www.reuters.com Open in urlscan Pro
2600:9000:2120:2e00:15:5a3e:9d40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.reuters.com/article/global-cyber-solarwinds-idUSL1N2IV1UQ
Effective URL:
https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Submission: On April 30 via api (April 30th 2023, 12:53:13 am UTC) from CA — Scanned from CA

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 42 IPs in 3 countries across 41 domains to perform 109 HTTP transactions. The main IP is 2600:9000:2120:2e00:15:5a3e:9d40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.reuters.com. The Cisco Umbrella rank of the primary domain is 19787.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 20th 2022. Valid for: a year.

This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2600:9000:212... 2600:9000:2120:2e00:15:5a3e:9d40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.164.116.102 18.164.116.102	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:402... 2607:f8b0:4020:804::200e	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:274	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:806::2008	15169 (GOOGLE) (GOOGLE)
1	2600:141b:13:... 2600:141b:13:78e::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.194.217 199.232.194.217	54113 (FASTLY) (FASTLY)
2	209.234.224.18 209.234.224.18	395162 (MOD-PTC) (MOD-PTC)
1	52.85.61.101 52.85.61.101	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.224.171 13.225.224.171	16509 (AMAZON-02) (AMAZON-02)
1	104.18.16.195 104.18.16.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.34.92 13.226.34.92	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:15ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	172.64.154.204 172.64.154.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	13.225.223.151 13.225.223.151	16509 (AMAZON-02) (AMAZON-02)
1	23.192.60.27 23.192.60.27	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2600:141b:13:... 2600:141b:13::172f:91aa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:4af5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.0.173.23 142.0.173.23	7160 (NETDYNAMICS) (NETDYNAMICS)
1	2600:1901:0:6... 2600:1901:0:636d::1	15169 (GOOGLE) (GOOGLE)
1	34.160.110.8 34.160.110.8	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:141b:13:... 2600:141b:13:6ae::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.36.157 199.232.36.157	54113 (FASTLY) (FASTLY)
1 2	172.217.13.198 172.217.13.198	15169 (GOOGLE) (GOOGLE)
2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1	2600:9000:21d... 2600:9000:21dd:1c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2606:4700:440... 2606:4700:4400::6812:220a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.34.118 13.226.34.118	16509 (AMAZON-02) (AMAZON-02)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.13.102 172.217.13.102	15169 (GOOGLE) (GOOGLE)
109	42

16 2600:9000:2120:2e00:15:5a3e:9d40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-102.jfk50.r.cloudfront.net

ats-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:804::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:78e::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.234.224.18 (United States)

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-101.ewr53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.224.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-224-171.jfk51.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.16.195 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-92.ewr53.r.cloudfront.net

cloudfront-us-east-2.images.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.154.204 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cks.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.223.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-151.jfk51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.192.60.27 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-60-27.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:13::172f:91aa (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

api-reuters-reuters-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4af5 (United States)

ASN13335 (CLOUDFLARENET, US)

beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.23 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

s2124157686.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

scaredsnakes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.110.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.110.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:6ae::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net

10844217.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-118.ewr53.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	reuters.com 1 redirects www.reuters.com — Cisco Umbrella Rank: 19787	1 MB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 615	184 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 2324	95 KB
5	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 4107 cds.connatix.com — Cisco Umbrella Rank: 4289 capi.connatix.com — Cisco Umbrella Rank: 3474 ins.connatix.com Failed lit.connatix.com Failed vid.connatix.com Failed cks.connatix.com — Cisco Umbrella Rank: 5023 pl.connatix.com Failed	282 KB
5	arcpublishing.com cloudfront-us-east-2.images.arcpublishing.com — Cisco Umbrella Rank: 73254 api-reuters-reuters-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 66441	70 KB
5	tru.am tru.am — Cisco Umbrella Rank: 6743 beacon.tru.am — Cisco Umbrella Rank: 8341	23 KB
4	doubleclick.net 1 redirects 10844217.fls.doubleclick.net — Cisco Umbrella Rank: 86788 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 ad.doubleclick.net — Cisco Umbrella Rank: 201	27 KB
4	pub.network a.pub.network — Cisco Umbrella Rank: 6952 d.pub.network — Cisco Umbrella Rank: 7365	372 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	245 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1707	1 KB
2	rlcdn.com 1 redirects id.rlcdn.com — Cisco Umbrella Rank: 1007	781 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 451	908 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 631	7 KB
2	eloqua.com 1 redirects s2124157686.t.eloqua.com — Cisco Umbrella Rank: 76356	1 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 882	561 B
2	wsod.com ad.wsod.com — Cisco Umbrella Rank: 17235	3 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1502 c.go-mpulse.net — Cisco Umbrella Rank: 736	52 KB
2	privacymanager.io ats-wrapper.privacymanager.io — Cisco Umbrella Rank: 4791 geo.privacymanager.io — Cisco Umbrella Rank: 2374	30 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442	634 B
1	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 36359	42 KB
1	google.com adservice.google.com — Cisco Umbrella Rank: 130
1	btloader.com btloader.com — Cisco Umbrella Rank: 1542	119 KB
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 9009	464 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	25 KB
1	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1925	18 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 912	392 B
1	t.co t.co — Cisco Umbrella Rank: 584	375 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 820	482 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 964	15 KB
1	scaredsnakes.com scaredsnakes.com — Cisco Umbrella Rank: 75094	23 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 10015	3 KB
1	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 10976
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3063	44 KB
1	scroll.com static.scroll.com — Cisco Umbrella Rank: 26623	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	76 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	47 KB
0	google.ca Failed adservice.google.ca Failed
0	openx.net Failed us-u.openx.net Failed
0	pubmatic.com Failed ads.pubmatic.com Failed
0	googleapis.com Failed imasdk.googleapis.com Failed
109	41

