1&tpid_tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&eid_adserver.org=a0c430d7-4bc6-4605-a7c9-893b05a89995&rf=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&kw=HACK%2CPPL%2CUS&tg_v.id=557c0825-78a8-4723-ba62-89c92c883058&tg_i.domain=reuters.com&tg_i.page=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tg_i.name=reuters-com&tg_i.cat=IAB12-1&tg_i.sectioncat=IAB12-1&tg_i.pagecat=IAB12-1&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=1783&tg_i.fs_ad_product=lazyLoad&tg_i.pbadslot=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_leaderboard_atf&tk_flint=pbjs_lite_v8.49.2&x_source.tid=b8c9e11b-9b07-4ad0-9a48-70be6a806a52&l_pb_bid_id=55b693acd261023&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d2a68b7c-c464-484a-be89-f50a56400157&rp_maxbids=1&p_gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_leaderboard_atf&m_ch_mobile=%3F0&slots=1&rand=0.6203304227167739
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3de6d5c242763f065fee4c0f4b630ee115b088f47cebace0e8c654be8768bba9

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
721
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/
2 KB
2 KB
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.2&cb=15873292271&lsavail=1&bundle=y47C-l9adm5kUm45cGhqbkRJcHV5VHFxcnlzcjZsRUJZcGJkc0lqYldVampMNHh0MXYlMkJhbHVVc0xQV3JoV0FoSGhiQWUyZHZiUTlhaTVCWmVISDU4TzhLRXRmUEs3YlNzNDJBdFQyUTBHalBubTY4V28lMkZqODJTYjRFdm5oclZPclpaenQ
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bd616a09ee2478443e055159b0b61ca10920f65a72c7a2b0c835d6acd5e9eaa9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
imp
g2.gumgum.com/hbid/
4 KB
2 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509244170&to=-540&aun=reuters_desktop_leaderboard_atf&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_leaderboard_atf&maxw=970&maxh=250&si=340494&pi=3&bf=970x250%2C970x90%2C728x90%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
36b5b2a130cf51a7b2ef5ad45da9b8831672943077132e11bbddc1c610236be3

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
4 KB
2 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509244170&to=-540&aun=reuters_desktop_leaderboard_atf&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_leaderboard_atf&maxw=970&maxh=250&si=340495&pi=3&bf=970x250%2C970x90%2C728x90%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
664352bdd12bcc85e70e125ca334b3090c46d2d0bee63785afb40fa8c50baa1c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.2&referrer=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tmax=708&us_privacy=1---
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status
29
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=185098633813002&correlator=1087370772766664&eid=31079956%2C31086034%2C31085718%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C1x1%7C200x200%7C300x200%7C250x250%7C300x250%7C320x250%7C336x280%7C400x280%7C1100x375&fluid=height&ifi=2&didk=78326732&sfv=1-0-40&eri=33&sc=1&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&abxe=1&dt=1723509244220&lmt=1723508782&adxs=263&adys=1497&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=707x0&msz=707x0&fws=0&ohw=0&psts=AOrYGsko7S4DRmB_tzJl2_HaJ1SG_CSZDWkU6oUCMka7XeMgVlceq7SUpnJN36hh1WDCQOKB42OMNsCEeWGaamLT_AkzGw&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723509241216&idt=1432&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D6b6f42b2-bb24-4da3-a136-3d98d0c28285%26fs_placementName%3Dreuters_desktop_native_1%26fs_ad_product%3DlazyLoad%26type%3Dnative%26div_id%3Dreuters_desktop_native_1%26id%3Dbddaccc1-590b-11ef-be09-069997b3a90f%26vw%3D40%2C50%2C60%2C70%2C80%26grm%3D40%2C50%2C60%2C70%2C80%26fs-auuid%3Db0465ed6-6f8c-4b20-9c39-aaecb4feca0a%26fsbid%3D0%26hb_auction_id%3D5821721c-b9db-4558-a2c4-74cc76e7d2de%26freestar_path%3D%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F%26freestar_domain%3Dreuters.com%26custom_bidder_size%3Dcriteo_336x280%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.03%26hb_adid%3D1058e83cdfa194ac%26hb_bidder%3Dcriteo&cust_params=fs_session_id%3D861f4e5f-ce72-422f-ba34-c09e9b95410b%26fs_pageview_id%3D4b2190ce56a74633a683b23c26fec26f%26fsitf%3DYYYYYNYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D1%26fs_clientservermask%3D13033132300201320012002%26fs_testgroup%3Dexperiment%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Cadv%252Cbugp%252Crts%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=3441933748&frm=20&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
f16bb63db290e016a9ed5a46c175d3aae3cc0e0a2c583cd4a93346426d9bebef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12524
x-xss-protection
0
google-lineitem-id
6703581563
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138471995887
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8YCcU6S9qQZ_XYE_rdJI6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8YCcU6S9qQZ_XYE_rdJI6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII0JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIib48_lV1vZBC4c21en5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMLAwN9QzM4wsMAKTsNPQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sPPd_Z_zeWkHMwR4sGddkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sPPd_Z_zeWkHMwR4sGddkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII0JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIib48_lV1vZBHb8b6xXcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFoaGegbm8QUGAJ1cNNk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV1I74p7Au6REAA8N_FNNf2oLSBvilNDQry7G2Xd9FG11KmKFXBHOnPf9AAsYArUh54iV4LqXwcW_jO2NB-g3BCMWSx7188omeLjW99VwI0Wxqd6oHlmx0OaRxUITOcsHhe3Lq72g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dEWgsD9xd2Ov5dizqoxvSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dEWgsD9xd2Ov5dizqoxvSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIib48_lV1vZBBpmnqhTcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFoaGegbm8QUGAIEkNHw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWPD2LZS0WpTfA2KfeBW2-DA2tmZQAp5H7MmKaOseMRnnEtzO43SHM8mUYksXAdUjRyia4yFvTR-bYmkgdPwYB5O1GqA6kRLfp81bP2OJYIrLSVV9iDGyywsUUSJMDzK8nuMifq-w==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWPD2LZS0WpTfA2KfeBW2-DA2tmZQAp5H7MmKaOseMRnnEtzO43SHM8mUYksXAdUjRyia4yFvTR-bYmkgdPwYB5O1GqA6kRLfp81bP2OJYIrLSVV9iDGyywsUUSJMDzK8nuMifq-w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTA5MjQ0LDI0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiamEiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucmV1dGVycy5jb20vYXJ0aWNsZS91cy11c2EtcHJvZHVjdHMtY29sb25pYWwtcGlwZWxpbmUtcmFuc29tL21vcmUtcmFuc29td2FyZS13ZWJzaXRlcy1kaXNhcHBlYXItaW4tYWZ0ZXJtYXRoLW9mLWNvbG9uaWFsLXBpcGVsaW5lLWhhY2staWRVU0tDTjJDWDBLVC8iLG51bGwsW1s4LCJva2xWWk4zaEh3OCJdLFs5LCJqYSJdLFsyMiwidHJ1ZSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
7a142cfcd37a37d2e309f7d93e65d80e9d8a7aae902beb9ab7679f2b4de308fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uo97s37MoTs1ZSSRfBRfeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-Uo97s37MoTs1ZSSRfBRfeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BeHr9Jdb5QLz34yXWo0DsyHGZ1ROIhXg4_lx-tZVN4MCfX62MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGFoaGegbm8QUGAPKcRdk"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
882.json
id5-sync.com/g/v2/
632 B
1 KB
Fetch
General
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
54dccd1885fc5f26d942531e2afe4b4efe359029568fca00587f134ca3fd8539
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.reuters.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
events
api.permutive.com/v2.0/batch/
101 B
130 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
c6eadaa139890c12b853419fb2c7cdec1ca4bf0ae51936d2f77c1ffc7f3958c1

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
AGSKWxX1ER90bw_iJpNBsaCGzCyRunafABOOv_Lq4ts7JT9TVRt78NrYMlIizOrgSgIMxJii9GLCQe0nohscNSy_u3aaMAp3COuVw_luJGLDRLq6DYQEwVjGgvRhEFd1vfMzdxu7hg-IFA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX1ER90bw_iJpNBsaCGzCyRunafABOOv_Lq4ts7JT9TVRt78NrYMlIizOrgSgIMxJii9GLCQe0nohscNSy_u3aaMAp3COuVw_luJGLDRLq6DYQEwVjGgvRhEFd1vfMzdxu7hg-IFA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8BevbMRqbxnhQWLPXSS9Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-8BevbMRqbxnhQWLPXSS9Cg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjstHikmLw0pBiWMS_i8kpfQZrABC7a11k9QfiJREXWQ8kXmSdXn-JdT4Q7_14ifUoEDtyXGb1BGIhHo4_l19tZRM4cXbpXEYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWioZ2AeX2AAAIaWNmY"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4CFB
0
0
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.176 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-176.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 13 Aug 2024 00:34:04 GMT
ETag
"623de86a-cf34"
Expires
Wed, 14 Aug 2024 00:34:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 7E7A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=a0c430d7-4bc6-4605-a7c9-893b05a89995
0
0
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=a0c430d7-4bc6-4605-a7c9-893b05a89995
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.251.104 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-251-104.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 13 Aug 2024 00:34:04 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Tue, 13 Aug 2024 00:34:04 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=a0c430d7-4bc6-4605-a7c9-893b05a89995
server
Kestrel
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 40A2
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=0&us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=136060
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
Wed, 14 Aug 2024 14:21:44 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 67C7
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=136060
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
Wed, 14 Aug 2024 14:21:44 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5FAF
0
0
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
397
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8b249e077dd7f577-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
Tue, 13 Aug 2024 04:34:04 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 0CFC
0
0
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV80NDE0NTAxYy03MGE4LTQyM2YtYjI0MS1kNTRmOWI1ODIwNzE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sin01s16-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
sync
eb2.3lift.com/ Frame B160
0
0
Document
General
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1069
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 00:34:04 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
  • https://stags.bluekai.com/site/92145?id=3060b713-2f20-439d-aa81-86de87c2d06f&redir=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D452%26ssp%3Dthemediagrid%26user_id%3D&limit=1
  • https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 00:34:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=452&ssp=themediagrid&user_id=
x-request-id
04ec4d8256335f180dca945633253d21
date
Tue, 13 Aug 2024 00:34:05 GMT
content-length
0
bk-server
3cc2
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
setuid
s2s.t13.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=6058041479265940066
86 B
116 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=6058041479265940066
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
an-x-request-uuid
ba6db455-8d9a-4cb8-a92f-de4c2e96fdf7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s2s.t13.io/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=6058041479265940066
x-proxy-origin
146.70.201.171; 146.70.201.171; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=185098633813002&correlator=1087370772766664&eid=31079956%2C31086034%2C31085718%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C200x200%7C300x200%7C250x250%7C300x250%7C300x333%7C250x360%7C240x400%7C300x400%7C300x420%7C120x600%7C160x600%7C300x600&ifi=3&didk=1594545083&sfv=1-0-40&eri=33&sc=1&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&abxe=1&dt=1723509244373&lmt=1723508782&adxs=1088&adys=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=200x0&msz=200x0&fws=512&ohw=0&psts=AOrYGsko7S4DRmB_tzJl2_HaJ1SG_CSZDWkU6oUCMka7XeMgVlceq7SUpnJN36hh1WDCQOKB42OMNsCEeWGaamLT_AkzGw&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723509241216&idt=1432&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Da6da782d-113f-4d4e-9a80-8d082c316264%26fs_placementName%3Dreuters_desktop_right_rail_2%26fs_ad_product%3DlazyLoad%26type%3Dmpu2%26div_id%3Dreuters_desktop_right_rail_2%26id%3Dbdda7eb2-590b-11ef-b7be-0a980bd416ed%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%26fs-auuid%3D75f5171c-d4ff-4add-a16a-7becd04006c8%26fsbid%3Dtimeout&cust_params=fs_session_id%3D861f4e5f-ce72-422f-ba34-c09e9b95410b%26fs_pageview_id%3D4b2190ce56a74633a683b23c26fec26f%26fsitf%3DYYYYYNYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D1%26fs_clientservermask%3D13033132300201320012002%26fs_testgroup%3Dexperiment%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Cadv%252Cbugp%252Crts%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=1537550920&frm=20&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
71ed7da19f4cfcc8afad3975607cddae9cee1dd96a7961e66a56973bec63a5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12580
x-xss-protection
0
google-lineitem-id
6087579048
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402384520
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
63 KB
31 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=185098633813002&correlator=1087370772766664&eid=31079956%2C31086034%2C31085718%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C728x90%7C950x90%7C970x90%7C980x90%7C1140x90%7C728x100%7C750x100%7C1100x100%7C970x120%7C980x120%7C930x180%7C750x200%7C728x250%7C970x250&ifi=4&didk=1503827643&sfv=1-0-40&eri=33&sc=1&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&abxe=1&dt=1723509244386&lmt=1723508782&adxs=436&adys=138&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=728x0&msz=728x0&fws=512&ohw=0&psts=AOrYGsko7S4DRmB_tzJl2_HaJ1SG_CSZDWkU6oUCMka7XeMgVlceq7SUpnJN36hh1WDCQOKB42OMNsCEeWGaamLT_AkzGw&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723509241216&idt=1432&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D801ed289-25e6-4d85-8f9a-8428715a7e39%26fs_placementName%3Dreuters_desktop_leaderboard_atf%26fs_ad_product%3DlazyLoad%26type%3Dleaderboard%26div_id%3Dreuters_desktop_leaderboard_atf%26id%3Dbdd9944b-590b-11ef-b7be-0a980bd416ed%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26fs-auuid%3D935301e0-94d5-4686-8254-0982e71f760e%26fsbid%3Dtimeout&cust_params=fs_session_id%3D861f4e5f-ce72-422f-ba34-c09e9b95410b%26fs_pageview_id%3D4b2190ce56a74633a683b23c26fec26f%26fsitf%3DYYYYYNYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D1%26fs_clientservermask%3D13033132300201320012002%26fs_testgroup%3Dexperiment%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Cadv%252Cbugp%252Crts%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=4221809708&frm=20&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
478f2222bd4b659ff731748fa4c7e22003dfc6dec1651f7986bf83ff263b12a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31869
x-xss-protection
0
google-lineitem-id
6481097255
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138461204534
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=185098633813002&correlator=1087370772766664&eid=31079956%2C31086034%2C31085718%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C200x200%7C300x200%7C250x250%7C300x250%7C300x333%7C250x360%7C240x400%7C300x400%7C300x420%7C120x600%7C160x600%7C300x600&ifi=5&didk=1594544196&sfv=1-0-40&eri=33&sc=1&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&abxe=1&dt=1723509244395&lmt=1723508782&adxs=1088&adys=393&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=200x0&msz=200x0&fws=512&ohw=0&psts=AOrYGsko7S4DRmB_tzJl2_HaJ1SG_CSZDWkU6oUCMka7XeMgVlceq7SUpnJN36hh1WDCQOKB42OMNsCEeWGaamLT_AkzGw&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723509241216&idt=1432&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D38d40694-5a81-414c-bbff-2c9e43f5eea7%26fs_placementName%3Dreuters_desktop_right_rail_1%26fs_ad_product%3DlazyLoad%26type%3Dmpu%26div_id%3Dreuters_desktop_right_rail_1%26id%3Dbdda7e5e-590b-11ef-a3bd-0a3658ae7de1%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90%26fsbid%3Dtimeout&cust_params=fs_session_id%3D861f4e5f-ce72-422f-ba34-c09e9b95410b%26fs_pageview_id%3D4b2190ce56a74633a683b23c26fec26f%26fsitf%3DYYYYYNYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D1%26fs_clientservermask%3D13033132300201320012002%26fs_testgroup%3Dexperiment%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Cadv%252Cbugp%252Crts%26prmtvsdk%3Dweb%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=1537550921&frm=20&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6c391c2804ec418cb11a5a915c63c9f7414716ec56a5b4cdf2ee57bd1b78e1ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12583
x-xss-protection
0
google-lineitem-id
6087579048
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138420678142
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
s2s.t13.io/openrtb2/
56 KB
23 KB
Fetch
General
Full URL
https://s2s.t13.io/openrtb2/auction
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
12e1d0605c15b9d854d8f6535b9b05915e48f9a250e00410d5191ab8c12abe5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
x-prebid
pbs-java/2.15.0
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23387
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
14 KB
6 KB
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=499610&zone_id=2978038&size_id=15&alt_size_ids=9%2C8%2C10%2C221&us_privacy=1---&rp_schain=1.0,1!freestar.com,792,1,,,&eid_criteo.com=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA%5E1&eid_audigent.com=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my%5E1&eid_pubcid.org=3011e5f9-a850-4322-9ffd-ccd48111ddd4%5E1&tpid_tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&eid_adserver.org=a0c430d7-4bc6-4605-a7c9-893b05a89995&rf=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&kw=HACK%2CPPL%2CUS&tg_v.id=557c0825-78a8-4723-ba62-89c92c883058&tg_i.domain=reuters.com&tg_i.page=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tg_i.name=reuters-com&tg_i.cat=IAB12-1&tg_i.sectioncat=IAB12-1&tg_i.pagecat=IAB12-1&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=1783&tg_i.fs_ad_product=lazyLoad&tg_i.pbadslot=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_1&tk_flint=pbjs_lite_v8.49.2&x_source.tid=a1270caf-a683-40d0-9643-19998a41992a&l_pb_bid_id=861d7d52dbea867&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b5fbc7af-e36d-4356-89bd-333775545c14&rp_maxbids=1&p_gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_1&m_ch_mobile=%3F0&slots=1&rand=0.3546568872231892
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1893420e99d00bf508789dd95c0132d5ef869cf47e8af422ca15fb5e9b17839f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/
2 KB
2 KB
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.2&cb=45568750813&lsavail=1&bundle=y47C-l9adm5kUm45cGhqbkRJcHV5VHFxcnlzcjZsRUJZcGJkc0lqYldVampMNHh0MXYlMkJhbHVVc0xQV3JoV0FoSGhiQWUyZHZiUTlhaTVCWmVISDU4TzhLRXRmUEs3YlNzNDJBdFQyUTBHalBubTY4V28lMkZqODJTYjRFdm5oclZPclpaenQ
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b912d6c89c90134bf04f50af7063aa07d62846d35b1888c9276c4b82ecce8897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
auction
tlx.3lift.com/header/
19 B
1 KB
Fetch
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.2&referrer=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tmax=708&us_privacy=1---
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.169.90.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-169-90-152.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
content-encoding
gzip
accept-ch
sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status
29
observe-browsing-topics
?1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
imp
g2.gumgum.com/hbid/
29 KB
10 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509244403&to=-540&aun=reuters_desktop_right_rail_1&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_1&pv=ac7daa2b-d8ce-4598-8511-b48fae537617&maxw=300&maxh=600&si=340493&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
41fa3675d131508fca85bb53517def30f7f979208c9211e4fd97635e0e31f8a0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
26 KB
10 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509244403&to=-540&aun=reuters_desktop_right_rail_1&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_1&pv=ac7daa2b-d8ce-4598-8511-b48fae537617&maxw=300&maxh=600&si=340492&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
94cc0c420b9ed6e3d83d0766e25189e571d0c2c29097846f30a7737e1e8256c2

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/
26 KB
10 KB
Fetch
General
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.49.2&lt=1723509244403&to=-540&aun=reuters_desktop_right_rail_1&criteoId=hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA&hadronId=060ixdlju6a65kihgfc676faj6hbef6ekceuok0wi0e0yyusqoi020oew0sgmo0my&pubcid=3011e5f9-a850-4322-9ffd-ccd48111ddd4&tdid=a0c430d7-4bc6-4605-a7c9-893b05a89995&gpid=%2F4735792%2Freuters.com%2Ftechnology%2Farticle%2Freuters_desktop_right_rail_1&pv=ac7daa2b-d8ce-4598-8511-b48fae537617&maxw=300&maxh=600&si=340497&pi=3&bf=300x600%2C160x600%2C120x600%2C300x250%2C1x1&uspConsent=1---&schain=1.0%2C1!freestar.com%2C792%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.49.2%22%7D&ogu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ns=10240
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.62.253 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-62-253.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5159fe2ac1dcc8473fc68fb9b41745f3f6a101e2dc6715746e47602ef30f3543

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Aug 2024 00:34:04 GMT
setuid
s2s.t13.io/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gd...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gd...
  • https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=d4250aa9-51be-44d5-ae43-81cf35b58400
86 B
116 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=d4250aa9-51be-44d5-ae43-81cf35b58400
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

Location
https://s2s.t13.io/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=d4250aa9-51be-44d5-ae43-81cf35b58400
Date
Tue, 13 Aug 2024 00:34:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
usync.html
eus.rubiconproject.com/ Frame EA8D
0
0
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.85.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-195-85-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:04 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame B011
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1...
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26u...
0
0
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b249e0c78e0e09c-NRT
content-encoding
br
content-type
text/html
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGV06thpedwRJC0FGIV19fFBTcUfLPNKHMZVFTwMe40hftyJVOFvQq%2Fupvlq4XpuaVcQyNvZg3%2B3XEKAi5NCAdT9nHhUB%2Bj8Jkk%2Be5FJ6g4Vg9kJzeYzGi5zQDtOKFCEQWkgfaG6JhybOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8b249e0c4895e09c-NRT
content-length
0
date
Tue, 13 Aug 2024 00:34:04 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fgpp%3D%26gpp_sid%3D%26bidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D&gdpr=&gdpr_consent=&gpp=&gpp_sid=&s=184674&us_privacy=1---&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HEN5A%2B2hnGL%2F93Cdj0Z0uijiZ125vyVvhTQKCLuyKSIGKToT798n4oJxkz6OEH%2BAAnFMkZuUaveVJaeDp29nEE14YurjYKdbmOvGsnS%2BMZoXIcMobwNLW2BlEg6NqQFyROLsFl8oAjDWWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6875
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss59ToDS3Sgw3aRQLYvJICV7LFmYai-2d15XwRudUUUuCilgutjzHmNDi-asfUWlEksGyW44ai26Vl9DuQqtNLIzyt6TYWLR0K6uBhPtne3_KLwPpJVGDuMfgQQMG6F-R3nbLGGApPllZ0eXvEcdLzqR2gXYusbqnxjgLpUfSfoxRH59JakWJbsK4IhJiODkW9-0FW347pwlbc8jRrMDjxBTzlCA-kejwdSX7c8XPcURIopd8wu-5jWZQE7isC4rGk3eJ9romKXSB1YRvTXt5zcaux8ZZ3I_2KLU6g4sMX955zgRw_baaYY5H7qW_uRHe00JTW7DkUx8R-IyIfOeWj_5nPe7gniLJ4sWYX8jHfMe7jB9zJpUqNAxktn6wC28CituEvPBQ&sai=AMfl-YSOm2k-7w5Zc2EP12MfXqwcroE9e1V7M_srxqFXIQ0-jnFY07WhhkwIfQaDPt5i4F3IzNWl0JHo99S0AzJ1Mw-Ccwll75curmVgl7IydDqyYviAaMGEr7Eftsp5_hM&sig=Cg0ArKJSzN3smlTadRqKEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
contextfeed.js
www.dianomi.com/js/ Frame 6875
298 KB
0
Script
General
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bd1589f452fb979ca876d514c0560ce0504047e6845b3fb70316104e3cde439
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:01 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
0
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 05 Aug 2024 13:58:20 GMT
server
cloudflare
etag
W/"4a9e8-61ef011dd6fc8"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=120
access-control-allow-credentials
true
cf-ray
8b249df89cd080cf-NRT
expires
Tue, 13 Aug 2024 00:36:01 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6875
204 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64724
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=EUC-KR
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:39:40 GMT
jload
pixel.adsafeprotected.com/ Frame 94F6
61 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=931336&campId=300x250&pubId=4711333878&chanId=22029718962&placementId=6703581563&pubCreative=138471995887&pubOrder=3240396856&cb=1576390976&custom=native&custom2=reuters_desktop_native_1&custom3=111&custom4=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b4fde8d9c259fab069746c3995cc43a208c254ea522b387e57ddafd55db30813

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
demand-source
d.pub.network/ Frame
0
0
Preflight
General
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.reuters.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 13 Aug 2024 00:34:04 GMT
strict-transport-security
max-age=31536000
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
demand-source
d.pub.network/ Frame
0
0
Preflight
General
Full URL
https://d.pub.network/demand-source
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin
https://www.reuters.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 13 Aug 2024 00:34:04 GMT
strict-transport-security
max-age=31536000
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via
1.1 google
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bf2246b1328a07619d290629df22beeea03b7bef584693d83142752b06975c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
protected-by.clarium.io/ Frame 6875
68 B
243 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMyNDAzOTY4NTY6MzAweDI1MA==&v=5&s=v31i54ig0si&id=eyJkZnAiOnsiYWQiOjQ3MTEzMzM4NzgsImMiOjEzODQ3MTk5NTg4NywibCI6NjcwMzU4MTU2MywibyI6MzI0MDM5Njg1NiwiQSI6Ii80NzM1NzkyL3JldXRlcnMuY29tL3RlY2hub2xvZ3kvYXJ0aWNsZSIsInkiOjAsImNvIjowLCJzIjoicmV1dGVyc19kZXNrdG9wX25hdGl2ZV8xIn19&cb=4122056&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXlOREF6T1RZNE5UWTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMjQwMzk2ODU2LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
content-type
image/png
demand-source
d.pub.network/
54 B
231 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
bf2246b1328a07619d290629df22beeea03b7bef584693d83142752b06975c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
analytics.google.com/g/
0
54 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723509241273&gcd=13l3l3l3l2&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=2013332329.1723509243&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sid=1723509243&sct=1&seg=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&_s=2&tfd=4407
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6875
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a93d9b2535adea83ab3fc88882379e6b45052c2327e3827b48c94b298cb1167

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6875
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
ids.cdnwidget.com/
61 B
232 B
XHR
General
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=152237088&GCS2=MTcyLjE3LjAuNywxMC44LjAuMjUsZmRkYTpkMGQwOmNhZmU6MTE5NDo6MTAxNw==&pe=false&wsid=5431&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A5431%2C%22loadID%22%3A%22HAQ7pB0P9B6Xarb%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A2%2C%22IDStageStart%22%3A3%2C%22netComplete%22%3A191%2C%22obsReqdata%22%3A534%2C%22obsReqpage%22%3A536%2C%22obsReqview%22%3A666%2C%22IDStagePrefire%22%3A666%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A9%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%221912080666468704373%22%2C%22visitid%22%3A%221723509243983840%22%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
0ea426f6bc022f43b8a59c2f99a81896114c0ef516f9d8033edf4a8491bb76e9

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61
jsdiagnostic
pixel.adsafeprotected.com/
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:931336&sessionId:875cfd88-f269-37f8-abc9-cef7f6388dd1&err:responsetime%3A239%26probability%3A10
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:04 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
content-type
image/gif
context.pl
www.dianomi.com/cgi-bin/ Frame 6875
514 B
406 B
Fetch
General
Full URL
https://www.dianomi.com/cgi-bin/context.pl?id=2611&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b028bd913c437f78adcc48478e7349be92b75990d55b345fd21348a271446f0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
application/json; charset=ISO-8859-1
access-control-allow-origin
https://www.reuters.com
cache-control
no-store
access-control-allow-credentials
true
cf-ray
8b249e0d387c80cf-NRT
x-xss-protection
1; mode=block
main.19.8.527.js
static.adsafeprotected.com/ Frame 94F6
228 KB
69 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.527.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Aug 2024 12:02:14 GMT
server
AmazonS3
etag
W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VCu6DEWRl9xDUErWy9LZHWFFkzPhlrAUjFICCoOt1N5pXXO2SC8AKw==
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
securepubads.g.doubleclick.net/pcs/ Frame 6875
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbWySt4XjpJmhBQm7o6tmkSzlyt2R1LjIs63DTBpWOWFIprc3eCkDy2AV8SX_vzTtzC2I27Ml_Mtn9FwG3cTgr6jB1X2kfHHdaQF89T6dSc9OLG37SdMyhau4hGpkN1qNIGP2xgw-_q859O_zJI6JQwR2lYfjVWqmoSjQc1GfGG4byrAeoGgvk_1bGIocrL7LPX2jBHuG1Xcts1HNW0l0qS0i8tFMSksKFQAQi2umBW-sPuvHNp0u902QoYidbWvDJSaKycKbCAetFsH5SsSyVJfK7qTxwJnurAYR3yOi2c-JAsRYE4FYv6ehPZJEEoxYzQFYlzIEN8abiAhMYTHwiSXLRgn3V_zGpROpVIs9I-hq0ZpaSat_06pZ9EONAolHWhPvPO00d&sai=AMfl-YSinkg8NxWMI6RVzw_kYh2l7CDTzlh3Z03fA7M0qAFuYobGlIl1LS8vhlo9uym2buHCkfd9PbiToX2KzrTOwlFAbF1HgSnO148dvaL5EA4DXsqz1fiJw_uxTXXneVE&sig=Cg0ArKJSzOxK_f5m-j2PEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 00:34:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E281
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTxf0UKdAA4o2YVy1Ll7Ztu92A2NeA1DFY2svo-eAPPdHBD2BKbHmBgIPg49DfPXDg0K6XveaBdP-KAsCBbVy2cVbd4PYSyXDhvuKd-3V8j079OMYEdHKg2-EJ4FJEguz8c5fC0NUARMX8Qf2kcn0IDqk42Rmpos74gigzwH5SPT3fo-DFpEmmE9pTo0UTFUL3jiWzoth75nqc8t8e3SaM9-QOnF4bA7uUP6wCsfqTPB1oF4bmDUkypbMQsAfjC2yuUkg6pUtb0C2PCuWUkQHQSdo3Rz7_a5oJ3OdewVR3Q3cPsydDPKQBpLaRM7liuN9W2JxA671ihP7v0YPZvulWTXEEhZ8uWvkcBHoMBVe4g8bIwOGIJ7YkrH8i4CIws2aVCbVkWBBzUOCdVAKhjHQXfiBT4KM&sai=AMfl-YQcSoQqP1qMSZXrxG3XlGtOFn7bYKxgNcgbxAm3qbxNQTaySTIwKWXH1_c0I3Pkwbk5D3TZPwL22WnRwbo3Wf3zyGMcYyYcN0IIQnkN3-waulT9E1hj3TZHWXF6WAM&sig=Cg0ArKJSzJZ1DRp-qXMDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E281
157 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3578014945201864
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1f42282e6500435cb756f2b6044e38adb33f01ca825e417636a6441d39b81bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52571
x-xss-protection
0
server
cafe
etag
730107760212642620
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 13 Aug 2024 00:34:05 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E281
204 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64724
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=EUC-KR
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:39:40 GMT
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5897a494ebec82bb9c6d4da5418a0adbb90b2ec7c1603a90e6871e090e47e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
protected-by.clarium.io/ Frame E281
68 B
243 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMwNDU2NTYzNjc6MTIweDYwMA==&v=5&s=v31i54ig17n&id=eyJkZnAiOnsiYWQiOjE5OTI5NzkyLCJjIjoxMzg0MDIzODQ1MjAsImwiOjYwODc1NzkwNDgsIm8iOjMwNDU2NTYzNjcsIkEiOiIvNDczNTc5Mi9yZXV0ZXJzLmNvbS90ZWNobm9sb2d5L2FydGljbGUiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfZGVza3RvcF9yaWdodF9yYWlsXzIifX0%3D&cb=5886371&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXdORFUyTlRZek5qYzZNVEl3ZURZd01BPT0iLCJ3ZCI6eyJvIjozMDQ1NjU2MzY3LCJ3IjoiMTIwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
content-type
image/png
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5897a494ebec82bb9c6d4da5418a0adbb90b2ec7c1603a90e6871e090e47e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cjs-logger
e.cdnwidget.com/
0
100 B
Image
General
Full URL
https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520JP&cookieID=&deviceID=&BXWID=5431&warpspeed=2%5EHIykD&loadID=HAQ7pB0P9B6Xarb&version=1.5.9
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.193.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/png
dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame FDDD
169 B
0
Stylesheet
General
Full URL
https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5231
cf-polished
origSize=199
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Mon, 21 Jan 2019 12:43:41 GMT
server
cloudflare
etag
W/"c7-57ff735ded940"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
8b249e01c9b980cf-NRT
expires
Tue, 13 Aug 2024 04:34:03 GMT
smartads.epl
www.dianomi.com/ Frame 39C1
0
0
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=50359&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50359-Zrqp_Qi_fbD1ZsFlLLREkwAAAE40&isWaterfall=true&contextfeedFrameId=2611-667&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8b249e0e981df64d-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:05 GMT
expires
now
link
</img/a/pss/4145/2.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dianomi-max-200x38.png
www.dianomi.com/img/ Frame FDDD
1 KB
0
Image
General
Full URL
https://www.dianomi.com/img/dianomi-max-200x38.png
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
132506
cf-polished
origFmt=png, origSize=3940
content-disposition
inline; filename="dianomi-max-200x38.webp"
content-length
1164
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jul 2020 16:53:11 GMT
server
cloudflare
etag
"f64-5ab9764140bc0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8b249e01c9c480cf-NRT
expires
Thu, 12 Sep 2024 10:34:03 GMT
pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame FDDD
77 B
160 B
Image
General
Full URL
https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.2611.Reuters%20Article&geo_ccod=jp
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
X-FORWARDED-PROTO
content-type
image/gif; charset=ISO-8859-1
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials
true
cf-ray
8b249e0e8a2d80cf-NRT
content-length
77
x-xss-protection
1; mode=block
expires
Mon, 12 Aug 2024 00:34:05 GMT
jload
pixel.adsafeprotected.com/ Frame 9608
61 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=931336&campId=120x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138402384520&pubOrder=3045656367&cb=852702310&custom=mpu2&custom2=reuters_desktop_right_rail_2&custom3=111&custom4=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
29d1723de3a3b88fa616d33e76c661f461662d782a542d62986f57110f2fc595

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
truncated
/ Frame E281
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d14c1678ae17743e4c9d8c59fb5e71ce1d8d85637dca4dfce2d1cbe8078d5e9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame E281
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.19.8.527.js
static.adsafeprotected.com/ Frame 9608
228 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.527.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Aug 2024 12:02:14 GMT
server
AmazonS3
etag
W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VCu6DEWRl9xDUErWy9LZHWFFkzPhlrAUjFICCoOt1N5pXXO2SC8AKw==
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/ Frame E281
423 KB
142 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/show_ads_impl_fy2021.js?bust=31086072
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f88d95110e23ae46f4cc1da72c02e67cbf4cdb07aef61c3f4a3f8d024d3ded1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145466
x-xss-protection
0
server
cafe
etag
11008383770649565027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:34:05 GMT
sca.17.6.4.js
static.adsafeprotected.com/ Frame BF8C
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Tdd4q4QtSjeuXjpue6eBpW7qfNWc8zA-jMz9mEZEWcH3CNkARfcQfg==
mon
pixel.adsafeprotected.com/
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=931336&campId=120x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138402384520&pubOrder=3045656367&cb=852702310&custom=mpu2&custom2=reuters_desktop_right_rail_2&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:f2bda49a-51a9-f1d9-beac-83268f6f2f9b,c:lfWMQq,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-vjgtb,rg:jp,pt:1-5-15,wc:10.10.1600.1200,ac:1138.1635.120.600,am:i,cc:1138.1635.120.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:32,mot:0,app:0,maw:0,tdt:s,fm:ulhP9jC+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1w*.-%7C1w1,idMap:1w*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:55,oid:becc0a75-590b-11ef-bf87-22d696d96326,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
content-type
image/gif
sca.17.6.4.js
static.adsafeprotected.com/ Frame 63A1
91 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Tdd4q4QtSjeuXjpue6eBpW7qfNWc8zA-jMz9mEZEWcH3CNkARfcQfg==
mon
pixel.adsafeprotected.com/
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=931336&campId=300x250&pubId=4711333878&chanId=22029718962&placementId=6703581563&pubCreative=138471995887&pubOrder=3240396856&cb=1576390976&custom=native&custom2=reuters_desktop_native_1&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:c95cc92f-68b5-88d7-a03d-063755eed745,c:lfWMQY,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-hrq6k,rg:jp,pt:1-5-15,wc:10.10.1600.1200,ac:476.1373.300.250,am:i,cc:476.1373.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:328,mot:0,app:0,maw:0,tdt:s,fm:ulhP9fC+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v*.-%7C1v1%7C1v21%7C1w1%7C1w2,idMap:1v*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:336,oid:be9a2579-590b-11ef-802d-eec59211b291,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
content-type
image/gif
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=f2bda49a-51a9-f1d9-beac-83268f6f2f9b&tv=%7Bc:lfWMR9,pingTime:-2,time:99,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:19,beZ:20,mfA:51,cmA:52,inA:52,inZ:56,prA:56,prZ:67,si:73,poA:74,poZ:89,cmZ:89,mfZ:89,loA:92,loZ:95,ltA:117,ltZ:117,mdA:21,mdZ:40%7D%7D,sca:%7Blts:2024-08-13%2009.34.05,dfp:%7Bdf:4,sz:120.600,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:120,h:600,t:54%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:99,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:54,wc:10.10.1600.1200,ac:1138.1635.120.600,am:i,cc:1138.1635.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9jC+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1w*.-%7C1w1,idMap:1w*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:55,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_5,google_ads_iframe_/4735792/reuters.com/technology/article_5__container__,reuters_desktop_right_rail_2,fusion-app%5D,sinceFw:44,readyFired:true%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt27.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=c95cc92f-68b5-88d7-a03d-063755eed745&tv=%7Bc:lfWMRg,pingTime:-2,time:354,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:119,beZ:121,mfA:448,cmA:448,inA:448,inZ:449,prA:449,prZ:453,si:455,poA:455,poZ:463,cmZ:463,mfZ:463,loA:470,loZ:471,ltA:473,ltZ:473,mdA:121,mdZ:388%7D%7D,sca:%7Blts:2024-08-13%2009.34.05,dfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:336,wc:10.10.1600.1200,ac:476.1373.300.250,am:i,cc:476.1373.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9fC+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v*.-%7C1v1%7C1v21%7C1w1%7C1w2,idMap:1v*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:336,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_1,google_ads_iframe_/4735792/reuters.com/technology/article_1__container__,reuters_desktop_native_1,main-content,fusion-app%5D,sinceFw:18,readyFired:true%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=f2bda49a-51a9-f1d9-beac-83268f6f2f9b&tv=%7Bc:lfWMRH,time:133,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:133,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:54,wc:10.10.1600.1200,ac:1138.1635.120.600,am:i,cc:1138.1635.120.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9fC+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v.-%7C1v1%7C1v21%7C1w*.-%7C1w1,idMap:1w*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:55,sis:104%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt31.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=c95cc92f-68b5-88d7-a03d-063755eed745&tv=%7Bc:lfWMRI,time:382,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:382,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:336,wc:10.10.1600.1200,ac:476.1373.300.250,am:i,cc:476.1373.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B53~0%5D,as:%5B53~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9fC+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v*.-%7C1v1%7C1v21%7C1w1%7C1w2,idMap:1v*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:336,sis:359%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt33.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
smartads.epl
www.dianomi.com/ Frame 0DB7
0
0
Document
General
Full URL
https://www.dianomi.com/smartads.epl?id=50352&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50352-Zrqp_Qi_fbD1ZsFlLLREkwAAAE41&isWaterfall=true&contextfeedFrameId=2611-667&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache,no-store,private
cf-cache-status
DYNAMIC
cf-ray
8b249e0fd988f64d-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 00:34:05 GMT
expires
now
link
</img/a/pss/4377/14.css>;rel=preload;as=style
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=2592000
vary
X-FORWARDED-PROTO
x-content-type-options
nosniff
x-xss-protection
1; mode=block
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
googleads4.g.doubleclick.net/pcs/ Frame 0A6D
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOG197ALVAh83x2LsF7ZYhLcxnQlwT9g4n_EK9WSV3QMXZHeuAMjgGLqDiVS-PNnI3z5Qr3vzf4_4bDWMSJ4XtTI8TUSEk__YAsVaSuZft9Xw1a_f4_icjCgFxhVIPYjDLKb_kxeC6B3rEXAcDz5gS391SBlDPZ7R3_FtXJ6MEUlr189iSZMvM-pEemZl0e0pgJaOURELcWT6J7qN5Np9a30E8OuISjyTnUcLbaFFM1hp0gY0h-8kxWWtWt6h1H4fz-sGjfOtWEbMigG9sbD0W2FG4ZccdsSdS54tRGInIabJU9Fy_R8waITwFRn6oJLnWn_Pot1sY4PDFSryeuC9PnhaOX4nSq40JSoyEU4mQJL4ecQ00Y70ouuJm0Eezot82gRuVP_6_OPqYT0XkrIJTI0UhVNJC9YjuRo8z81-k2Wwb_gqUW5xHbdWoCiU3d954pPBEQiMXqt9xc-nt5YoK6WPtnvTPEuWemAARGRGF&sai=AMfl-YTNpjy_yyfoABT05dt2ZXFq_VmBuRsEFokEizjeNbiPyhx4s8LM3KlHydvusQ1OJI4z1wzI_xObZeRGnoEQ1XgPXVMkZxkQvs4SixYhaURJNVweYCAH1SjHUjmGs88&sig=Cg0ArKJSzNIz69KTx9tsEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 00:34:05 GMT
express_html_inpage_rendering_lib_200_280.js
s0.2mdn.net/879366/ Frame 0A6D
117 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_280.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11286005be0144048b40410234094e5ca25a55a987d088eba6d0e5426a0d52ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 16:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41819
x-xss-protection
0
last-modified
Mon, 08 Jul 2024 16:51:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 13 Aug 2024 16:57:55 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0A6D
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 02:56:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
250650
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Aug 2025 02:56:35 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0A6D
204 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64724
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=EUC-KR
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:39:40 GMT
jload
pixel.adsafeprotected.com/ Frame D19D
61 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=931336&campId=970x250&pubId=5346136462&chanId=22029718962&placementId=6481097255&pubCreative=138461204534&pubOrder=3325415747&cb=1161751658&custom=leaderboard&custom2=reuters_desktop_leaderboard_atf&custom3=111&custom4=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
34a31358d4e7e9cae1c875094d5b75418d7cd9fb1d3c449598333126287fb8c3