	Domain	Requested by
16	www.reuters.com	1 redirects www.reuters.com
9	cdn.cookielaw.org	www.reuters.com cdn.cookielaw.org
5	cdn.segment.com	www.reuters.com cdn.segment.com
4	api-reuters-reuters-prod.cdn.arcpublishing.com	www.reuters.com
4	tru.am	www.reuters.com tru.am
3	connect.facebook.net	tru.am connect.facebook.net
3	a.pub.network	www.reuters.com a.pub.network
2	ad-delivery.net	blank
2	id.rlcdn.com	1 redirects blank
2	match.adsrvr.org	2 redirects
2	s.yimg.com	www.reuters.com www.datadoghq-browser-agent.com
2	10844217.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	s2124157686.t.eloqua.com	1 redirects www.reuters.com
2	cds.connatix.com	www.reuters.com cd.connatix.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	ad.wsod.com	www.reuters.com ad.wsod.com
1	ad.doubleclick.net	blank
1	cks.connatix.com	blank
1	securepubads.g.doubleclick.net	cd.connatix.com
1	www.facebook.com	www.reuters.com
1	sp.analytics.yahoo.com	www.reuters.com
1	cdn.sophi.io	www.reuters.com
1	adservice.google.com	10844217.fls.doubleclick.net
1	capi.connatix.com	cd.connatix.com
1	btloader.com	www.reuters.com
1	freestar-io.videoplayerhub.com	1 redirects
1	www.googletagservices.com	a.pub.network
1	cdn.confiant-integrations.net	a.pub.network
1	analytics.twitter.com	www.reuters.com
1	t.co	www.reuters.com
1	static.adsafeprotected.com	www.reuters.com
1	static.ads-twitter.com	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	d.pub.network	a.pub.network
1	scaredsnakes.com	a.pub.network
1	beacon.tru.am	tru.am
1	img.en25.com	www.reuters.com
1	cd.connatix.com	1 redirects
1	cloudfront-us-east-2.images.arcpublishing.com	www.reuters.com
1	www.dianomi.com	www.reuters.com
1	www.datadoghq-browser-agent.com	www.reuters.com
1	geo.privacymanager.io	ats-wrapper.privacymanager.io
1	static.scroll.com	www.reuters.com
1	s.go-mpulse.net	www.reuters.com
1	www.googletagmanager.com	www.reuters.com
1	www.googleoptimize.com	www.reuters.com
1	ats-wrapper.privacymanager.io	www.reuters.com
0	pl.connatix.com Failed	cd.connatix.com
0	adservice.google.ca Failed	adservice.google.com
0	us-u.openx.net Failed	www.reuters.com
0	ads.pubmatic.com Failed	cd.connatix.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	vid.connatix.com Failed	cd.connatix.com
0	lit.connatix.com Failed	cd.connatix.com
0	ins.connatix.com Failed	cd.connatix.com
109	55

This site contains no links.