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3eed5ce7cd39675fa2d97cf9deb078ab5453fc2456c26898c6ce537603873da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
protected-by.clarium.io/ Frame 0A6D
68 B
243 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMzMjU0MTU3NDc6OTcweDI1MA==&v=5&s=v31i54ig1ks&id=eyJkZnAiOnsiYWQiOjUzNDYxMzY0NjIsImMiOjEzODQ2MTIwNDUzNCwibCI6NjQ4MTA5NzI1NSwibyI6MzMyNTQxNTc0NywiQSI6Ii80NzM1NzkyL3JldXRlcnMuY29tL3RlY2hub2xvZ3kvYXJ0aWNsZSIsInkiOjAsImNvIjowLCJzIjoicmV1dGVyc19kZXNrdG9wX2xlYWRlcmJvYXJkX2F0ZiJ9fQ%3D%3D&cb=7771019&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXpNalUwTVRVM05EYzZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMzI1NDE1NzQ3LCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
content-type
image/png
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
3eed5ce7cd39675fa2d97cf9deb078ab5453fc2456c26898c6ce537603873da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
truncated
/ Frame 0A6D
207 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ecc00042164be0beb57624f8b9e124f155fc6a22af7d4c77b17a6910733e0e1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A6D
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E281
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyfigINrRrpl4WMQ1rbEg_hCn4zbQd6M-7AWKj5z9lYpKB7fcBnhcrKW_Y-mHs3Y5a1v5CLwGJ-uFiaITEnv24uvN7Ia7tnYTA3AviTNVqCGTpmEIE1Iky3eSz0tyCgVrzHDNjS05Cg7qgH9xmTA61xOdtK7wYPp6CpmfTFbVd25BJOJxkRh1W8avvskfUxcD0zRZIszdei9FkvNZXhHGIXvlHKS5kdG5HaP19EekLaRCNN-vsK0Gal-idp1BTv4er-BCHRDIM2tU9mFP6rWfC4uYnWB4nkCDfUTZa6iVxVsD1hT4lJF-mH1iV7knBys1MlsYOttkZJyd0DtvYOaMPFAQN11gCKwyeKJqQsBieLqtu0KpKvWrPyiZLsWJ5iB_vJgrSD7pqACQ&sai=AMfl-YTi2pZ4DUmemI62FH48Oj4dQDzff1RJWYKe9cAJ8MzJy4OT9TgR16cxapOlt3auGdVgNWVt2jmGVvJF4guj1mKXh5vciyzDnYxQKYcQHMKpKt-tr657UiJE31H9G44&sig=Cg0ArKJSzI3pqqupnr1XEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 00:34:05 GMT
main.19.8.527.js
static.adsafeprotected.com/ Frame D19D
228 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.527.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Aug 2024 12:02:14 GMT
server
AmazonS3
etag
W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VCu6DEWRl9xDUErWy9LZHWFFkzPhlrAUjFICCoOt1N5pXXO2SC8AKw==
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 24E1
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
585190
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 06:00:55 GMT
expires
Wed, 06 Aug 2025 06:00:55 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
moatad.js
z.moatads.com/universalmccannpgimglobaldcmdisplay987751550440/ Frame 0A6D
317 KB
109 KB
Script
General
Full URL
https://z.moatads.com/universalmccannpgimglobaldcmdisplay987751550440/moatad.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69406d4ea980015b18d1a4b096c43a74c916d126d2a69ebf116c067bcab9919c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Aug 2024 00:34:05 GMT
content-md5
EiHXTfTMr6GeKfolIEN+gg==
storage-tier
Standard
content-length
110417
opc-meta-btime
2024-04-22T05:23:26Z
opc-meta-mtime
1713763406
last-modified
Mon, 22 Apr 2024 21:56:58 GMT
opc-request-id
iad-1:qqjkltuHwR62nSJadMpk3En-uBX24sMZ9gntk54zHwCIpK2efBHeD-Vl5Sk6LYQc
x-api-id
native
etag
ad3de11e-9973-4f95-ae8e-312170b46669
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
50b45430-f31b-4bcb-9962-2f027b67b58a
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=3822
access-control-allow-credentials
true
accept-ranges
bytes
970x250.html
s0.2mdn.net/sadbundle/12716696777594286866/Center_EN_Brand_HTML5_Golf_970x250/ Frame EDA0
0
0
Document
General
Full URL
https://s0.2mdn.net/sadbundle/12716696777594286866/Center_EN_Brand_HTML5_Golf_970x250/970x250.html?ev=01_252
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
302489
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2836
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 09 Aug 2024 12:32:36 GMT
expires
Sat, 09 Aug 2025 12:32:36 GMT
last-modified
Fri, 02 Aug 2024 10:24:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
setuid
s2s.t13.io/
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%...
  • https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=aa0fc3fb-e92b-44d2-9c28-496ce6dd0b3f
86 B
116 B
Image
General
Full URL
https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=aa0fc3fb-e92b-44d2-9c28-496ce6dd0b3f
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Server
34.107.140.113 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
113.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0

Redirect headers

location
https://s2s.t13.io/setuid?bidder=sharethrough&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&f=i&uid=aa0fc3fb-e92b-44d2-9c28-496ce6dd0b3f
strict-transport-security
max-age=16000000; includeSubDomains; preload;
content-length
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/ Frame 4864
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
3095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4141
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 23:42:30 GMT
etag
3784890935487277381
expires
Mon, 26 Aug 2024 23:42:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7181
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418260&abgtt=6&lmt=1723509245&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=32_18~30_19&aiixl=32_9~30_6&aslmct=0.7&asamct=0.7&aiapm=0.46927&aiapmi=0.48129&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509245262&bpp=2&bdt=115&idt=391&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&nras=1&correlator=8430018918745&frm=23&ife=4&pv=2&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=120&ish=600&ifk=2450469050&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531706%2C95331690%2C95334524%2C95334829%2C95337868%2C95338229%2C31086072%2C95339233%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1181440383859132&tmod=511896304&uas=0&nvt=1&fsapi=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.fqkzhjcowr6h&btvi=1&fsb=1&dtd=489
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E281
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/show_ads_impl_fy2021.js?bust=31086072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c51fbdca3871f78e427ec6b3c40a26ec35bf460f02ae7daf1c13cbfd01eec0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12798
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9656
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=6321033981&adk=3391077790&adf=776189450&pi=t.ma~as.6321033981&w=120&abgtt=6&fwrn=3&lmt=1723509245&format=120x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509245262&bpp=1&bdt=116&idt=408&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&prev_fmts=0x0&nras=1&correlator=8430018918745&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1128&ady=1625&biw=1600&bih=1200&isw=120&ish=600&ifk=2450469050&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531706%2C95331690%2C95334524%2C95334829%2C95337868%2C95338229%2C31086072%2C95339233%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1181440383859132&tmod=511896304&uas=0&nvt=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.ydel36ncrbju&btvi=2&fsb=1&dtd=502
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sca.17.6.4.js
static.adsafeprotected.com/ Frame 7B35
91 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Tdd4q4QtSjeuXjpue6eBpW7qfNWc8zA-jMz9mEZEWcH3CNkARfcQfg==
mon
pixel.adsafeprotected.com/
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=931336&campId=970x250&pubId=5346136462&chanId=22029718962&placementId=6481097255&pubCreative=138461204534&pubOrder=3325415747&cb=1161751658&custom=leaderboard&custom2=reuters_desktop_leaderboard_atf&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:221836fd-548b-369b-db02-f4ecbd2a539a,c:lfWMYe,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-gn6mg,rg:jp,pt:1-5-15,wc:10.10.1600.1200,ac:325.23.970.250,am:i,cc:325.23.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:96,mot:0,app:0,maw:0,tdt:s,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3,idMap:1x*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:106,oid:bf07dad0-590b-11ef-86d1-e29d03a6e954,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
content-type
image/gif
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWMYe,pingTime:-8,time:106,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:106,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.23.970.250,am:i,cc:325.23.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B9~100%5D,as:%5B9~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3,idMap:1x*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt41.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWMYN,pingTime:0,time:141,type:pf,sca:%7Blts:2024-08-13%2009.34.05%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:141,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.23.970.250,am:i,cc:325.23.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~100%5D,as:%5B44~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3,idMap:1x*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=f2bda49a-51a9-f1d9-beac-83268f6f2f9b&tv=%7Bc:lfWMZ4,pingTime:-10,time:590,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723509245834%7C%7C670b8ea220d74ccb06358e4d58fbfa05%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C24c89ffff9748f3525f30b5d1a759f19%7C%7Cb48ea13a5fc86befe182d16b661d45de%7C%7C478a6f3ddaff24ca1c441e414e3773c1%7C%7Ce01f4ec919750739140738e0b858b06f%7C%7C45c5bae7c38908057a77e0fad2e6de2d%7C%7C1715618633%7D
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E281
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 00:34:05 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWMZc,pingTime:-2,time:166,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:61,beZ:62,mfA:156,cmA:157,inA:157,inZ:158,prA:158,prZ:163,si:166,poA:169,poZ:179,cmZ:179,mfZ:179,loA:204,loZ:205,ecZ:224,ltA:226,ltZ:226,mdA:63,mdZ:63%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:166,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.23.970.250,am:i,cc:325.23.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B69~100%5D,as:%5B69~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3,idMap:1x*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_0,google_ads_iframe_/4735792/reuters.com/technology/article_0__container__,reuters_desktop_leaderboard_atf,fusion-app%5D,sis:163,sinceFw:57,readyFired:true%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWMZG,time:196,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:196,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.23.970.250,am:i,cc:325.23.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B99~100%5D,as:%5B99~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3,idMap:1x*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:163%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWMZO,pingTime:-10,time:204,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723509245834%7C%7C670b8ea220d74ccb06358e4d58fbfa05%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C24c89ffff9748f3525f30b5d1a759f19%7C%7Cb48ea13a5fc86befe182d16b661d45de%7C%7C478a6f3ddaff24ca1c441e414e3773c1%7C%7Ce01f4ec919750739140738e0b858b06f%7C%7C45c5bae7c38908057a77e0fad2e6de2d%7C%7C1715618633,sca:%7Bspg:f2bda49a-51a9-f1d9-beac-83268f6f2f9b%7D%7D
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:05 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1A4
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
75566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 03:34:39 GMT
expires
Tue, 12 Aug 2025 03:34:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D6FD
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QHVzbOa1d0yEAg_iWHpjTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QHVzbOa1d0yEAg_iWHpjTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:05 GMT
expires
Tue, 13 Aug 2024 00:34:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=UNIVERSALMCCANN_PGIM_GLOBAL_DCM_DISPLAY1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1723509245916&de=794728907915&m=0&ar=9cc5b3e58a7-clean&iw=08568f8&q=2&cb=0&ym=0&cu=1723509245916&ll=2&lm=0&ln=1&em=0&en=0&d=2988864%3A31118527%3A385448420%3A220477446&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&id=1&ii=4&bo=1137739&bd=reuters.com&zMoatOrigSlicer1=1137739&zMoatOrigSlicer2=N%2FA&gw=universalmccannpgimglobaldcmdisplay987751550440&fd=1&it=500&ti=0&ih=2&pe=1%3A862%3A862%3A0%3A823&fs=208210&na=1147403913&cs=0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 45DB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVwKpslwz2wVrigmWR7LeGvfB6LX2V8foNRoyWGCGwigCaFdCPAostPOFy1igUZTt9V3hqqlspNlz7L2VuKbiw0VdA575F3eiltWwiHKAOgx_TwlpokOiPiY75ht6o_gcX1xi4q103C8V4QfutGEAkd7Taj4YFnct7mGecxAHgdOIYsJhe1AgXISdt0cSY7Ssp8zRB8qwEX2MTJUCXuy3SGSvSh-cXxB_-HWhFfB4YwxIemGjZ5qWfZL37eBA1aypIBGMCnU6AnbBw_htnuav1fcw9ODvCJxXoYq1CRdbbub8H3KcZYvOHuq_a_9fxwbvoMkFwHFU5rBhNvzlpfaKDnhAUqQTemYC5afadEA_cTaI2hEpxIk4PnOi89l1nRy_WF3nEsP6iN2lYVdE6-cLPNJRbR_k&sai=AMfl-YSsNiUyYGNFVnrZYVbK6U8YquUoUdeTNyh_G8pVoxRX8FLPStevkBVWbS3prnjla0rl2k16D3OFG2BcGxiUQV5Swhudb3D6pnEtsed0n8CKWUTeZTp2rYZkW5RCt6o&sig=Cg0ArKJSzFnHB3Z1S5mXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 45DB
157 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3578014945201864
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1f42282e6500435cb756f2b6044e38adb33f01ca825e417636a6441d39b81bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Origin
https://www.reuters.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52571
x-xss-protection
0
server
cafe
etag
730107760212642620
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 13 Aug 2024 00:34:05 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 45DB
204 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 23:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
3263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64724
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=EUC-KR
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:39:40 GMT
jload
pixel.adsafeprotected.com/ Frame 13FA
61 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=931336&campId=120x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138420678142&pubOrder=3045656367&cb=1937964185&custom=mpu&custom2=reuters_desktop_right_rail_1&custom3=111&custom4=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7e313768e18281e9f1bac193fa34b4cd9fa8e3feb1e8afe229c1ebaf74ee1134

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9a2cb88aa5d0a7cfcbed05f4440c03bfc24eb90328fb721278ae380841438a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
protected-by.clarium.io/ Frame 45DB
68 B
243 B
Image
General
Full URL
https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMwNDU2NTYzNjc6MTIweDYwMA==&v=5&s=v31i54ig23n&id=eyJkZnAiOnsiYWQiOjE5OTI5NzkyLCJjIjoxMzg0MjA2NzgxNDIsImwiOjYwODc1NzkwNDgsIm8iOjMwNDU2NTYzNjcsIkEiOiIvNDczNTc5Mi9yZXV0ZXJzLmNvbS90ZWNobm9sb2d5L2FydGljbGUiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfZGVza3RvcF9yaWdodF9yYWlsXzEifX0%3D&cb=3793079&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXdORFUyTlRZek5qYzZNVEl3ZURZd01BPT0iLCJ3ZCI6eyJvIjozMDQ1NjU2MzY3LCJ3IjoiMTIwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
content-type
image/png
demand-source
d.pub.network/
54 B
90 B
Fetch
General
Full URL
https://d.pub.network/demand-source
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9a2cb88aa5d0a7cfcbed05f4440c03bfc24eb90328fb721278ae380841438a51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 0A6D
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh7dgXxQW1Px_X9Hbtm62O5ThJLlwoeaZHUk6_E5Y49yrHrw258psb7RIxH42yuAW8-jMkAQ1uoDxZgg7WdoknTaLJMGu_d0bF7_xrSYrjR3DH0M-18j-mfbQxCjtU8NVm5FfWFxz6ps7DAiBwQzx7884_v2wm1HQk_RuccbjbfP5NsYjKKCRccF43UaS0hSSZhvPk6C6HPyhehgOad5kz99G1p7xG_jcISWHu74Tf_HuHfI8dYoc0FURXwX3KXkIIiY4WF_uHwHfaemf5flgzuMyjCxwH3-BRZm2SNFteFIXsqnF7doUIT-PO7fkHSqbkoO9KNr_aU6c308BQlhqSfWFrTDa4Fm3R5PfWvJcPU57UkSN1DwH1SBopBO5h6DZT2ImsWDTM&sai=AMfl-YRE5yvaWtgsrQWgL6QBUOHICHu2OUCnzZaIJe9YTIgd5iVNrw8pxh2AobB71PmG0-wHlWQVZPgDbXKBwdPuL3lqOC1mYNQx5r2b-nuj8awzEX0CskBhf-K0qlnrGk4&sig=Cg0ArKJSzFzae2CyihztEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 00:34:06 GMT
truncated
/ Frame 45DB
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8674be91ab593d6bdb3448147214f1597c8db146038f96d8402c16208fb31afe

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/ Frame 45DB
423 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/show_ads_impl_fy2021.js?bust=31086072
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f88d95110e23ae46f4cc1da72c02e67cbf4cdb07aef61c3f4a3f8d024d3ded1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145466
x-xss-protection
0
server
cafe
etag
11008383770649565027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Aug 2024 00:34:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 45DB
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=c95cc92f-68b5-88d7-a03d-063755eed745&tv=%7Bc:lfWN45,pingTime:-10,time:1149,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723509245834%7C%7C670b8ea220d74ccb06358e4d58fbfa05%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C24c89ffff9748f3525f30b5d1a759f19%7C%7Cb48ea13a5fc86befe182d16b661d45de%7C%7C478a6f3ddaff24ca1c441e414e3773c1%7C%7Ce01f4ec919750739140738e0b858b06f%7C%7C45c5bae7c38908057a77e0fad2e6de2d%7C%7C1715618633,sca:%7Bspg:f2bda49a-51a9-f1d9-beac-83268f6f2f9b%7D%7D
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F12716696777594286866%2FCenter_EN_Brand_HTML5_Golf_970x250%2F970x250.html%3Fev%3D01_252&i=UNIVERSALMCCANN_PGIM_GLOBAL_DCM_DISPLAY1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-DauaxzFtVW9gO66yu1n7EBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1600&qe=1200&qh=1600&qg=1285&qm=-540&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&bq=0&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&id=1&ii=4&f=0&j=&t=1723509245916&de=794728907915&cu=1723509245916&m=109&ar=9cc5b3e58a7-clean&iw=08568f8&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6971&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A862%3A862%3A0%3A823&as=0&ag=46&an=0&gf=46&gg=0&ix=46&ic=46&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=46&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=91&cd=0&ah=91&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2988864%3A31118527%3A385448420%3A220477446&bo=1137739&bd=reuters.com&gw=universalmccannpgimglobaldcmdisplay987751550440&zMoatOrigSlicer1=1137739&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=1529619146&cs=0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:06 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6FA2
0
0
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&predirect=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-224-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=136058
content-encoding
gzip
content-length
5516
content-type
text/html
date
Tue, 13 Aug 2024 00:34:06 GMT
expires
Wed, 14 Aug 2024 14:21:44 GMT
last-modified
Mon, 05 Aug 2024 09:22:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 93C7
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
652
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 00:34:06 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
2
main.19.8.527.js
static.adsafeprotected.com/ Frame 13FA
228 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.527.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Aug 2024 12:02:14 GMT
server
AmazonS3
etag
W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
VCu6DEWRl9xDUErWy9LZHWFFkzPhlrAUjFICCoOt1N5pXXO2SC8AKw==
ads
googleads.g.doubleclick.net/pagead/ Frame F189
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418258&abgtt=6&lmt=1723509246&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=29_18~27_14~30_19&aiixl=29_5~27_3~30_6&aslmct=0.7&asamct=0.7&aiapm=0.41421&aiapmi=0.44357&aiombap=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509246136&bpp=1&bdt=97&idt=23&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&nras=1&correlator=8430018918745&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=120&ish=600&ifk=2677120663&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531705%2C44795922%2C95334529%2C95334828%2C95337869%2C95338228%2C31086072%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=668571988309923&tmod=511896304&uas=0&nvt=1&fsapi=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.uo25tskh8420&fsb=1&dtd=59
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 45DB
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408120101/show_ads_impl_fy2021.js?bust=31086072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
056441bacef66229fb1f54033813a227d5b3bbcb527ed2bce80d2bc2379ee9f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13008
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 30F3
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=6321033981&adk=3391077790&adf=776189452&pi=t.ma~as.6321033981&w=120&abgtt=6&fwrn=3&lmt=1723509246&format=120x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723509246136&bpp=1&bdt=97&idt=40&shv=r20240807&mjsv=m202408120101&ptt=9&saldr=aa&cookie=ID%3Dc4d838e77b555020%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog&gpic=UID%3D00000ebde517b775%3AT%3D1723509243%3ART%3D1723509243%3AS%3DALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw&eo_id_str=ID%3D0c5ef8f0bd2c884f%3AT%3D1723509243%3ART%3D1723509243%3AS%3DAA-AfjbiRNPLqvz35yyrkhBnaM9k&prev_fmts=0x0&nras=1&correlator=8430018918745&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1128&ady=393&biw=1600&bih=1200&isw=120&ish=600&ifk=2677120663&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95336638%2C42531705%2C44795922%2C95334529%2C95334828%2C95337869%2C95338228%2C31086072%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=668571988309923&tmod=511896304&uas=0&nvt=1&fc=1664&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1200%2C120%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.v5lzvzc2a3cq&fsb=1&dtd=70
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
14430
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sca.17.6.4.js
static.adsafeprotected.com/ Frame A926
91 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.4.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id
bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 13 May 2024 16:44:02 GMT
server
AmazonS3
etag
W/"8fa66f8b94450bd040e7b5a7550c52de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Tdd4q4QtSjeuXjpue6eBpW7qfNWc8zA-jMz9mEZEWcH3CNkARfcQfg==
mon
pixel.adsafeprotected.com/
43 B
197 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=931336&campId=120x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138420678142&pubOrder=3045656367&cb=1937964185&custom=mpu&custom2=reuters_desktop_right_rail_1&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:ee939913-ab5c-0119-6584-fce1dfc3815e,c:lfWN5s,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-cm778,rg:jp,pt:1-5-15,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:41,mot:0,app:0,maw:0,tdt:s,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:52,oid:bf500788-590b-11ef-94c1-4285d1a223c2,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="COM NAV INT STA NID OUR IND NOI"
pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
cache-control
no-cache
server
Apache-Coyote/1.1
content-length
43
content-type
image/gif
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWN5E,pingTime:0,time:64,type:pf,sca:%7Blts:2024-08-13%2009.34.06%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:64,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:52,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B22~100%5D,as:%5B22~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:52%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt40.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWN5O,pingTime:-2,time:74,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:89,beZ:91,mfA:130,cmA:131,inA:131,inZ:132,prA:132,prZ:138,si:141,poA:141,poZ:149,cmZ:149,mfZ:149,loA:158,loZ:159,ltA:163,ltZ:163,mdA:91,mdZ:91%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:120.600,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:74,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:52,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B32~100%5D,as:%5B32~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:52,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_4,google_ads_iframe_/4735792/reuters.com/technology/article_4__container__,reuters_desktop_right_rail_1,fusion-app%5D,sinceFw:21,readyFired:true%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt41.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 45DB
17 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 00:34:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC74
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
75566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 03:34:39 GMT
expires
Tue, 12 Aug 2025 03:34:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1D0B
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QHVzbOa1d0yEAg_iWHpjTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QHVzbOa1d0yEAg_iWHpjTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:05 GMT
expires
Tue, 13 Aug 2024 00:34:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWN6z,time:121,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:121,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:52,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~100%5D,as:%5B79~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:52,sis:75%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
prbds2s
rtb.gumgum.com/usync/ Frame A418
0
0
Document
General
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs2s.t13.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.151.87 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-151-87.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-length
0
date
Tue, 13 Aug 2024 00:34:06 GMT
etag
"0d41d8cd98f00b204e9800998ecf8427e"
server
nginx
timing-allow-origin
*
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:06 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
sodar
pagead2.googlesyndication.com/pagead/ Frame E281
0
0

dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWNeX,pingTime:1,time:1143,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1143,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.14.970.250,am:i,cc:325.14.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~100%5D,as:%5B1046~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:267,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3%7C1y.-,idMap:1x*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:163%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt46.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWNeY,pingTime:1,time:1144,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1144,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.14.970.250,am:i,cc:325.14.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:267,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3%7C1y.-,idMap:1x*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:163,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=221836fd-548b-369b-db02-f4ecbd2a539a&tv=%7Bc:lfWNeY,pingTime:1,time:1144,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1144,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:106,wc:10.10.1600.1200,ac:325.14.970.250,am:i,cc:325.14.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:267,fm:ulhP9qA+11%7C121111%7C121112%7C12112%7C131111%7C131112%7C13112%7C14111%7C14112%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1x*.-%7C1x1%7C1x2%7C1x3%7C1y.-,idMap:1x*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:106,sis:163,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:06 GMT
server
nginx
x-server-name
dt50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ Frame 45DB
0
0

c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
securepubads.g.doubleclick.net/pcs/ Frame 45DB
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6PFNPLUrqZC6tcAOAU4LfajX6aASXlevu8hbD2ksXbj3KRAwdckljwKTlUjDDn_YIKzNPFWM5dTquFjUTBuzLGIOzPVUaAyUR53WW82E5XLwMtqz6rawDQemMfRSIs89mVc47P7DKO2Lq4SiBbr15VqKPCcIl4LNcb7N_6hT-VBzrwXdz9eiWSqnUSw2j4q9RMz6dg68nTbelSr7IODR1z-Qjzjx_SIEBt2AhhebvOgb8emCs5bD0b0Be1E3yj2onj2I0ab4TzxRd2RvpvtnH0Grm31ccak-372Hh3rdH7UvnCisJmNxb29bBP7Go7Y7xoi_rzAgIvL1ydO6Lw_ncLEHpbZjtkAYkhlEI1vOPaahVLEsj5JVAL4J9eezmvjeWKcfzP494eHg&sai=AMfl-YRFzChfTuJQo59zTmF5oQONJs2K94IqBXEiuWC3N1sNmmBLxI3GQiu9wbyfT_2eBqbuTymRWfrQ4aEs8W3lL7bi4f_3byG73LrXrxi4d23GqsG26z55d0rEVXNWqDA&sig=Cg0ArKJSzLNFIAl0slxTEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Aug 2024 00:34:07 GMT
/
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/
10 KB
5 KB
Script
General
Full URL
https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31680b8579b65b33da8696cfab15955a53835b2ec9d141f456f16611b93560b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
61243
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"26a8-5UWSvKjhSW2xo8x2hXCscncofpE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b249e1a5c56f59f-NRT
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202408080101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
18abfc9590f336de12e6559cc502a3bf71683b592c386afb5174f0ab8676eab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12852
x-xss-protection
0
video-channel-by-id-v1
www.reuters.com/pf/api/v3/content/fetch/
42 KB
5 KB
Fetch
General
Full URL
https://www.reuters.com/pf/api/v3/content/fetch/video-channel-by-id-v1?query=%7B%22id%22%3A%22d45538fb92ef02a065c15e16d3dd6a297c2ae7d7%22%2C%22limit%22%3A10%2C%22region%22%3A%22US%22%7D&d=207&_website=reuters
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
6a7989df2fe5ded9756e826fe26c3c52cb6ddb599e91247514016ab3517e57e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id
95f65ffa-92c3-47e7-ab78-7d35e13d2391, 95f65ffa-92c3-47e7-ab78-7d35e13d2391
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
date
Tue, 13 Aug 2024 00:34:07 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
NRT12-P5
strict-transport-security
max-age=31536000
x-arc-request-id
0.4680317.1723509247.346820f
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1723509247102_386099204_54952463_1070_18248_1_1_-";dur=1
content-length
4490
last-modified
Tue, 13 Aug 2024 00:27:06 GMT
server
openresty
etag
W/"a626-sgxFlLb0elx763DJ2KBKaz73UQk"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-arc-ttl
300
cache-control
max-age=0
x-amz-cf-id
cNR27PzjcBUQAOuJvLr2jsJR0rR3SP8O6pPOy23i2kWLTyvUg4rBYA==
expires
Tue, 13 Aug 2024 00:34:07 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=322600617&t=timing&_s=5&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6539&pdt=59&dns=0&rrt=642&srt=55&tcp=0&dit=823&clt=998&_gst=2117&_gbt=2480&_u=aGDAgEI7AAAAAGgOIAD~&jid=&gjid=&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1882450666
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 10:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
t
api.segment.io/v1/
21 B
173 B
Fetch
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:07 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=322600617&t=event&ni=1&_s=6&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=application.web.vitals&el=TTFB&ev=697&_u=aGDAgEI7AAAAAGgOIAD~&jid=&gjid=&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1074753343
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 10:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
17 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723509241273&gcs=G1--&gcd=13l3l3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=2013332329.1723509243&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&sid=1723509243&sct=1&seg=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&_s=3&tfd=6586
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tr_kinesis_v2.svg
www.reuters.com/pf/resources/images/reuters/favicon/
6 KB
3 KB
Other
General
Full URL
https://www.reuters.com/pf/resources/images/reuters/favicon/tr_kinesis_v2.svg?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2806c118a921fcd8263f5cce62a52286589bd1d720b07f9465c05d2391fae32a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.17680317.1723509247.280aed4
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509247144_386099223_41987796_34_12978_1_2_-";dur=1
content-length
2470
last-modified
Thu, 08 Aug 2024 14:08:18 GMT
server
openresty
etag
W/"3d7a7617f9d51a5210e3a0c6bc87e123"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-arc-ttl
31536000
cache-control
public, max-age=31536000
x-amz-cf-id
XETJw4aAJlpJ34uwDsSVOxg9ANv3zEL0ZqUUBdjh6ECHwRTHz0M2CA==
expires
Wed, 13 Aug 2025 00:34:07 GMT
12.f4ffc90369d4c0cab88a.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
74 KB
21 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com
Requested by
Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d961760b25cabb63e5943800565b32cc3cc4bc94bc887d1b2fc88bd0e6b4ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
414709
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"12971-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b249e1a8c8af59f-NRT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0A6D
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE0VGJOKPMe4y0yzO5j-vRYP97Um8kad3Y_2VcGuhJJ52Yj8M8yrVLbAoiYp96RzWVj1wRn07DHjt8wS49pSvMECYkJZbqp2QN1v2Ii-1Y51lZgyryNHyHYtxy0DAmgW1SYXdikad_gyj_1Gx4ZHtcQ00XxxDFjJlrR5dM9_cgGGYZgn9B8ZFJ126J4E123Tj8vxHReTjprAB7p3ule7ko4bcuOzbHDF1PXkg&sig=Cg0ArKJSzBM4ZAImK9f0EAE&id=lidar2&mcvt=1001&p=3,315,253,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4221809708&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1944204500&rst=1723509245547&rpt=558&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Aug 2024 00:34:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF7F
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
75566
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 12 Aug 2024 03:34:39 GMT
expires
Tue, 12 Aug 2025 03:34:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A391
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QHVzbOa1d0yEAg_iWHpjTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.reuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QHVzbOa1d0yEAg_iWHpjTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Aug 2024 00:34:05 GMT
expires
Tue, 13 Aug 2024 00:34:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
3 KB
2 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8qfK42aZO5fsR2R&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77533cd9a055599303c72f266d1cf1c0c2ffff9d07609f145fa0ea29a0b6e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
da0f55dbb10ae09b
timing-allow-origin
*
cf-ray
8b249e1acce7f59f-NRT
vans-adapter-google-ima.js
static.adsafeprotected.com/
19 KB
7 KB
Script
General
Full URL
https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id
4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205996
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 19:25:58 GMT
server
AmazonS3
etag
W/"8ec0c211dda60907ae57f46e621bc794"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
qa2n8uJZoluWzsr5KlrY9G9fG_MMF-Q7vdaPIGsxuKAOkt-hVZuREw==
iasPET.1.js
static.adsafeprotected.com/
22 KB
0
Script
General
Full URL
https://static.adsafeprotected.com/iasPET.1.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26cc:6a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id
UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding
gzip
via
1.1 d5876473db70c76f621c13d77ad59618.cloudfront.net (CloudFront)
x-amz-cf-pop
YVR52-P2
age
205991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Jun 2021 13:42:44 GMT
server
AmazonS3
etag
W/"51636de3ce868a2172f9e6996c2934e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
coIScnWeG_ApOqcJQyJjuFg4Uz7Rr0rK75Nk_U00c5ft2jtA7KWREQ==
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=UNIVERSALMCCANN_PGIM_GLOBAL_DCM_DISPLAY1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-DauaxzFtVW9gO66yu1n7EBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1600&qe=1200&qh=1600&qg=1285&qm=-540&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&id=1&ii=4&f=0&j=&t=1723509245916&de=794728907915&cu=1723509245916&m=1262&ar=9cc5b3e58a7-clean&iw=08568f8&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7408&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A862%3A862%3A6547%3A823&as=1&ag=1205&an=46&gi=1&gf=1205&gg=46&ix=1205&ic=1205&ez=1&ck=1205&kw=1038&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1205&bx=46&ci=1205&jz=1038&dj=1&aa=1&ad=1090&cn=0&gn=1&gk=1090&gl=0&ik=1090&co=1090&cp=1038&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1038&cd=91&ah=1038&am=91&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2988864%3A31118527%3A385448420%3A220477446&bo=1137739&bd=reuters.com&gw=universalmccannpgimglobaldcmdisplay987751550440&zMoatOrigSlicer1=1137739&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=2099278126&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:07 GMT
player.js
cd.elements.video/ Frame 57AD
2 KB
1 KB
Script
General
Full URL
https://cd.elements.video/player.js?cid=undefined
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fdc58d3514e4358647bb32642cc537c0f08593009d21121a45434bbec57f71

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8b249e1b18f2b011-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
events
api.permutive.com/v2.0/batch/
101 B
129 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a0aae98cc679fb644a0c05e13f610675aa2abf355ff0ddd9e59421abae3cdb57

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
tr_fvcn_kinesis_32x32_v2.ico
www.reuters.com/pf/resources/images/reuters/favicon/
4 KB
2 KB
Other
General
Full URL
https://www.reuters.com/pf/resources/images/reuters/favicon/tr_fvcn_kinesis_32x32_v2.ico?d=207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26f2:c000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
821bc756e59ef5044ee35b8af0e8488f18016f86e9dcb3501a5841a7f8552120
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
via
1.1 189f0789364cbb2c95361ac530c7dbe8.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000
x-amz-cf-pop
NRT12-P5
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4680317.1723509247.3468225
x-cache
Miss from cloudfront
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723509247212_386099204_54952485_30_12469_1_3_-";dur=1
content-length
753
last-modified
Thu, 08 Aug 2024 14:08:18 GMT
server
openresty
etag
"00b134d69294933c1934b0652d7d972f"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-arc-ttl
31536000
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
W-pBm2b5m53HCsl16lTKlT2rEE0OOOM0YXEFSPsfwLIE9YuuT1obFA==
expires
Wed, 13 Aug 2025 00:34:07 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=UNIVERSALMCCANN_PGIM_GLOBAL_DCM_DISPLAY1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-DauaxzFtVW9gO66yu1n7EBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1600&qe=1200&qh=1600&qg=1285&qm=-540&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&id=1&ii=4&f=0&j=&t=1723509245916&de=794728907915&cu=1723509245916&m=1263&ar=9cc5b3e58a7-clean&iw=08568f8&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7408&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A862%3A862%3A6547%3A823&as=1&ag=1205&an=1205&gi=1&gf=1205&gg=1205&ix=1205&ic=1205&ez=1&ck=1205&kw=1038&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1205&bx=1205&ci=1205&jz=1038&dj=1&aa=1&ad=1090&cn=1090&gn=1&gk=1090&gl=1090&ik=1090&co=1090&cp=1038&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1038&cd=1038&ah=1038&am=1038&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2988864%3A31118527%3A385448420%3A220477446&bo=1137739&bd=reuters.com&gw=universalmccannpgimglobaldcmdisplay987751550440&zMoatOrigSlicer1=1137739&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=117251495&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:07 GMT
pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=UNIVERSALMCCANN_PGIM_GLOBAL_DCM_DISPLAY1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-DauaxzFtVW9gO66yu1n7EBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1600&qe=1200&qh=1600&qg=1285&qm=-540&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&id=1&ii=4&f=0&j=&t=1723509245916&de=794728907915&cu=1723509245916&m=1264&ar=9cc5b3e58a7-clean&iw=08568f8&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7408&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A862%3A862%3A6547%3A823&as=1&ag=1205&an=1205&gi=1&gf=1205&gg=1205&ix=1205&ic=1205&ez=1&ck=1205&kw=1038&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1205&bx=1205&ci=1205&jz=1038&dj=1&aa=1&ad=1090&cn=1090&gn=1&gk=1090&gl=1090&ik=1090&co=1090&cp=1038&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1038&cd=1038&ah=1038&am=1038&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=2988864%3A31118527%3A385448420%3A220477446&bo=1137739&bd=reuters.com&gw=universalmccannpgimglobaldcmdisplay987751550440&zMoatOrigSlicer1=1137739&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=496856827&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:07 GMT
elLoader.js
cds.elements.video/p/518538/ Frame 57AD
3 KB
2 KB
Script
General
Full URL
https://cds.elements.video/p/518538/elLoader.js
Requested by
Host: cd.elements.video
URL: https://cd.elements.video/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fabe183e0ebe9b85145359e7b3941002b84c3fbb101a4a5c54abf75e65cc08d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
bpYUTAEmhgIlymmwW82Df58a8bEymC6X
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
1229
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"1e2759f58103c639dcd5c0a82d48f436"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1b592ab011-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWNlN,pingTime:1,time:1065,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1065,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:52,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:165,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:52,sis:75%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
server
nginx
x-server-name
dt47.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWNlO,pingTime:1,time:1066,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1066,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:52,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1024~100%5D,as:%5B1024~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:165,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:52,sis:75,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
server
nginx
x-server-name
dt42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWNlO,pingTime:1,time:1066,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:120,h:600,t:52%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1066,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:52,wc:10.10.1600.1200,ac:1138.403.120.600,am:i,cc:1138.403.120.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1024~100%5D,as:%5B1024~120.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:165,fm:ulhP9yG+11%7C121111%7C121112%7C12112%7C12113%7C131111%7C131112%7C13112%7C14111%7C14112%7C14113%7C151111%7C151112%7C15112%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p%7C1q%7C1r%7C1s%7C1t%7C1u%7C1v1%7C1v21%7C1v3%7C1w1%7C1w2%7C1w3%7C1w4%7C1w5%7C1w6%7C1w7%7C1x1%7C1x2%7C1x3%7C1x4%7C1y*.-%7C1y1%7C1y2%7C1y3%7C1z%7C110,idMap:1y*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:52,sis:75,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
server
nginx
x-server-name
dt41.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
player.js
cds.elements.video/p/518538/ Frame 57AD
451 KB
105 KB
Script
General
Full URL
https://cds.elements.video/p/518538/player.js?cid=undefined
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/elLoader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4458dcbf0f517683b91b9673c4a27995816418edd4f16af5c97ed54d57c50300

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
AAJXcEaYsGgH7POCG4hY2VkKygGpi5bJ
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
107144
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"b3e20eae86ea8d715f6fdfbad399237a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1b8964b011-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/
102 KB
30 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5385b1b3c9bb796db5e0bd5b91b4b9ef1069f836164899da4afb635a4603f334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
414692
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"19780-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b249e1bce0cf59f-NRT
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
979449b013f1b500b63b88456fba91123fb0adbda845190b53f3eccf1a7f4c26

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
98f7295fe9b5f8a966e2206ce3aaca841cd8f1ea95167c3c6135315cb9625e8c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
b64c145506fd0fa39ae80f8960d67b14e496684a65ba1937127704fc6fe4c01e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
363cf31e9de0e8a93a32b22d3f0d4bf9af85250e148809240d5ce960eb3a36ba

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
734b3b047094ac63cf762e19bcc711c2f5499c725e7bac9e9d6d1a9fc730da5c

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
2d14e9c5e9f30aeeab67d1469b214db9a23f15d8d85b745994225b01b2e9be51

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
eaa0838819ddc5fb4dd79a20b56186e050ea5207c3475003d373f59810fbb027

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
315 B
482 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
390c9ef8f5538d4779f30001a75d5f1267eef67b441a0c5de36d3b32fe45b3f7

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
4023a9c64440624a26674e5fed4524eae80d64874dddeaf8e639640462d1346f