Subject Issuer	Validity	Valid
www.reuters.com COMODO RSA Organization Validation Secure Server CA	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.scroll.com R3	`2023-04-22` - `2023-07-21`	3 months	crt.sh
www.wsod.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-13` - `2024-01-12`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
*.images.arcpublishing.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-19`	a year	crt.sh
*.segment.com Amazon RSA 2048 M01	`2023-02-24` - `2024-01-12`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2022-12-12` - `2024-01-12`	a year	crt.sh
scaredsnakes.com R3	`2023-03-27` - `2023-06-25`	3 months	crt.sh
d.pub.network GTS CA 1D4	`2023-04-20` - `2023-07-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-06` - `2023-05-07`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-02-01`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
cdn.sophi.io Amazon RSA 2048 M02	`2023-02-28` - `2023-11-15`	9 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Frame ID: 2809D4EBA0D9784279F8EAC2AECC765B
Requests: 79 HTTP requests in this frame

Frame: https://cds.connatix.com/p/263050/connatix.player.js?tier=1
Frame ID: 36C41E999F57B616EA9ABA7655A9007A
Requests: 25 HTTP requests in this frame

Frame: https://10844217.fls.doubleclick.net/activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F
Frame ID: 2BB341CAF633DF94178C708693A382A6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F
Frame ID: 2CE82E45FB39036AFBFC713CD60107FC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F
Frame ID: EA700FAC0F29D6F4F79E91799DF2E93E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.reuters.com/article/global-cyber-solarwinds-idUSL1N2IV1UQ HTTP 302
https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-a... Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

109
Requests

73 %
HTTPS

51 %
IPv6

41
Domains

55
Subdomains

42
IPs

3
Countries

2956 kB
Transfer

11520 kB
Size

29
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.reuters.com/article/global-cyber-solarwinds-idUSL1N2IV1UQ HTTP 302
https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/263050/connatix.player.js?tier=1

Request Chain 44

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&ref2=elqNone&tzo=0&ms=789&optin=disabled HTTP 302
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&ref2=elqNone&tzo=0&ms=789&optin=disabled&elqCookie=1

Request Chain 53

https://10844217.fls.doubleclick.net/activityi;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F HTTP 302
https://10844217.fls.doubleclick.net/activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F

Request Chain 69

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 99

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1 HTTP 302
https://cks.connatix.com/cks?pid=19&uid=2535a965-ee76-4152-b45c-97872a4b3900&ttl=1685407963

Request Chain 101

https://id.rlcdn.com/712202.gif?cparams=655d4eddc8744163b95cf3608f11dab2 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNv3tqIGEgUI6AcQAEIASiA2NTVkNGVkZGM4NzQ0MTYzYjk1Y2YzNjA4ZjExZGFiMg

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Redirect Chain

https://www.reuters.com/article/global-cyber-solarwinds-idUSL1N2IV1UQ
https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

424 KB
70 KB

721ms
721ms

Document
text/html

2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

95ab7fd9b41e1b63e1a85258a6efc2b0ed38bddd4cd86ebb4459fc8c7709dd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 30 Apr 2023 00:52:41 GMT
etag: W/"68cc9-7oeuaAAkicujOIjnw/h37Cq6l9w"
expires: Sun, 30 Apr 2023 00:53:41 GMT
last-modified: Sun, 30 Apr 2023 00:52:41 GMT
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=126 origin; dur=537 ak_p; desc="467448_1752458596_427424949_66406_20552_9_-";dur=1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-akamai-transformed: 9 68429 0 pmb=mRUM,2
x-amz-cf-id: es1lpZy4DWFtPD8eF8i17kuOxusZ2bdDYX97nkqahpFF6wOA1Pal8g==
x-amz-cf-pop: EWR52-C4
x-arc-pb-request-id: 0aa5a50e-299d-45ae-8c36-af9f0e14ffa0
x-arc-request-id: 0.64657468.1682815961.1979fcb5
x-cache: Miss from cloudfront

Redirect headers

age: 0
article_usn: parsing of API response is done
article_usn_get_path: have just been called
article_usn_is_set_to_redirect: L1N2IV1UQ
content-language: en
content-length: 143
content-type: text/plain; charset=utf-8
date: Sun, 30 Apr 2023 00:52:41 GMT
location: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
raptor_app_version: v1.37.2
server: nginx
vary: Accept-Encoding
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-cf-id: DnhqOLEFf64HLmCdUePiaY5Hf5K23iwSag0x-AzKBiWxNenXFTqqUQ==
x-amz-cf-pop: EWR52-C4
x-cache: Miss from cloudfront
x-cacheable: YES: arc-redirect

GET
H2 200 index.js Show response
www.reuters.com/pf/resources/dist/reuters/js/ 234 KB
63 KB 68ms
67ms Script
application/javascript 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