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
pub
pixel.adsafeprotected.com/services/
638 B
614 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:ad-1,s:1.1,p:/4735792/reuters.com/technology/article,t:video%7D&wr=1600.1200&sr=1600.1200&sessionId=1a0a7dc2-c25b-fc12-8cc0-370be51c4daf&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by
Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.68.124.96 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-124-96.ap-northeast-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
9a6cb0933249833b2ffd4b0be527a7a318fb269c2ef68e4872bcfa2bc17da65b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
t
api.segment.io/v1/
21 B
173 B
Fetch
General
Full URL
https://api.segment.io/v1/t
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.90.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-90-104.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:07 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=322600617&t=event&ni=0&_s=7&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=ad.block.detection&ev=0&_u=aGDAgEI7AAAAAGgOIAD~&jid=&gjid=&cid=2013332329.1723509243&tid=UA-24152976-22&_gid=1068806202.1723509243&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1620582161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s06-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Aug 2024 10:10:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
7.800559bd58aa9fb303cf.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
3 KB
1 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/7.800559bd58aa9fb303cf.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
889075cf60d34ca5fc03bd711b98b3b59a0897b3c62de402a53b087304560738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
414691
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"b55-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b249e1c7eaef59f-NRT
1.049908ccb9412226a927.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
29 KB
7 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.049908ccb9412226a927.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f982ae3225455eee12810d7e186c14e8ac0ab5db881ba89fa409ee5b7b2ea17e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
414692
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"73fb-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b249e1c7eb0f59f-NRT
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/
64 KB
22 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bcc850e111afb651993f3bdec2565a45cb29dd84d71473594ee51d9264e0e0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
414674
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 30 Jul 2024 19:16:12 GMT
server
cloudflare
etag
W/"10099-19105125060"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-ray
8b249e1c7eb1f59f-NRT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
1023 B
675 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_7TzTPCwT5Py0QUl&Version=26&Q_ORIGIN=https://www.reuters.com&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd1b71be54e4d69d24ea1d1e0d67e132012ee7844c7b29c807cf3c17203fecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Sat, 05 Aug 2034 03:23:19 GMT
date
Tue, 13 Aug 2024 00:34:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
508248
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Aug 2024 03:23:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8b249e1c9b5f688c-NRT
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
2 KB
1 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9YcuSxbz7r7Av5j&Version=23&Q_InterceptID=SI_7TzTPCwT5Py0QUl&Q_ORIGIN=https://www.reuters.com&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BrandTier=RQqcwhV2J1&Q_ARCACHEVERSION=21&Q_BRANDDC=iad1
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f4ffc90369d4c0cab88a.chunk.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296248a03efc5a5fd37465fb1e868935747416a05a90720ac17df45ac55aac93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 09 Aug 2034 18:51:17 GMT
date
Tue, 13 Aug 2024 00:34:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
106970
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 11 Aug 2024 18:51:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
8b249e1c9b60688c-NRT
servershortname
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/
45 B
205 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9YcuSxbz7r7Av5j&Q_SIID=SI_7TzTPCwT5Py0QUl&Q_ASID=AS_18129256&Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&r=1723509247492
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.11.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
13b745977542df75
cf-ray
8b249e1cdbb5688c-NRT
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
events
api.permutive.com/v2.0/batch/
101 B
128 B
XHR
General
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by
Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
26ce95a6764b9a66f96fb5342dd0f63f09b152a5c5efea8154d992a6b8fd5b03

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=931336&asId=ee939913-ab5c-0119-6584-fce1dfc3815e&tv=%7Bc:lfWNu2,pingTime:-10,time:1576,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723509245834%7C%7C670b8ea220d74ccb06358e4d58fbfa05%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7C24c89ffff9748f3525f30b5d1a759f19%7C%7Cb48ea13a5fc86befe182d16b661d45de%7C%7C478a6f3ddaff24ca1c441e414e3773c1%7C%7Ce01f4ec919750739140738e0b858b06f%7C%7C45c5bae7c38908057a77e0fad2e6de2d%7C%7C1715618633,sca:%7Bspg:f2bda49a-51a9-f1d9-beac-83268f6f2f9b%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:6cc7:500c:25c8:6112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:07 GMT
server
nginx
x-server-name
dt42.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/
0
0

player.user.manager.service.js
cds.connatix.com/p/518538/ Frame 57AD
57 KB
16 KB
Script
General
Full URL
https://cds.connatix.com/p/518538/player.user.manager.service.js
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b4bb862fdf79aa2bbcae1fe18aedd83289e02e4f21e71790b52b83dd3a9013

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
CjoTi4.NSJk3Yw8CeJsZAOs4OwePKV.s
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
15486
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"a7645476081aac15fbe6a89530059d46"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1f9b356875-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
player.renderer.js
cds.elements.video/p/518538/ Frame 57AD
193 KB
44 KB
Script
General
Full URL
https://cds.elements.video/p/518538/player.renderer.js
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7752d284ef03a46ee88ba73c7a4ad0180c6e3db92697139dd414037843dc8614

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
ksMT6_9tHE266yLbY4d0we6kypzgTRth
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
45089
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"65eaeb1842899cf9578c6bc97d32d35d"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1e9cfab011-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
cSyncRemoteEntry.js
cds.connatix.com/p/518538/ Frame 57AD
3 KB
2 KB
Script
General
Full URL
https://cds.connatix.com/p/518538/cSyncRemoteEntry.js
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f83d5e4de72b7a907cdaaa16437ac0d193091a1d6ff64d536c088cf7093011

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
fWqJV7ikjOMmTW3fA8bp3tKeisbJdKs0
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
1388
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"01da0d5cf7e6e5963fcd99fedbc160c3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1f9b3d6875-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
si
capi.elements.video/tr/
36 B
36 B
Image
General
Full URL
https://capi.elements.video/tr/si?token=undefined&cid=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8b249e1f19e980a8-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
56
alt-svc
h3=":443"; ma=86400
player.style.52318d4929b22060dcf5.css
cds.elements.video/a/
68 KB
10 KB
Stylesheet
General
Full URL
https://cds.elements.video/a/player.style.52318d4929b22060dcf5.css
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0850b288a730703666e701e56750707d575cb1f006198408522077397d230462

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
Q_0ERquzc1PrahEf5qgIKQL7vbGbfzbY
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
9478
last-modified
Fri, 07 Jun 2024 15:26:47 GMT
server
cloudflare
etag
"f452c7f53d15aaba9fb8402572bb74b0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1e9d02b011-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
player.hls.a2049ab2db0e8dc487b1.js
cds.elements.video/a/
290 KB
75 KB
Script
General
Full URL
https://cds.elements.video/a/player.hls.a2049ab2db0e8dc487b1.js
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aaa3a1134963f3d0092aac6273bb2889869b8f4f2f05c880c3fa65f8801f7fa

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
hGp8tdPanaEzj2SelfnVLtEBhk1Hp9sy
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
76675
last-modified
Mon, 12 Aug 2024 10:15:21 GMT
server
cloudflare
etag
"fd8ff207998d868049445baef633fe64"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1e9d03b011-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
player.ads.js
cds.connatix.com/p/518538/ Frame 57AD
399 KB
89 KB
Script
General
Full URL
https://cds.connatix.com/p/518538/player.ads.js
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6f572c2bd53cdccc6daf9827566d6e74c416bc758b521a308f26ea0f2eff94

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
97P0p7W_fJb4UtLdp86GXhIFDBXufiGK
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
90799
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"2516faca40c1c53d8798f4f4774b747e"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1f9b396875-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
mny
capi.connatix.com/core/ Frame 57AD
23 KB
10 KB
XHR
General
Full URL
https://capi.connatix.com/core/mny?v=518538&cid=undefined
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b1c40aaef9f10453b34934365b1f1f021dcb56634a6de2cc94dbe4966e720a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-protobuf
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8b249e1fd96b686d-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
295.js
cds.connatix.com/p/518538/ Frame 57AD
67 KB
18 KB
Script
General
Full URL
https://cds.connatix.com/p/518538/295.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/518538/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c0429b6629d02f37540c1f151a13952c449a955efd798cc8aa37c34767e59c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
LCofGjcHT5ylY.xeJxt9YGJ00mw3TQmf
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
17878
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"ba8c3b3940c96c10fd3b529f913ea3e0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1fcb696875-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
229.js
cds.connatix.com/p/518538/ Frame 57AD
10 KB
3 KB
Script
General
Full URL
https://cds.connatix.com/p/518538/229.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/518538/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4876a0a6575938c5c1ec57a4815d945a2b87cf2f37c91418a646fa54c5ed8481

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
KpuPNKfuUvb6_ts.u9y.OUWEcbKp6GWr
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
3085
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"864ac5fd544eca3c343291e95b3b9c02"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1fcb6e6875-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
402.js
cds.connatix.com/p/518538/ Frame 57AD
3 KB
1 KB
Script
General
Full URL
https://cds.connatix.com/p/518538/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/518538/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70efdc4764096533ae349a824c3b231d225f2a76270db545233a221a4c337914

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:07 GMT
content-encoding
br
x-amz-version-id
z_.6ObkyWUjTgSUkYhL.r9PKBLe6PGXo
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
1145
last-modified
Mon, 12 Aug 2024 14:51:09 GMT
server
cloudflare
etag
"5f8a608e7f6f99024ca9834a11b5b2ab"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e1fcb6f6875-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:07 GMT
sync
capi.connatix.com/core/ Frame 57AD
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
7 KB
3 KB
XHR
General
Full URL
https://capi.connatix.com/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
Protocol
H3
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d2368c438d868db88d8adbcfe3f9c72c23ef97ad15dbd173c7b495d6cfeb7a9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8b249e20fa9e686d-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
2710
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 13 Aug 2024 00:34:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?final=true&UseUserScore=Yes&LiveIntentCnxUserId=&ImplementationType=0&ClientAb2=0
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8b249e1ff9a8686d-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
pls
capi.elements.video/core/ Frame 57AD
6 KB
3 KB
XHR
General
Full URL
https://capi.elements.video/core/pls?v=518538&cid=undefined
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015ab9fd618860f50392438cebce68c9ddb32dd473fc8438fda77ad0fbc56a6d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/x-protobuf
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
8b249e1ffab880a8-NRT
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
3084
alt-svc
h3=":443"; ma=86400
c
c.pub.network/v2/
36 B
53 B
Fetch
General
Full URL
https://c.pub.network/v2/c
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.reuters.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
activeview
pagead2.googlesyndication.com/pcs/ Frame 45DB
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_u52IoTjA7P92jWh2auvrDZlKGey_PjGwtVtB_C-Lt6HlF4N66rh_1CAHnrJb8pErpCAftttW9v1-5QVbJ1HrtNIVvpId1ldlYR1y238SExJ4VRBQNudF4pf-xir4_GAoMDwgZxRuDM0Bf4E9X62vGj86V6iw1Tg&sig=Cg0ArKJSzCP5Ml950DuhEAE&id=lidar2&mcvt=1000&p=393,1127,993,1247&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1537550921&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1944204600&rst=1723509246039&rpt=1011&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player.iframe.integration.destroy.63b4bf4bec7493504e6d.js
cds.elements.video/a/
735 B
742 B
Script
General
Full URL
https://cds.elements.video/a/player.iframe.integration.destroy.63b4bf4bec7493504e6d.js
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46ffdbb826033b2b51f222bb08355173900fcd97c07c2983d00b44bd3a3e5873

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
br
x-amz-version-id
qEUN6maw8.qyMd3KAh_FYqe0T1VxokRv
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
content-length
373
last-modified
Mon, 12 Aug 2024 10:15:21 GMT
server
cloudflare
etag
"38af174065f199c23d069d51c81547b8"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
accept-ranges
bytes
cf-ray
8b249e234abcb011-NRT
access-control-allow-headers
range
expires
Wed, 13 Aug 2025 00:34:08 GMT
insights.bin
ins.elements.video/c5487a5e04c18d3ed1de3fb5cfdbd341/ Frame 57AD
288 B
522 B
XHR
General
Full URL
https://ins.elements.video/c5487a5e04c18d3ed1de3fb5cfdbd341/insights.bin
Requested by
Host: cds.elements.video
URL: https://cds.elements.video/p/518538/player.js?cid=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef222c04e427540ef9b32fc45d7dfc1dccb216d38d60c356781cd3300a8f2019

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Jun 2024 13:15:58 GMT
server
cloudflare
etag
W/"450a7728635dc097b7f589ba4fe075dc"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
8b249e2378522614-NRT
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Aug 2025 00:34:08 GMT
right-rail-tracking.js
assets.connatix.com/Elements/b4be4e9e-38c7-4165-b5af-a0c846e915e2/
541 B
543 B
Script
General
Full URL
https://assets.connatix.com/Elements/b4be4e9e-38c7-4165-b5af-a0c846e915e2/right-rail-tracking.js
Requested by
Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.7.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26673eb2c8b284cead72a9eaca5f160ac0b15d166cd6e29fdf63ec557f7acbdf

Request headers

Referer
https://www.reuters.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 May 2023 19:24:34 GMT
server
cloudflare
etag
W/"efcf4d5a7f6cb322a8c303ba5847db8c"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
vary
Origin, Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8b249e24dd5af689-NRT
alt-svc
h3=":443"; ma=86400
expires
Wed, 13 Aug 2025 00:34:08 GMT
player.floating.js
cds.elements.video/p/518538/ Frame 57AD
0
0

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 57AD
0
0

81549
i.liadm.com/s/ Frame 57AD
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 0A6D
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 6875
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 45DB
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame E281
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame E445
0
0

pixel.gif
px.moatads.com/
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=21&q=0&yco=0&yt=0&xco=0&xt=0&hp=1&sst=1&wf=1&ra=1&sgs=3&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=UNIVERSALMCCANN_PGIM_GLOBAL_DCM_DISPLAY1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.E%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-DauaxzFtVW9gO66yu1n7EBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-MxqwasQST%2BDrDg%3D%3D&sc=1&os=1-nw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1600&qe=1200&qh=1600&qg=1285&qm=-540&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&id=1&ii=4&f=0&j=&t=1723509245916&de=794728907915&cu=1723509245916&m=2704&ar=9cc5b3e58a7-clean&iw=08568f8&cb=0&ym=0&ll=2&lm=0&ln=1&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=7408&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A862%3A862%3A6547%3A823&as=1&ag=2452&an=1205&gi=1&gf=2452&gg=1205&ix=2452&ic=2452&ez=1&ck=1205&kw=1038&aj=1&pg=100&pf=100&ib=0&cc=1&bw=2452&bx=1205&ci=1205&jz=1038&dj=1&aa=1&ad=2337&cn=1090&gn=1&gk=2337&gl=1090&ik=2337&co=1090&cp=1038&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2497&cd=1038&ah=2497&am=1038&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=2988864%3A31118527%3A385448420%3A220477446&bo=1137739&bd=reuters.com&gw=universalmccannpgimglobaldcmdisplay987751550440&zMoatOrigSlicer1=1137739&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=208210&na=2001210101&cs=0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.225.214 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-225-214.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:08 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 13 Aug 2024 00:34:08 GMT
eligible
events.bouncex.net/track.gif/
42 B
96 B
Image
General
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwBYDsBSATAYQKwAM2OAbAMwBkAFsApDCEgdbfeAwKZRzwCeYVCACMmFBAHsIAJwDGHJKAQUQAcwBcMBAGVhCGVJhCOUpMvWaAClI4A3GJIQ4ICOOIC2x06rUzgMqhwAKlqm1gA24qA4wG4ADsAwKlAIAGpYohAAjkgAjGIcKh7cYAzIFL5xCUkMuQAcWLUAnGjMwCpccEgAVkpu4iDyzADuHEII8Bw1eChkeXbjPIw5aFhkhI1YM421ZLUozAN2cjU5jTlYBLUEJDcoJLUtM2iU8e12HEMn+ZkQXMeMlBkYRgHR4HhcMViuRWawIGxQZ2m5WBHWAsRgNmM43EUCQcDalEOMDkSBAFDgVBgUnA8SkcH4LnEUjaHDAIE0wCEYQ4jAAZsAwggOOSAF7iJAAWmmBCAA
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:09 GMT
x-envoy-decorator-operation
event-collector.event-collector.svc.cluster.local:80/*
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
magnite
ssp.wknd.ai/ Frame
0
0
Preflight
General
Full URL
https://ssp.wknd.ai/magnite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://www.reuters.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 13 Aug 2024 00:34:08 GMT
server
istio-envoy
via
1.1 google
publishertag.js
static.criteo.net/js/ld/
128 KB
41 KB
Fetch
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
5e86b02d8388be8e4ca8a1538044129612d460fbb187e1abf5bfc216b19d0196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:34:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 Jul 2024 14:14:53 GMT
server
nginx
etag
W/"668fe8dd-1ff04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 14 Aug 2024 00:34:09 GMT
cygnus
as-sec.casalemedia.com/
53 B
343 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?v=7&cb=1723509249259&s=861236&r=%7B%22id%22%3A%221723509249%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22banner%22%3A%7B%22w%22%3A720%2C%22h%22%3A480%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%2C%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22about%3A%2F%2Fblank%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%2C%22domain%22%3A%22%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%2C%22placement%22%3A%5B%22overlay%22%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22ip%22%3A%22146.70.201.171%22%2C%22js%22%3A1%2C%22language%22%3A%22JA%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5431%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225431%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be4b2fcf073dbc7b877aabaf18de2240c6a0452170cb26abeee1b9d5e56803e3

Request headers

Accept
text/plain, */*; q=0.01
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQD%2FHJ%2FTIoo0%2BU8buLNhZrZUbD4%2BWS5nwyzLKC4Rtg4GRpxBuNXFAsjxKeKt3majsLlIL9JHsxPRcKN%2FP%2Fgy20DaPz6f0zxNq91LV1kIX1CdgdNiaiNPaT2nU63BCBf1ROv2B2HIeIo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8b249e27fefdaf82-NRT
alt-svc
h3=":443"; ma=86400
expires
0
cygnus
as-sec.casalemedia.com/
40 B
676 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1723509249260&s=861236&r=%7B%22id%22%3A%221723509249%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22plcmt%22%3A3%2C%22playbackmethod%22%3A%5B2%5D%2C%22maxbitrate%22%3A16000%2C%22minbitrate%22%3A40%2C%22skip%22%3A1%2C%22w%22%3A880%2C%22h%22%3A495%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22about%3A%2F%2Fblank%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%2C%22domain%22%3A%22%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%2C%22placement%22%3A%5B%22overlay%22%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22ip%22%3A%22146.70.201.171%22%2C%22js%22%3A1%2C%22language%22%3A%22JA%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5431%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225431%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&fn=jsonp
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9678a3e2b4e3da064b01a89c62f55fc11a3927c4bf7fc8b6e2ac6f3fb638581a

Request headers

Accept
text/plain, */*; q=0.01
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ki5Si%2B3%2FYNxVbAq%2FEoaU2h92NFFXoWwIzUE1JRk6xNrYwMT8RsfRXk4YIN3ptqcKTi3QJbTlHlWWAJH8Tg8sMWnyboupw7S4OW33oxiS8bUQshRWcbiiek%2Fhlb20w4kF861AC%2F8J1V0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8b249e27ff00af82-NRT
alt-svc
h3=":443"; ma=86400
content-length
40
expires
0
translator
hbopenbid.pubmatic.com/
0
0

translator
hbopenbid.pubmatic.com/
0
0

magnite
ssp.wknd.ai/
0
13 B
XHR
General
Full URL
https://ssp.wknd.ai/magnite
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:09 GMT
via
1.1 google
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
magnite
ssp.wknd.ai/
0
13 B
XHR
General
Full URL
https://ssp.wknd.ai/magnite
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.reuters.com
date
Tue, 13 Aug 2024 00:34:09 GMT
via
1.1 google
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
magnite
ssp.wknd.ai/ Frame
0
0
Preflight
General
Full URL
https://ssp.wknd.ai/magnite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.reuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,authorization
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://www.reuters.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 13 Aug 2024 00:34:08 GMT
server
istio-envoy
via
1.1 google
collect
analytics.google.com/g/
0
17 B
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723509241273&gcs=G1--&gcd=13l3l3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=2013332329.1723509243&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sid=1723509243&sct=1&seg=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&_s=4&tfd=11587
Requested by
Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 00:34:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reuters.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240807&jk=1181440383859132&bg=!iomlicbNAAZjy5caQ8s7ADQBe5WfOCqwfT4C1UGRpDDspsiRP34Zms1spnHZMAIqZ9ChAYK1uV2_vWbTn3OqBNXWw3TmAgAAADxSAAAAFmgBB34ANqKh0Jy4gkTW02B_cQxT6AugwkW-VjdVtBxxqp7_1Yee40uqAvPXZu1m8bpLl1-MiNX0ftOcVZkCw91sEjbBRQ62qCdKE-Ccuano52tUVh45HVTsb_78MyIY09_dXfn8BSvuW5-FIpTHH5kfiGGaGAJQkwpg96ah6racdb7lHzeysU8zszLgib39HDVZke8rEJnqFkgKyfsca9yujIp0w5eOfV8O1t4XKo_lMJCrN7Uu8wFa_rN8Hoy9XUg5PW85Fbb4diaD9KNTdRXUAqay9CdHgg6_JvG7CUGeQkF5f-IaGGplxKwokU7iLSwZK18BHiqmSMDH5-PXhjAdeDK7z-ZrDvPiii3dGx6bMCnB5NeE2q7XKy3TxBDAdrsRyvwgqI8BHz10HKmbqwTYJUKnHsjyRCj9oD90F53PKdHE8QDO29AoO1QLJu3unCJyraX4EsZCYXRNQLa4SKGdYLkLl6gu0e04C1EfbP0xbiHSLafj7DOvnDyiEV57iQA_Cz1itSIIiUdd4YnMtENFGGoMNA2h4UR2CWqmavLLphS1-bn0tvhsjGiXw1zULoZ4v-pR6qK7_1BDoPhdZthrUAgV1xvcuFPFCB45atEuK9xMB_ovBZC01-HFADz82QR17uOptMdoT1InklMOjhu3UkLVFXf9MKau_mcrydkXFgEWwpuQFYPrCBMxaXlr_SwiaNJ1xGJaUqOW5DGZQv1mEgMs8WnfdcRzofE9TZF9Vg4GC_HUQjw607kB89nGL1EtMwdhgjYta5zdeAo2NwwoBMtbVr6anMnMAtt7Cd7MvmPhCQqoz9fKBqDAoeTRDU7SPmvjrG-ihf2bxzzHrIMVEizrSgylGiXktJVzSYRJvKSc3I2OUKRhk0g1ZcbsaELH3KRcfmImtTxcPQGBx6hpf9I_zbNPcdvAJK8jx2y8U4GAqxWIwkywOZPkwlKFgMwTt5J-YueL7jWqav_D1d8SPKTW4Uv1cYCUQu9CMsNhZee5LVqfn0Yovq15kJ9cxkPA
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240807&jk=668571988309923&bg=!OzilOHfNAAZjy5caQ8s7ADQBe5WfOMy81E0ytddwkxlpMqfnh9HYFk7CykPEYGczzgEpW9jBSZFAO1XvmU4FJ7wZNZQwAgAAAC9SAAAABGgBB34ANvBUN-lWmZWHtSpyFnFysVytj1mUZ0o5eBbheyEfIw1Mz_8dKgHAdNgnAs91PxjxJcHzZr3cSZkCvdtAUvWSk2NDqUILpPi5kZSZSIj35dlnQwM7Lnr9nNXcBycVFgaXr4zvNNnMMi_eSqOWtlvQRJqmIEZHkq79IjO8xicrWm2qUtJhYmSNX4uz1jdxs1osBSADumPef5kEIEUraOh6XMiAy0wlMdtVS9rLh7kM-Ar6w8v40xmA8thsFa1jdZdGcVySJ_oh4XSvgVxlbCttc4nJtCh4mHTVzgtt7x23ebIPsO_eafcgaJ_olLZV4til0i1zQ-dnpnJczCJpXJaj1XdtKvk1N1H2gNlPH8h5qx0GHdyoi1FEafK8eaS2yNG18LeN-zkvoEipV_rrFaokPhXyM1NlhOFk7w9bVjI4-9tomG6trLnQSlIYicyUrt_QjZE9uVZVtWDifJVxNUlIdKHzyFwVnFixNpgC8CB9qy1CPhpFeeppeLryhCIPFNBg2-UdMunVL3tGaTuBDob6wakw6GJMGsTb1xY_-RAs_LLsVeb17N_sixQco0H040RW-pzL2n7nKiBkP9xuQPVtFD0Y_Q1QTV-GjPG8O3HAsVwAtKwKVIG5HYgLgirO0RhQAP7QhpICRJTk6UYIFQQnhqVmONdR_NScow61c3FB0ya3rVIRnfGmYbmiMxtlbEHS1FOBOYsY-juPSYqKrWJSf2f4A33fxq9OhoNbSY1xwckVPjz8vgJlvWCbEEso_izJi4OaqIN_vt1ZBNTzz4imazMweNVhQf43CAVtFxqsOynmRFxPqO10Us5-dj5H6GVkXpPd7QGTBazjW20bkGkt21dF8kxmMMLR1CKToaQMOvshUtQDpm7SRwAIOwkSzU2HEAjcTYjP4nbS94lLT0HMM6GPUC7oaVqv94r1QN5diU7xFJbeUGM2kzZbHGMTH-T9G9aPyqPfGh78JXqm0n6cOKiKES9nRHmD7kbwCkuy6Z2RgYhzZrAP
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408080101&jk=185098633813002&bg=!2tml2ZbNAAZjy5caQ8s7ADQBe5WfOM-3v1EwIYtzUd7f0cp23u4qZKqqtbAHjCgyJiLu_Y95Pzknv86G4YY_3fb5EjRLAgAAAE5SAAAAA2gBB34ANuWcB-A-3nuzzx-ctwjsWKjHUdm7Gwpb2Dnc4O5IqCirJOA06_enzM0wbkyyOKHHKh1OHlvbKpkCmeTGBz4uLdb4373dog6r161-XFniVDka-4ICaNSIDHDShKxmtTN4mY17cFWffw16Gba3KWA8wYdXD84VDgExDFawfD5AIIVMHe1VYothRSKmY5v29RBiGQvm71ASRcGd9TUmR-zZotHC3vz372l7oGkLo12npBAYc_JdB_7BWiM34MMtNmQwY5X_7SwtDa5MDSwOlkL2b3FAO9unSAuEsiNziRRL4qgk0ZIOU_VU-c3eXElPfviBOOYnZlyCn4pYGrFFxgNZNJL_79v_sZlriEEgu7lfhMf7HqLSSeYVFUK-ca38yOw-cdYP2JixZoqNN9qFU9Qq8YGwvcw7MRO70hA5tYwZfXGL0PH7pVpo0XWT9xQ95B-7OsYYSboWd8d6_Mk4zE-oujIOeGNfbrjj1thPzeyZx-ACNuDBZJuWXhVHqRo6i9h1MpDUiVWJJ6ionhCSrzGDTk_WpO3OBow3goEXvyRznxe2fY4KWRk6GqmW0AufGPbwsIwYIt7MO1oO-ze5Y3nNHF0Z-FTazgwALto8uwS4rlNQDyMPzVD9tmZ00hYLZAy-FNbT94zF-l6bU0kRpNx4lc5obIhbVyN4uhlXXoMYIa1nf9T_sF4D65PfTAwWWaPthwr0MKvffqb9DNZO8FMR_hZvo582igDcFcmCeD0IcUzdg8zMtVXiHKkVHb5E2wgp4WBcOUn9UHpCI--JWQ0gxZhAldndohFO7SXNNSKLgxxfIBaaWWxpXabr0qS7eZ8X_A8zwDUHk2GT6MiLw4iHVViKgVv_tlRhU-6aOWow0kjbj0xlLCNh0dD3zZNwmF15pY0B4UGYu-qpfSCOHJzK3BtKqNLE-YoIf30hCKe-hq7UMw0qcsVHDoGMd3mgaUBoWL_0
Domain
cds.elements.video
URL
https://cds.elements.video/p/518538/player.floating.js
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=&pcid=b60ba72e379d44a3a5c1b7a1e9402edb
Domain
i.liadm.com
URL
https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=b60ba72e379d44a3a5c1b7a1e9402edb
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE0VGJOKPMe4y0yzO5j-vRYP97Um8kad3Y_2VcGuhJJ52Yj8M8yrVLbAoiYp96RzWVj1wRn07DHjt8wS49pSvMECYkJZbqp2QN1v2Ii-1Y51lZgyryNHyHYtxy0DAmgW1SYXdikad_gyj_1Gx4ZHtcQ00XxxDFjJlrR5dM9_cgGGYZgn9B8ZFJ126J4E123Tj8vxHReTjprAB7p3ule7ko4bcuOzbHDF1PXkg&sig=Cg0ArKJSzBM4ZAImK9f0EAE&id=lidartos&mcvt=2502&p=3,315,253,1285&mtos=2502,2502,2502,2502,2502&tos=2502,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4221809708&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&co=1944204501&rst=1723509245547&rpt=558&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulgMDA29faYtRTYfxJ63QPoK_fAHTJxAiYYWO6P8MZPWwfl4a10s9UdvrzIb_OA9_F-En3yshxv2n3NbRcRROqtd9Ip8jdtHNFYGbS_9tIuYv7qvRKzoISqjkywRguIBzMUwent3sTQURRXEwKcWbkE6nvoEr_cKg&sig=Cg0ArKJSzFaLM11If4Q-EAE&id=lidartos&mcvt=0&p=1363,466,1613,766&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3441933748&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=1944204400&rst=1723509244721&rpt=304&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_u52IoTjA7P92jWh2auvrDZlKGey_PjGwtVtB_C-Lt6HlF4N66rh_1CAHnrJb8pErpCAftttW9v1-5QVbJ1HrtNIVvpId1ldlYR1y238SExJ4VRBQNudF4pf-xir4_GAoMDwgZxRuDM0Bf4E9X62vGj86V6iw1Tg&sig=Cg0ArKJSzCP5Ml950DuhEAE&id=lidartos&mcvt=1558&p=393,1127,993,1247&mtos=1558,1558,1558,1558,1558&tos=1558,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1537550921&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&co=1944204601&rst=1723509246039&rpt=1011&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJ6vDxsPO1_i7jo6tXUYWfLjKjJL3QIOVW4z4G2wu0pA3gdtLaNcA-ESh1fyakom0ptgUdy4sRoWhbN8gTaEVxxUrC6Xy0Y5A-u8H1Q3y8ew9-2BvA2tTvMpe2jU96uTqhmxNv1OkyXxfJ72JcKLi4TgI6QMOz_d4&sig=Cg0ArKJSzBsdgIAi1u42EAE&id=lidartos&mcvt=0&p=1625,1127,1625,1247&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=1537550920&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=1944204500&rst=1723509245147&rpt=524&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrUdXVMokiMvxkiC9Y3pR69zeE9rXSKhhPErAo9PIwjA5dxU5EundvT4AfyQzjuzY_E60nUgrEuRKba0gPhR2oXtEgyu_eL24UyreXZjwJnJ-QIgnQvHmsi43pdJe-gEVKbynjnXrdfCjwB2d4hm-LrMr0_yVYLMw&sig=Cg0ArKJSzI8x1ejqJjqFEAE&id=lidartos&mcvt=0&p=6943,0,6944,1&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=491726623&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&co=1944204300&rst=1723509243211&rpt=422&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Domain
hbopenbid.pubmatic.com
URL
about://hbopenbid.pubmatic.com/translator?
Domain
hbopenbid.pubmatic.com
URL
about://hbopenbid.pubmatic.com/translator?

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| Fusion object| __core-js_shared__ object| regeneratorRuntime object| ArcP function| setImmediate function| clearImmediate function| initBootstrap object| reuterscfg function| admiral object| googletag function| OptanonWrapper object| bootstrap object| analytics object| rpta object| freestar object| react object| React object| ReactDOM object| PropTypes object| StyledComponents object| webpackJsonp object| adblockDetector function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression function| setVariantProps function| unsetVariantProps function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| _elqQ object| _elq function| 4dm1r11545242527 object| google_tag_manager object| google_tag_data boolean| freestarReactCompontentLoaded string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| TRUE_ANTHEM string| ddjskey object| ddoptions object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| dianomiReloadContext object| __otccpaooLocation boolean| dataDomeProcessed object| dataDomeOptions object| adsbygoogle object| _pubfigInstanceManagerConfig object| Optanon object| OneTrust function| twq function| fbq function| _fbq object| dotq object| DD_RUM object| twttr object| fsprebid object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_reactive_ads_global_state string| google_user_agent_client_hint object| LI object| __li__evt_bus object| liQ object| liQ_instances object| webpackChunkDestination function| google-analytics-4-webDestination function| load_script object| confiant function| gtag object| _sf_async_config object| _cbq object| _comscore object| permutive object| google-analyticsDeps function| google-analyticsLoader object| visual-taggerDeps function| visual-taggerLoader object| _cb_shared object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| fsprebidChunk object| _pbjsGlobals object| mnet object| webpackJsonp_name_Integration function| google-analyticsIntegration string| GoogleAnalyticsObject function| ga function| normalize object| core function| visual-taggerIntegration function| Tracktor function| _hadron object| edktInitializor number| BOOMR_configt object| _cbm object| __bt object| __bt_intrnl object| _qevents object| YAHOO object| gaGlobal object| COMSCORE object| ns_p object| hadron boolean| __halo_loaded__ object| __bt_tag_d boolean| __bt_already_invoked object| gaplugins object| gaData object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| OGJlZDkxOGFlNDRmY2I3MWxvYWRlcl9qcw== string| OGJlZDkxOGFlNDRmY2I3MWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id function| GetElqCustomerGUID function| confiantDfpWrap object| au object| auvars object| bouncex object| webpackChunksmart_tag object| bxgraph function| docReady object| autag object| audDataLayer function| audGtag function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| quantserve function| __qc object| ezt function| jQuery object| Criteo function| close_bouncex_ad boolean| 367e61a0-91ed-4bf3-823c-4031c9198fe4 function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| __IntegralASExec number| google_global_correlator object| google_prev_clients object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 number| BOOMR_onload object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.11.0 object| GoogleGcLKhOms function| cnxel object| _qsie object| googleImaVansAdapter object| cnxResources object| google_image_requests object| cnx_webpack_global_elements object| cnx_player_usr_storage object| cnx_usr_storage object| lotame_sync_17331 boolean| cnxIframeDestroyerLoaded object| player_instance_6f59c774322547c8b9069ae01a302598 object| CriteoWknd object| criteo_pubtagWknd object| criteo_pubtag_156 object| Criteo_156

150 Cookies

Domain/Path Name / Value
.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT Name: _ga_WBSR7WLTGD
Value: GS1.1.1723509243.1.1.1723509247.56.0.0
.3lift.com/sync Name: sync
Value: CgoIoQEQiYagyZQyCgoI4gEQiYagyZQyCgoI5gEQiYagyZQyCgoIhwIQiYagyZQyCgkIOhCJhqDJlDIKCQgbEImGoMmUMgoKCIwCEImGoMmUMgoKCKwCEImGoMmUMgoKCK0CEImGoMmUMgoJCF8QiYagyZQy
.liadm.com/j Name: lidid
Value: 3e80b07b-7052-430a-ac90-4bba545cb89d
i.liadm.com/s Name: _li_ss
Value: CjMKBQgKENAYCgUIBhDQGAoFCAwQ2hgKBgiiARDQGAoFCAsQ0BgKBgjSARDQGAoFCH4Q0Bg
www.reuters.com/ Name: reuters-geo
Value: {"country":"JP", "region":"-"}
.reuters.com/ Name: RT
Value: "z=1&dm=reuters.com&si=uxx54n66xsq&ss=lzrowhq3&sl=0&tt=0"
.reuters.com/ Name: cleared-onetrust-cookies
Value: Thu, 17 Feb 2022 19:17:07 GMT
.pub.network/ Name: _fsuid
Value: 557c0825-78a8-4723-ba62-89c92c883058
www.reuters.com/ Name: usprivacy
Value: 1---
.reuters.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Aug+13+2024+09%3A34%3A02+GMT%2B0900+(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&version=202407.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=863eb6e8-a82f-46a3-9be5-09119bdbc41d&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&groups=1%3A1%2C3%3A1%2CSSPD_BG%3A1%2C4%3A1%2C2%3A1
.reuters.com/ Name: _li_dcdm_c
Value: .reuters.com
.reuters.com/ Name: _lc2_fpi
Value: f511229f0ef8--01j54jfycrvra8zst36mp2853h
.reuters.com/ Name: _lc2_fpi_meta
Value: {%22w%22:1723509242264}
.reuters.com/ Name: datadome
Value: lLaH8uTowpT_Tk4QNwRZ_7oLe_F0Z5HBFWB97FoyVUgUpEcNFj5tdtMkdtu_FSax6DXiaPdCyvgQhmkn0fgmLl4iOABp1RAHjRnxNLb3z2d~7eeThYJXlbBCg0EsuyGE
.eloqua.com/ Name: ELOQUA
Value: GUID=4D1BD4DD95BB4E868749D186A3CC4214
.eloqua.com/ Name: ELQSTATUS
Value: OK
.t.co/ Name: muc_ads
Value: 1bd7653c-e558-4baa-ac93-369d5d7c87da
.reuters.com/ Name: _fbp
Value: fb.1.1723509242357.781286196698486832
.twitter.com/ Name: personalization_id
Value: "v1_iURhNTqPkn2F7AyK7bDpYA=="
.reuters.com/ Name: _gcl_au
Value: 1.1.95922369.1723509242
.doubleclick.net/ Name: ar_debug
Value: 1
.reuters.com/ Name: cookie
Value: 3011e5f9-a850-4322-9ffd-ccd48111ddd4
.reuters.com/ Name: cookie_cst
Value: zix7LPQsHA%3D%3D
www.reuters.com/ Name: _lr_retry_request
Value: true
www.reuters.com/ Name: _lr_env_src_ats
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUnz5IN78RavdHj7FdCGbaEirMBqVt39gUtpCOFsC8buPH_KEAV-IAq-zkwkHAg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: a0c430d7-4bc6-4605-a7c9-893b05a89995
.33across.com/ Name: check
Value: true
.reuters.com/ Name: _awl
Value: 2.1723509242.5-89c180e1f9e5fa368674266bf16eca49-6763652d617369612d6561737431-0
.reuters.com/ Name: ajs_anonymous_id
Value: a2651d6c-eb1f-4e2e-bf75-a3ee3a8bf60a
.reuters.com/ Name: _ga
Value: GA1.2.2013332329.1723509243
.reuters.com/ Name: _gid
Value: GA1.2.1068806202.1723509243
.reuters.com/ Name: permutive-id
Value: 5670bdcb-7e9e-410d-aae4-83bec2546104
.reuters.com/ Name: cto_bundle
Value: y47C-l9adm5kUm45cGhqbkRJcHV5VHFxcnlzcjZsRUJZcGJkc0lqYldVampMNHh0MXYlMkJhbHVVc0xQV3JoV0FoSGhiQWUyZHZiUTlhaTVCWmVISDU4TzhLRXRmUEs3YlNzNDJBdFQyUTBHalBubTY4V28lMkZqODJTYjRFdm5oclZPclpaenQ
.reuters.com/ Name: cto_bidid
Value: hsvfq19iUHFRTEFCbU5MV2dPQkNWeG04ZG84bkk2WWJSUGJMUEpUcXJIdEJkWjFiQ29Md2tWTERUUkZhOFBCdGMyRUhxQXFvOGN3eTJ5MzM5bWJYem5NSW91ZyUzRCUzRA
.yahoo.com/ Name: A3
Value: d=AQABBPupumYCEPRKWoDwRbPmnhwja6h4VswFEgEBAQH7u2bEZmChyyMA_eMAAA&S=AQAAAs_aS44C5jYtf-vsfyu095I
.liadm.com/ Name: lidid
Value: 78942327-9dbb-4d13-a493-f76955f50999
.reuters.com/ Name: __gads
Value: ID=c4d838e77b555020:T=1723509243:RT=1723509243:S=ALNI_Mb66IzAxFstK9T1VJJsvMx6_EFXog
.reuters.com/ Name: __gpi
Value: UID=00000ebde517b775:T=1723509243:RT=1723509243:S=ALNI_Ma4sPOFcJzPTRdAMN-vaDV3UQhOIw
.reuters.com/ Name: __eoi
Value: ID=0c5ef8f0bd2c884f:T=1723509243:RT=1723509243:S=AA-AfjbiRNPLqvz35yyrkhBnaM9k
.scorecardresearch.com/ Name: UID
Value: 1946ce531339ccfe4e5b5ef1723509243
.scorecardresearch.com/ Name: XID
Value: 1946ce531339ccfe4e5b5ef1723509243
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co/ Name: pxid
Value: ee198c1c-f7a9-4c98-a135-36e1370a4e19
.ad.gt/ Name: au_3p_check
Value: 1
.reuters.com/ Name: _au_1d
Value: AU1D-0100-001723509243-T0ZB54BD-1QAD
.reuters.com/ Name: _gat
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: p9CmlPChMwCJclUik68vdyzH5A3s0deQyYatFqBu7wcx2ybJs13uJyrFYTu28aaFBEDkKNOgjVFQqAuWE6fw9yp31KjAKOeGmCDhrx1-_K0.
.adnxs.com/ Name: uuid2
Value: 6058041479265940066
.tapad.com/ Name: TapAd_TS
Value: 1723509243598
.tapad.com/ Name: TapAd_DID
Value: 331db1b0-a1fa-4f79-8ad1-1bf44137f043
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5424
.rubiconproject.com/ Name: khaos
Value: LZROWJL2-24-M1EZ
.rubiconproject.com/ Name: khaos_p
Value: LZROWJL2-24-M1EZ
.doubleclick.net/ Name: APC
Value: AfxxVi4P_gb-TlledZ3d1IhKIcaSwCUp24qfCFCa_74ybRX5jyAq9w
.turn.com/ Name: uid
Value: 3629956221129028175
.dianomi.com/ Name: session2
Value: B=&BUID=&L=1&N=1&NT=&R=&RUID=
.ad.gt/ Name: au_id
Value: AU1D-0100-001723509243-T0ZB54BD-1QAD
.dianomi.com/ Name: session
Value: eed36c64325096803c48bed1eedce41e
.bounceexchange.com/ Name: bounceClientVisit5431c
Value: %7B%22vid%22%3A1723509243983840%2C%22did%22%3A%221912080666468704373%22%7D
.reuters.com/ Name: bounceClientVisit5431v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0ATgKYCuCVFKZAxgPYC2RAhhQgJbMwVIjRQBaUVzEQKrACY1mCcWzCsAdny5hpfCFTB91VMRS7qUHIu1bVT5y+2I8TxKgCMUfeuLl8UXBD6PGJGYlwAZvQU7FwIcGKsEWKqGlo6EHoGRiZwXMwA1qFyAKoAygDSAMIAcrhVABoADBUAKkQgADQgFDAgXSD+APoA5qxDKFQoXhowEdqT3cMjEBNTM+pzC1QAvkA
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
.3lift.com/ Name: tluid
Value: 283198025927117159701
.gumgum.com/ Name: cs
Value: true
.360yield.com/ Name: tuuid
Value: b11367b5-d99b-4a47-b2f1-fc0e34ad04ba
.360yield.com/ Name: tuuid_lu
Value: 1723509244
.gumgum.com/ Name: vst
Value: a_aea15c76-d15b-4dc3-b840-9dc3f4e38656
.quantserve.com/ Name: mc
Value: 66baa9fc-248c2-4eddb-9bc51
.reuters.com/ Name: __qca
Value: P0-1053854103-1723509243689
.media.net/ Name: visitor-id
Value: 3665108441268306000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.reuters.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_4WOZ4pO4fIsZrRmlHbI1tveH-R6ugMsZMFK89y4V3KQXM-RTbAg1sKzXSX1Rbq9zunBlA4GXV8vlOvGoHKTi3-tlLQBS2V5CLBB_AXH_BLDFuqORPBIVNmLeDMPxApM5ZK776kCC6qrNDzwk9qlN1aznKmw%3D%3D%22%5D%5D
.id5-sync.com/ Name: id5
Value: d4d821e6-3aca-7bf4-a6a3-2ec208300b90#1723509243334#2
.pippio.com/ Name: didts
Value: 1723509244
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.pippio.com/ Name: did
Value: pupq3l1_kDuoE6jG
.bidswitch.net/ Name: c
Value: 1723509244
.bidswitch.net/ Name: tuuid_lu
Value: 1723509244
.bidswitch.net/ Name: tuuid
Value: d4250aa9-51be-44d5-ae43-81cf35b58400
.3lift.com/ Name: tluidp
Value: 283198025927117159701
.criteo.com/ Name: cto_bundle
Value: VlVOR19Jajg0R1h6dTJ1U2llT0I3aHl5MnBJUWlzJTJCRWY4cVprdWJHRUJLU1hNQ0VvWDd5cHEzRzZRamV6aVpqNWtSJTJCWDRsakhaZTZLUzcxTTV5U3NkdFdlJTJCaFJCYWVWN1phdWxzSCUyRjFMNlk4OVE0ZGNOMG16dlIxdW93NFhMbkdRdVdP
.casalemedia.com/ Name: CMID
Value: Zrqp-BdaRJIAABM5CHeVLAAA
.casalemedia.com/ Name: CMPS
Value: 5455
.casalemedia.com/ Name: CMPRO
Value: 5455
.bing.com/ Name: MUID
Value: 3C535B4901626932146B4F93000C68DD
.c.bing.com/ Name: MR
Value: 0
.reuters.com/ Name: _li_ss
Value: CjMKBQgKENAYCgUIBhDQGAoFCAwQ2hgKBgiiARDQGAoFCAsQ0BgKBgjSARDQGAoFCH4Q0Bg
.reuters.com/ Name: _li_ss_meta
Value: {%22w%22:1723509244932%2C%22e%22:1726101244932}
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiYjOSltc6dPRAFEhkKCmxpdmVpbnRlbnQSCwioiLSwtc6dPRAFEhUKBmNhc2FsZRILCIKt9LG1zp09EAUSFgoHcnViaWNvbhILCJCox7K1zp09EAUYASADKAIyCwiC_7bdy86dPRAFOAFaCmxpdmVpbnRlbnRgAg..
.linkedin.com/ Name: li_sugr
Value: 5d55fbe7-b260-43ac-998f-5bed1989ffd6
.linkedin.com/ Name: bcookie
Value: "v=2&45c606ce-fcd9-48a6-876d-af2cd002151f"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3341:u=1:x=1:i=1723509244:t=1723595644:v=2:sig=AQGGNJeZ8a2B4YekFoIVBwxg7g3nipux"
.demdex.net/ Name: demdex
Value: 07939968299586851874501319572925064075
.dpm.demdex.net/ Name: dpm
Value: 07939968299586851874501319572925064075
.brand-display.com/ Name: _knxq_
Value: 431fc318-aeff-a49f-098d6e7f.1723509245.0.1723509245.1723509245
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rezync.com/ Name: zync-uuid
Value: 3cfc7597-d5e6-4b5c-86b8-3dbc59af3b47:1723509245.2227361
.mathtag.com/ Name: uuid
Value: a4b666ba-a9fd-4c00-ba68-58572634b151
.zemanta.com/ Name: zuid
Value: XztfnXNwGm3L3R7nhTJT
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f320b044-5eb2-5c1d-4bc7-7994a73b483d.T0FKp4IqKdNDrdhk8unaToH5O1UkzD9Wmf2SsDFFxOc
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f320b044-5eb2-5c1d-4bc7-7994a73b483d.T0FKp4IqKdNDrdhk8unaToH5O1UkzD9Wmf2SsDFFxOc
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A8yCwRF6yXB1Lx3mUpztIPZJGyas.pVQYRZY2bwpdKakW%2F6TTx3VG7kYOQ4MlXS9amaapZRE
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A8yCwRF6yXB1Lx3mUpztIPZJGyas.pVQYRZY2bwpdKakW%2F6TTx3VG7kYOQ4MlXS9amaapZRE
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGMaYX7trZHLJNzjcdOUP0aGLzxqtB7j5eCgxDQy2Sq7EGcYBCD90-q1BjABOgTwU00QQgRS0ZdQ.7L94BtRL3CCU2qePEsAa5o1idGM6tkNym9kNqMdyU8g
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGMaYX7trZHLJNzjcdOUP0aGLzxqtB7j5eCgxDQy2Sq7EGcYBCD90-q1BjABOgTwU00QQgRS0ZdQ.7L94BtRL3CCU2qePEsAa5o1idGM6tkNym9kNqMdyU8g
.primis.tech/ Name: csuuid
Value: 66baa9fd7b614
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTExMDI2szA2MTMzNhPiM9Q18s8t8AkJyswt87cEABZDHiMlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIsRWAMAgFwAmsMgc-A3xI3EaIGcjS0kktfZZ3V3HJmY7uNHAaaSCpWTSSEYl-TAn1vToLts6KlZldrN5l-RKuz994AYGWaM1aAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4BjguGA3QkwhVu7ud9B6N5GUhTfECy0zaoqtauSzrZz3oBquVMepqrQYPwB_HHU6AAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTExMDI2szA2MTMzNhPiM9Q18s8t8AkJyswt87cEABZDHiMlAAAA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.ssp.wknd.ai/ Name: rubiconUID
Value: LZROWJL2-24-M1EZ
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: aBvuWwQJdJ
live.rezync.com/ Name: sd-session-id
Value: .eJwNykkOgyAUANC7_LU0wB8YLmNkMCGttBG7qfHudfmSd8L8qfu29NoPiMf-rRPkV7s1IJ4w2m-rT4hggiPNRNqieCQRFLgmGHWM9u5zK_fBvGbHwanCVRQlzspL8gpLyhyWFRO5aJxF1sESP6y1DsXA9QfC-SYH.Zrqp_Q.TttBP09Ue5cAxIWxmnld-Lldv-w
.lijit.com/ Name: ljt_reader
Value: JJtiAQZHRauAou52T1-OVCc6
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 2454112683#1723509245809#0#1723509245809
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVTEhwOVNu
.intentiq.com/ Name: intentIQCDate
Value: 1723509245811
.rlcdn.com/ Name: rlas3
Value: GxKab2FG8DuS4PPA5EaZMJYVrQd8EY8kvPNGY70bByo=
.rlcdn.com/ Name: pxrc
Value: CPzT6rUGEgYItuoBEAESBgi66gEQAA==
.sharethrough.com/ Name: stx_user_id
Value: aa0fc3fb-e92b-44d2-9c28-496ce6dd0b3f
.lijit.com/ Name: _ljtrtb_80
Value: LZROWJL2-24-M1EZ
.ipredictive.com/ Name: cu
Value: d5d8ade0-3438-43be-9810-e12b5bb25a76|1723509245936
.adform.net/ Name: uid
Value: 7318492507273397417
.amazon-adsystem.com/ Name: ad-id
Value: A4tOXoen8kfljnTcRytcB2A
.a-mo.net/ Name: amuid2
Value: 90c8fd50-063c-40be-adbe-a0c4ff8cb903
.a-mo.net/ Name: pamuid2
Value: 90c8fd50-063c-40be-adbe-a0c4ff8cb903
.prebid.a-mo.net/ Name: psd_amuid2
Value: 90c8fd50-063c-40be-adbe-a0c4ff8cb903
.prebid.a-mo.net/ Name: sd_amuid2
Value: 90c8fd50-063c-40be-adbe-a0c4ff8cb903
s2s.t13.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2MDU4MDQxNDc5MjY1OTQwMDY2IiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDA6MzQ6MDQuNDE5MTg4MTQ5WiJ9LCJzaGFyZXRocm91Z2giOnsidWlkIjoiYWEwZmMzZmItZTkyYi00NGQyLTljMjgtNDk2Y2U2ZGQwYjNmIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDA6MzQ6MDYuMDUzNTU2NzU1WiJ9LCJhbXgiOnsidWlkIjoiOTBjOGZkNTAtMDYzYy00MGJlLWFkYmUtYTBjNGZmOGNiOTAzIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDA6MzQ6MDYuMzQzNzkwNzQzWiJ9LCJncmlkIjp7InVpZCI6ImQ0MjUwYWE5LTUxYmUtNDRkNS1hZTQzLTgxY2YzNWI1ODQwMCIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjM0OjA0LjY2NDU1OTY1NloifSwibWVkaWFuZXQiOnsidWlkIjoiMzY2NTEwODQ0MTI2ODMwNjAwMFYxMCIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjM0OjA0LjMwMzIwMzIyNFoifSwiaXgiOnsidWlkIjoiWnJxcC1CZGFSSklBQUJNNUNIZVZMQUFBJjU0NTUiLCJleHBpcmVzIjoiMjAyNC0wOC0yN1QwMDozNDowNS4wMDM4Nzc4NjhaIn19fQ==
.a-mx.com/ Name: amdt_t
Value: p::1723509246368
.a-mx.com/ Name: amuid2
Value: 90c8fd50-063c-40be-adbe-a0c4ff8cb903
.rtb.mx/ Name: amdt_t
Value: p::1723509246385
.rtb.mx/ Name: amuid2
Value: 90c8fd50-063c-40be-adbe-a0c4ff8cb903
.rubiconproject.com/ Name: audit_p
Value: 1|NZ6PeoVZzG+qlse0vnbmdEeqEwrGSEK+TX7TsniRQl7ULEzLSiMGrWwm+n84ihQFIb1/FoJmRfpBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPEc7wui0eGkOSY3lAse3zq3HLK2tjesZjsOXeCbJAzK1zY7yoJVHQ3jeJRBGYIPH7rRQteSSZO1q/Vtt7hKIOSQ=
.rubiconproject.com/ Name: audit
Value: 1|NZ6PeoVZzG+qlse0vnbmdEeqEwrGSEK+TX7TsniRQl7ULEzLSiMGrWwm+n84ihQFIb1/FoJmRfpBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPEc7wui0eGkOSY3lAse3zq3HLK2tjesZjsOXeCbJAzK1zY7yoJVHQ3jeJRBGYIPH7rRQteSSZO1q/Vtt7hKIOSQ=
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
measurement-api.criteo.com/ Name: ar_debug
Value: 1
.simpli.fi/ Name: suid
Value: 7070F5F329D540878F4249BBD09B6E16
.quantserve.com/ Name: d
Value: EHMBCQHHLIEA
.dianomi.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiNzMxODQ5MjUwNzI3MzM5NzQxNyIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjM0OjA2LjY3NDM4NDE5M1oifSwiYWRmb3JtIjp7InVpZCI6IjczMTg0OTI1MDcyNzMzOTc0MTciLCJleHBpcmVzIjoiMjAyNC0wOC0yN1QwMDozNDowNi4zNjg3OTEzOTJaIn0sImZyZWV3aGVlbHNzcCI6eyJ1aWQiOiI1ZjUzMWJmMDNlM2I2NmU2YWU5ZDQyYmZkNzdiNWQiLCJleHBpcmVzIjoiMjAyNC0wOC0yN1QwMDozNDowNS4xMzQyNzQ1NDRaIn0sImdyaWQiOnsidWlkIjoiZDQyNTBhYTktNTFiZS00NGQ1LWFlNDMtODFjZjM1YjU4NDAwIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDA6MzQ6MDcuMDI5NjU2NzQ2WiJ9LCJvcGVueCI6eyJ1aWQiOiI5NGVjZmI0OS1lNTlhLTQ2YzctYTliNS00OTViZTc3NDdiZTAiLCJleHBpcmVzIjoiMjAyNC0wOC0yN1QwMDozNDowNi44NTIxNTY5OTRaIn0sInJ1Ymljb24iOnsidWlkIjoiTFpST1dKTDItMjQtTTFFWiIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjM0OjA2LjU1ODE0MzYzOFoifX0sImJkYXkiOiIyMDI0LTA4LTEzVDAwOjM0OjA1LjAxOTIxNjYxOFoifQ==
.creativecdn.com/ Name: g
Value: 3GJvf7NaaoOKU7zi617Q_1723509247449
.creativecdn.com/ Name: ts
Value: 1723509247
.connatix.com/ Name: cnx_userId
Value: b60ba72e379d44a3a5c1b7a1e9402edb
www.reuters.com/ Name: cnx_userId
Value: b60ba72e379d44a3a5c1b7a1e9402edb
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1

6 Console Messages

Source Level URL
Text
javascript error URL: about:blank
Message:
Access to XMLHttpRequest at 'about://hbopenbid.pubmatic.com/translator?' from origin 'https://www.reuters.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, isolated-app, chrome-extension, chrome, https, chrome-untrusted.
network error URL: about://hbopenbid.pubmatic.com/translator?
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: about:blank
Message:
Access to XMLHttpRequest at 'about://hbopenbid.pubmatic.com/translator?' from origin 'https://www.reuters.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, isolated-app, chrome-extension, chrome, https, chrome-untrusted.
network error URL: about://hbopenbid.pubmatic.com/translator?
Message:
Failed to load resource: net::ERR_FAILED
worker error URL: about:blank
Message:
Access to XMLHttpRequest at 'https://api.permutive.com/v2.0/watson?k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf' from origin 'https://www.reuters.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
javascript warning URL: about:blank
Message:
The resource https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10844217.fls.doubleclick.net
7cc31a9cfa56fad9a4f45ece8b5e1ff4.safeframe.googlesyndication.com
a.ad.gt
a.pub.network
a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ads.pubmatic.com
analytics.google.com
analytics.twitter.com
api-js.datadome.co
api-reuters-reuters-prod.cdn.arcpublishing.com
api.bounceexchange.com
api.btloader.com
api.permutive.com
api.rlcdn.com
api.segment.io
as-sec.casalemedia.com
assets.bounceexchange.com
assets.connatix.com
b-code.liadm.com
beacon.tru.am
bidder.criteo.com
btloader.com
c.go-mpulse.net
c.pub.network
capi.connatix.com
capi.elements.video
cd.elements.video
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.edkt.io
cdn.hadronid.net
cdn.permutive.com
cdn.segment.com
cds.connatix.com
cds.elements.video
cm.g.doubleclick.net
connect.facebook.net
contextual-analytics.wunderkind.co
d.pub.network
d.turn.com
data.cdnbasket.net
dt.adsafeprotected.com
e.cdnwidget.com
eb2.3lift.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
freestar-io.videoplayerhub.com
fundingchoicesmessages.google.com
g2.gumgum.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids.cdnwidget.com
idx.liadm.com
image2.pubmatic.com
img.en25.com
ins.elements.video
js-sec.indexww.com
js.datadome.co
lb.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
optimise.net
p.ad.gt
pa.openx.net
page.cdnbasket.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
prebid.a-mo.net
protected-by.clarium.io
px.moatads.com
rp.liadm.com
rp4.liadm.com
rtb.gumgum.com
rules.quantcount.com
s.go-mpulse.net
s.yimg.com
s0.2mdn.net
s2124157686.t.eloqua.com
s2s.t13.io
sb.scorecardresearch.com
scaredsnakes.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
sp.analytics.yahoo.com
ssp.wknd.ai
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.reutersmedia.net
stats.g.doubleclick.net
sync.colossusssp.com
sync.intentiq.com
t.co
tag.bounceexchange.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tru.am
ups.analytics.yahoo.com
usersync.gumgum.com
view.cdnbasket.net
www.datadoghq-browser-agent.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.reuters.com
x.bidswitch.net
z.moatads.com
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
cds.elements.video
hbopenbid.pubmatic.com
i.liadm.com
pagead2.googlesyndication.com
sync.intentiq.com
103.43.90.54
104.17.208.240
104.17.209.240
104.18.12.66
104.18.13.66
104.18.20.206
104.18.20.97
104.18.25.111
104.18.31.150
104.18.36.155
104.18.7.198
104.244.42.195
117.18.232.195
13.212.219.28
13.228.126.19
13.251.151.87
13.32.50.88
13.33.174.21
13.35.27.29
130.211.23.194
131.153.206.102
142.250.206.194
142.250.206.227
142.250.76.130
142.250.76.134
142.250.76.136
142.250.76.142
142.251.42.174
151.101.108.157
162.19.138.116
162.19.138.82
172.217.161.226
172.217.161.68
172.217.175.226
172.217.25.162
172.217.25.166
172.240.155.100
172.64.149.180
172.64.151.101
172.67.74.245
18.138.186.60
18.140.156.156
18.235.141.191
182.161.74.11
182.161.74.18
192.29.13.138
2001:df2:a300:bbbb::136
207.65.34.80
216.239.36.181
23.195.85.83
23.219.68.21
23.32.224.239
23.32.225.214
23.34.99.108
23.40.192.176
23.44.52.187
2404:6800:4004:801::2001
2404:6800:4004:826::2006
2404:6800:4004:826::200e
2404:6800:4004:827::200e
2404:6800:4008:c06::9d
2404:6800:400a:804::2001
2404:6800:400a:80e::2008
2404:6800:400a:80e::200e
2406:2000:a4:807::1
2406:2600:4::1
2406:2600:4::b
2600:140b:1c00:38::1732:7693
2600:140b:400:696::11a6
2600:140b:a00:6a3::11a6
2600:1901:0:56e0::
2600:1f18:1aca:4282:6cc7:500c:25c8:6112
2600:1f18:730:b150:12d9:2b5:9ece:c551
2600:9000:2066:f600:6:44e3:f8c0:93a1
2600:9000:221a:c200:8:8845:1500:93a1
2600:9000:221b:3a00:18:1fcd:354:4b41
2600:9000:26cc:6a00:8:48e:53c0:93a1
2600:9000:26f2:7c00:f:e061:be80:93a1
2600:9000:26f2:c000:15:5a3e:9d40:93a1
2606:4700:10::6816:34ad
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:274
2606:4700:20::681a:932
2606:4700:20::ac43:4513
2606:4700::6811:7711
2606:4700::6812:1c7f
2606:4700::6812:562a
2620:116:800e:21:6c50:dbee:bef5:203d
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:200::714
3.225.71.245
34.102.183.59
34.102.193.48
34.107.140.113
34.107.165.188
34.107.254.252
34.111.113.62
34.111.152.239
34.111.8.32
34.117.4.53
34.120.111.33
34.120.253.250
34.160.152.31
34.237.70.114
34.36.214.49
34.98.127.78
34.98.72.95
35.213.12.39
35.241.9.51
35.244.177.184
35.244.193.51
35.71.131.137
35.71.178.8
35.81.90.104
44.218.0.89
44.233.229.211
52.223.40.198
52.37.4.167
52.68.124.96
52.76.62.253
54.150.112.144
54.151.251.104
54.169.90.152
65.9.39.3
69.173.158.64
69.173.158.65
00b1c40aaef9f10453b34934365b1f1f021dcb56634a6de2cc94dbe4966e720a
015ab9fd618860f50392438cebce68c9ddb32dd473fc8438fda77ad0fbc56a6d
02e4ea401a678b865bac19dbd023ff3e5756e07a659bed4b8b932af0e74095be
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
056441bacef66229fb1f54033813a227d5b3bbcb527ed2bce80d2bc2379ee9f4
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05cd6b59b9bd19aab8ea512f132c22843b1f75c3d7c99dc159fbd2c39fcd9f79
07fd832eec514aac44b1f2b8cc6540ed6f8259e41c96fa5c05324317f2842cb9
081964cb42fb3168a6ccacae28e19cef8ca6d1aab6e7e4c4445f6da1442e3da7
0850b288a730703666e701e56750707d575cb1f006198408522077397d230462
0967d970546ba23248b29f7d64a09a2ff7bf43b670f398167564eb6da723cfbe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c382b4f6b0703ef7940cdd4d947345f92c68603f1b1ee6839102ffcd63e016f
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ea426f6bc022f43b8a59c2f99a81896114c0ef516f9d8033edf4a8491bb76e9
0fabe183e0ebe9b85145359e7b3941002b84c3fbb101a4a5c54abf75e65cc08d
0ff7fbfd839ac9dbeacd1e1226bb8905325f9a8c0ee0dff5d82bc232fb0fba06
11286005be0144048b40410234094e5ca25a55a987d088eba6d0e5426a0d52ea
1229c290a9a1cc7d666da220eb745e15550f61a67538415cba594a4ebd52fa89
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12e1d0605c15b9d854d8f6535b9b05915e48f9a250e00410d5191ab8c12abe5f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1427bd48864a35ad01c60c85e0904741c6edc6e401e5c3e91f4858197b9face1
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
1893420e99d00bf508789dd95c0132d5ef869cf47e8af422ca15fb5e9b17839f
18abfc9590f336de12e6559cc502a3bf71683b592c386afb5174f0ab8676eab5
19aab8d6e42cc4d6e44909cfffe27ffda20bc671425389fe5d3cdd6dcd83c2e1
1a93d9b2535adea83ab3fc88882379e6b45052c2327e3827b48c94b298cb1167
1ad05e1c7f3e7156b61e7747925f1474aaff954df6ce22858fafca3699c9a051
1b420d5f4d5b45fae15afb30c074f34ea0d08fc0824eba6e5d71e4422c49d9d4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d02097681394ad6eef93d032c5f044141e6b89131fbbe0a0ee88d39f5713fa8
1f42282e6500435cb756f2b6044e38adb33f01ca825e417636a6441d39b81bed
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
26673eb2c8b284cead72a9eaca5f160ac0b15d166cd6e29fdf63ec557f7acbdf
26ce95a6764b9a66f96fb5342dd0f63f09b152a5c5efea8154d992a6b8fd5b03
271bdec2cdd30742b94baeb064fc1d66e8f3fffbf3d7252ffaff60b3cecbe031
2806c118a921fcd8263f5cce62a52286589bd1d720b07f9465c05d2391fae32a
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
291ac3898f3f28bd32810a5ef0f380363afee480e535632f0254da751f775c63
296248a03efc5a5fd37465fb1e868935747416a05a90720ac17df45ac55aac93
29c511fefca64e798e43f8d5460e9a164333d9c3b3f2505e363c4c645e2bfd08
29d1723de3a3b88fa616d33e76c661f461662d782a542d62986f57110f2fc595
2aaa3a1134963f3d0092aac6273bb2889869b8f4f2f05c880c3fa65f8801f7fa
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d14e9c5e9f30aeeab67d1469b214db9a23f15d8d85b745994225b01b2e9be51
2e08a5392c91e316f6bbb253ffe55df70d12aa49a3059133b38d13d80b60f75e
2fc364844767afcfcadb2bd75ae41d008d1ac70351d355f03d3d4814c09bc09d
2fceb9ef8db2a2793edb4cad84716b12c3eac8d25e543598b53dd5f6b44cef5e
31680b8579b65b33da8696cfab15955a53835b2ec9d141f456f16611b93560b5
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f83d5e4de72b7a907cdaaa16437ac0d193091a1d6ff64d536c088cf7093011
320de587a569204eddd02bceaf7081fb9f993c2f20195c7e4d314d6254fc7d77
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
34a31358d4e7e9cae1c875094d5b75418d7cd9fb1d3c449598333126287fb8c3
34eca4293b3f87a1abd31c2c4c1623a12d42384698d1805e39a8a198b698c723
363cf31e9de0e8a93a32b22d3f0d4bf9af85250e148809240d5ce960eb3a36ba
36b5b2a130cf51a7b2ef5ad45da9b8831672943077132e11bbddc1c610236be3
37fa714e469dacbc174f44741436eb7b7325daf3aa670f921526db70f2e6bf90
38b3f3657c028f7947ece595a204ff2c879bc4c0254da2c94eb125ae79762977
390c9ef8f5538d4779f30001a75d5f1267eef67b441a0c5de36d3b32fe45b3f7
3999ddde00a86aa8cac52ba54aa3cbf69ccd2ff81a1ecbf5d179eeee6ac835c1
3d14c1678ae17743e4c9d8c59fb5e71ce1d8d85637dca4dfce2d1cbe8078d5e9
3de6d5c242763f065fee4c0f4b630ee115b088f47cebace0e8c654be8768bba9
3eed5ce7cd39675fa2d97cf9deb078ab5453fc2456c26898c6ce537603873da3
4023a9c64440624a26674e5fed4524eae80d64874dddeaf8e639640462d1346f
417ff167413bf025775395a6e15697366cc5682a0817c335974a8e3f0ca72371
41fa3675d131508fca85bb53517def30f7f979208c9211e4fd97635e0e31f8a0
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4458dcbf0f517683b91b9673c4a27995816418edd4f16af5c97ed54d57c50300
46ffdbb826033b2b51f222bb08355173900fcd97c07c2983d00b44bd3a3e5873
478f2222bd4b659ff731748fa4c7e22003dfc6dec1651f7986bf83ff263b12a3
4876a0a6575938c5c1ec57a4815d945a2b87cf2f37c91418a646fa54c5ed8481
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4932512f686fd1e51873bd4fbd518e684a46335e77d6b54b0a27c7b3a6b1f3dc
4c3c72137144bf77e66f8d9e97b8f14ae3aecb4ed1be4fc2b616a4dd8ac88793
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
4dd1b71be54e4d69d24ea1d1e0d67e132012ee7844c7b29c807cf3c17203fecc
5159fe2ac1dcc8473fc68fb9b41745f3f6a101e2dc6715746e47602ef30f3543
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
52a83bcc3f0b4331fd5316545c1de035905bb3a6d53c9f8286f1ee1fa1f441b3
5385b1b3c9bb796db5e0bd5b91b4b9ef1069f836164899da4afb635a4603f334
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dccd1885fc5f26d942531e2afe4b4efe359029568fca00587f134ca3fd8539
568bb32cad39bd6e3e0494542374ce2b70d2917a4145766ddbe37d96e7256162
587d5ce5eeec73df9e17deb62985bea62a55ec23d35776d13dc88f8866ede42b
5897a494ebec82bb9c6d4da5418a0adbb90b2ec7c1603a90e6871e090e47e8d4
5954d9f0e0823187d29251ad67df6223bbec8a86ff9209fb12b8d64bd67441a8
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5ae1c4b5dde213a7e08eae460893f3da84b0c766e93b833d9c83c721e09868c1
5e86b02d8388be8e4ca8a1538044129612d460fbb187e1abf5bfc216b19d0196
60683094c3e55c42f072fb9394c040403ebb8fa2b198a6a920dc10960cab00a0
6094d38d7fe9480541d52a653499ff659b068815ca85351a654839a020bad839
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
664352bdd12bcc85e70e125ca334b3090c46d2d0bee63785afb40fa8c50baa1c
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
69406d4ea980015b18d1a4b096c43a74c916d126d2a69ebf116c067bcab9919c
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
69ffada9376c8e637c99be63eb01487d58785c67137ba7a170815d2b32fc7258
6a7989df2fe5ded9756e826fe26c3c52cb6ddb599e91247514016ab3517e57e4
6ae718f7ecf0409e554c04c716a473acc8778c51e276d928bafdf5164c5cddd2
6aff8294af9ed8a0de81943befa1bf28a20befd348f4df64bd30a201d37b8504
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c391c2804ec418cb11a5a915c63c9f7414716ec56a5b4cdf2ee57bd1b78e1ef
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d6068180a5c710c68c8ee0e290cb9b37b3450492d3f9e3ae46083deb152fbcf
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
70efdc4764096533ae349a824c3b231d225f2a76270db545233a221a4c337914
71d5f2c9f54039e8ee63dc5d02d9287f45637fcc076c51231ea1f62cfae611a0
71ed7da19f4cfcc8afad3975607cddae9cee1dd96a7961e66a56973bec63a5a4
734b3b047094ac63cf762e19bcc711c2f5499c725e7bac9e9d6d1a9fc730da5c
7522414b9a7d076f4978fd6d895b083a6c9131b477d315b481431caac9c5bb97
766e02735383428469000e5113b034fa60aa6152fe7c68341cd2c680c7507a0b
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
7752d284ef03a46ee88ba73c7a4ad0180c6e3db92697139dd414037843dc8614
77545ad0a65a4b050a7de9a545a0506c0ca4c7472766c508b7c2d1a7ce08cf28
77b4bb862fdf79aa2bbcae1fe18aedd83289e02e4f21e71790b52b83dd3a9013
77bc90e5c022cd53ed2d03490bb105cb27c0097272d336ee9d05c41e0b2eab50
77e09d22c5c016e7a22d42e00d23a145d7a8e43fa9865c56c333369f05e807be
7a142cfcd37a37d2e309f7d93e65d80e9d8a7aae902beb9ab7679f2b4de308fd
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7b028bd913c437f78adcc48478e7349be92b75990d55b345fd21348a271446f0
7b76d239f05204d1e888c22f82f7df88953b3f8ff4b518c69d8f33fd736deb64
7bd1589f452fb979ca876d514c0560ce0504047e6845b3fb70316104e3cde439
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7ccdf8f4143f8144ed0c03cbc9d351fb85718fcf89b5ad9d70b41deee2d44222
7d5e663d14a945bf88339ef783adf85c43a0dc4605b021b0c7643c1c966f6117
7d6f572c2bd53cdccc6daf9827566d6e74c416bc758b521a308f26ea0f2eff94
7e313768e18281e9f1bac193fa34b4cd9fa8e3feb1e8afe229c1ebaf74ee1134
7e57f023475e085ccb55cbb1c37501115fd0e746b60d30eedd1dea100bdb9586
7ecc00042164be0beb57624f8b9e124f155fc6a22af7d4c77b17a6910733e0e1
821bc756e59ef5044ee35b8af0e8488f18016f86e9dcb3501a5841a7f8552120
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c0429b6629d02f37540c1f151a13952c449a955efd798cc8aa37c34767e59c
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85ea780238be6b5df6d9f24937d9886a94ff482e751d91ac75ef934334ff0955
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
8674be91ab593d6bdb3448147214f1597c8db146038f96d8402c16208fb31afe
87fdc58d3514e4358647bb32642cc537c0f08593009d21121a45434bbec57f71
889075cf60d34ca5fc03bd711b98b3b59a0897b3c62de402a53b087304560738
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
892331505e4a765c86728fa0a8e183eb60267192537f8bfed4afa1e836589b90
8bce13fdc604cb862198eb7f204e2121f6a40333810a4154215ff45c07857cc7
8d2368c438d868db88d8adbcfe3f9c72c23ef97ad15dbd173c7b495d6cfeb7a9
8df14e12641582027690285d2ed7398de091a3335383d547468969fc42683b14
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
905eecc7f77154b4ac1afc3c1482519c4b80b2bdbf69bf9ef8e879bb8c162955
90932472b6e39c392dee868ffb46cef80a253047e904b41803554c957dc02f62
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94cc0c420b9ed6e3d83d0766e25189e571d0c2c29097846f30a7737e1e8256c2
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95bb51aaec5baf9af95d4710807c5eddf5e207349db89a265ae15a44a3487ecd
9678a3e2b4e3da064b01a89c62f55fc11a3927c4bf7fc8b6e2ac6f3fb638581a
974eea1e82174c5198c1405039eb85a59db4e98f6b7329718bc89ad845c3ef98
979449b013f1b500b63b88456fba91123fb0adbda845190b53f3eccf1a7f4c26
98f7295fe9b5f8a966e2206ce3aaca841cd8f1ea95167c3c6135315cb9625e8c
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9a2cb88aa5d0a7cfcbed05f4440c03bfc24eb90328fb721278ae380841438a51
9a6cb0933249833b2ffd4b0be527a7a318fb269c2ef68e4872bcfa2bc17da65b
9bcc850e111afb651993f3bdec2565a45cb29dd84d71473594ee51d9264e0e0c
9d7beaa548a30109a908bb6215cb802d2efe90f81a5ca09d6bb451ef52a55eef
9e6b8c097ed798b561e51796fc897c5d6a60f9049e49ad7f40d0ce858644447c
a0aae98cc679fb644a0c05e13f610675aa2abf355ff0ddd9e59421abae3cdb57
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23d6f84a8a72ed44be306055d36ce817bee44ff2abc01b022ffd5fac076d754
a602fd8949bf13e4b7d58c649f4549818798128eb49a30b664effd8a8e6e5657
a7833afc36ef15a3f9a23a89551a5d5674004ff4557d67e0f1e31009949e6e22
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a9c4864ee6e27a1e8eb6a27acdbc1eacd207cbf2bff858bed156bff238efb6cc
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac6eaae89e3bb38cc362917c72836b2bf2484901208a5c608577e9afd3f90055
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad4afed40478130a14712b563085523a3c4d244f468b17f5147e200198ded738
ae2301a8d3ca8d4cf3276e6be61873594f37d3a32259df31b6270ae5abf0cafa
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0cec1148d29c292b051ef4b8a5f07b423aa9ad71626d5aa4145776dddd05ea6
b131867fe122dc4c9e41bf425c38a2daabdf762b6bf1b55c39a5362567f5594d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22f8b1f99c2ee5032f2bba7fbe15d5ba7b8626288a2ed9667aa711a617946b7
b33eb92d91ab56940b23fbe85241ed60ee72464255a9b50dd949c472e48be928
b49a7cc51de35b2e0ae15de49d83d9452e0d43a93369c5ecc1790cbd04a6140c
b4fde8d9c259fab069746c3995cc43a208c254ea522b387e57ddafd55db30813
b504b32cdcea5e389725b80ed023c44131253f75085868220e15cf3256a1a713
b64c145506fd0fa39ae80f8960d67b14e496684a65ba1937127704fc6fe4c01e
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
b8baa093b795d307fb6d8a9f6860489a82221cf87de6d5b56bb6385e4db7ffce
b8d02656bac39c3b626a42e09af1d824dee4792b40c4f9670a3b547f80daf4da
b912d6c89c90134bf04f50af7063aa07d62846d35b1888c9276c4b82ecce8897
ba5de40b7cbe6f03873aff1cc840f6305ef15ac5dd8ef943e7fb36f9b5720f2e
bd616a09ee2478443e055159b0b61ca10920f65a72c7a2b0c835d6acd5e9eaa9
bdf1aead5ad82438cbd2105c1884c7889f0b3d8fd6870f40c1066b5f821ff180
be4b2fcf073dbc7b877aabaf18de2240c6a0452170cb26abeee1b9d5e56803e3
bf2246b1328a07619d290629df22beeea03b7bef584693d83142752b06975c4a
c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028
c0e2edfde5b45fbdb2cb3356d46aaea0f5fd72d667bc6bcfac544677cff16f36
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c22f94b9363e83a490215650ff0e73872d5cd4760564370e1b440502cca61869
c24bd2b08320d1ccb2c5271d79a8f0c0544c5f234298de9a6010edb2dab938a2
c2dee0a3bffdcf10477ce76b9dd73778c445bf3593576fa11a434d6035524645
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c509862f8eeee6bff0dadf913f679fe1d7b9a0e1706c4d5927cc494a0ee54b99
c51fbdca3871f78e427ec6b3c40a26ec35bf460f02ae7daf1c13cbfd01eec0bc
c6eadaa139890c12b853419fb2c7cdec1ca4bf0ae51936d2f77c1ffc7f3958c1
c812d6502bd73930d3d5cdb5244d339a2a70b6303d32b362873d2f973d5b1056
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb683ce0ae1698f59fa71b98ee9897aa919259731df539a043265a6a0a534066
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09ba9d469727e2f09cf9c9c12073ab1c22b4797680bd5f19207d1f470ce43c7
d0d961760b25cabb63e5943800565b32cc3cc4bc94bc887d1b2fc88bd0e6b4ef
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9fdde46722c356245515ab09100065679c75e804e922fcc602284d9018794ad
da535d10affe3aa479b98b6e9d7ac53fffed080af75cebfdbe56a1de7125c4e9
dbdf2a38caf189ac22e81145825d2fcc067aceadcc641dd93cb0b5c08bb4c2d6
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
dcd3508ddea2fb0e5b18608d9a8210a7ae4af09e0b93561e6eb4e48a7af50bdc
dd3df42171977ba483118cb045354657fac32777b08ccab6e6a70af9ec2ef33f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e08d34fcab14f26ab8d909c3b2bd3b7210694d59b25eb234ae8452ed419e4b2f
e0fd840394a7c3853269ac1f2ec70c065dbf684fd07423a4bd07edfd380340c5
e14d5433683a48a866a5467d9b85ccbb6a6e90131699ec4783ab5a7fa10d5441
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e749ae363731e85323d580f772e277135805911e8b2858682c86ef8867043d9f
e8ea5edb2b9888ad72d7b561f595e55d476aa6555d0c2d8e1c10c0fbb8f0a169
ea57209d83b887799897a609dcaa1e3833559ee5604083b5a877b8d09886b62f
ea759771001c100387e8eded764aebc36ce2c5222ef46370d655c915a4d089da
eaa0838819ddc5fb4dd79a20b56186e050ea5207c3475003d373f59810fbb027
edb21f70af1b43062153b4463a6ae8da1d7825246d5a62d6dea0f9e31a64e495
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef222c04e427540ef9b32fc45d7dfc1dccb216d38d60c356781cd3300a8f2019
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f063e364fa8823669aa5ebe5664215e6a1437c82494539945b024246a95a092e
f0d7bb1a7b226cdb3a85ff8fe71a7ddc20ff50f58dc3f00e1f6032ec9326ee2b
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f16bb63db290e016a9ed5a46c175d3aae3cc0e0a2c583cd4a93346426d9bebef
f1c8051bb7e652b262a63f1eee66303294ec06c18c905c40a047383a20edda5c
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f27e26e010a63cd13f8f32a7d1038e665d31fc9e3bee9bcdfc9b258a2b84ab15
f2a96fcd018da1f559c3a4c1caa4ee89e03f2be031622b9d1fd7cd4247cfaf9d
f466e8eb144636ff511dfab8f04a6a1df6ae357b69d979da098a206f656321fc
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f591b2dd67ab481453b5cc07706b51c1ce242e0840a6a237563d261c99749546
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082
f77533cd9a055599303c72f266d1cf1c0c2ffff9d07609f145fa0ea29a0b6e7d
f88d95110e23ae46f4cc1da72c02e67cbf4cdb07aef61c3f4a3f8d024d3ded1e
f982ae3225455eee12810d7e186c14e8ac0ab5db881ba89fa409ee5b7b2ea17e
fae53af17cda85c6482aabeead1dbb2cb119f2d08ba01e3668ba87610f764fc8
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fd38758c4d624a2eb5a966528696a610433eae5436f92d9ee5b9dbf07a9a2710