23f8f783c7655b0ffb37d84b8fe0221dc36721c9ebbfda898baf78f6fb51f10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:41 GMT
content-encoding: gzip
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-request-id: X1DQPMARBMS1CXRQ
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.85112017.1682815961.9eb9924
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977605_166435108_29_12969_6_-";dur=1
content-length: 63797
x-amz-id-2: MHF0laxHIuOTNLZR8xA8GA9AqJ5HcKqP19dyHh2w1ns5xNtUywxYdfN79qaRx1sog6vNBA2IM2Y=
last-modified: Tue, 25 Apr 2023 14:50:14 GMT
server: openresty
etag: W/"b6a6c729159fb146d997154015ef1c15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: k_jfoUumctfSpPUjOpQE1MnFAUcebhuOFiv-TgI_m7fMnBKyWOzAEg==
expires: Mon, 29 Apr 2024 00:52:41 GMT

GET
H2 200 ats.js Show response
ats-wrapper.privacymanager.io/ats-modules/7e2b52c2-7200-47dc-b3ee-4d1c6e0f9e20/ 88 KB
30 KB 76ms
23ms Script
application/javascript 18.164.116.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats-wrapper.privacymanager.io/ats-modules/7e2b52c2-7200-47dc-b3ee-4d1c6e0f9e20/ats.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-102.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 891349c486e4c789b377af14fd1e7319335911fd3e1b30ea20195fea2a04ab16

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:09:54 GMT
x-amz-version-id: wHQ4e8fsWW.yE92g8RMg_yuLiunLXtXD
content-encoding: gzip
last-modified: Wed, 29 Mar 2023 13:00:32 GMT
server: AmazonS3
via: 1.1 83fa5376b39b1a76db557ab22fa73856.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"7473fe3d4ddeaa6e49819b5e12a612a0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: must-revalidate,public,max-age=3600
age: 2568
x-amz-cf-id: fqbwI6XWWZbX6GKUCT21jW6-0BPrepFWurcp2Mbgr1kL8Yjeod2mKA==

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 124 KB
47 KB 109ms
50ms Script
application/javascript 2607:f8b0:4020:804::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WWN4NB9

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::200e Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47fd252290fadf05a467960179a2051f15e05f5d55ca2767487646ecde31af47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 30 Apr 2023 00:52:42 GMT

GET
H2 200 p.min.js Show response
www.reuters.com/arc/subs/ 99 KB
24 KB 70ms
67ms Script
application/javascript 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/arc/subs/p.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eefe7f7a5381463b0f8317fe171995b69d68e15f04c8fb7172844ee38eb93387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 47, 47, 47, 47, 47, 47
x-amz-version-id: gZ6GQy6U9lE1SDa329loU2vOcn1j93e3
content-encoding: gzip
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.45657468.1682815961.2442c98c
x-cache: Miss from cloudfront
server-timing: ak_p; desc="467448_1752458565_608356748_1133_10730_10_-";dur=1
content-length: 23820
last-modified: Fri, 26 Aug 2022 17:09:00 GMT
server: AmazonS3
etag: "a6b597642d2a84d5cb107194532673be"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, private, max-age=47
accept-ranges: bytes
x-amz-cf-id: IbPZq_51ih7R9ZuLPfTmgTiitWuOgzKq8FZ4H5vAYJ3eL6PbZQjQew==
expires: Sun, 30 Apr 2023 00:53:29 GMT

GET
H2 200 react.js Show response
www.reuters.com/pf/dist/engine/ 276 KB
86 KB 61ms
58ms Script
application/javascript 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/engine/react.js?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

08610105081cf1afc8fc221c8f8052ff461f70cc1e8a3ad49fdb4afe1ed3f2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-request-id: X1DVEYH97VEX1WG6
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.a9112017.1682815961.9e617d6
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977641_166074326_25_10625_4_-";dur=1
content-length: 86924
x-amz-id-2: DvxBI40PAnNjAvnlI9f1bir77IuJMaboK6KIRXrIYJez5j4QBsTHFpMsJcPZTUoNsfQhTETE52o=
last-modified: Tue, 25 Apr 2023 14:50:15 GMT
server: openresty
etag: W/"b4b45db10572143f5a2b9f23dbacbee5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: J4SM0ddF84sip9S7bztrWlFpW8JnDxwZZ4PonIKEvl8JCVJ3dA7Wyg==
expires: Mon, 29 Apr 2024 00:52:42 GMT

GET
H2 200 default.js Show response
www.reuters.com/pf/dist/components/combinations/ 2 MB
622 KB 66ms
63ms Script
application/javascript 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/default.js?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

2973d76478f49defa06e14482a83b7fee3229daa65e6f9c0fcbc3d56f891b2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-request-id: X1DPEKDHPZEV6CA2
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.87112017.1682815961.1e37fd52
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977607_506985810_78_13029_6_-";dur=1
content-length: 635871
x-amz-id-2: klPyTeR3okHnhpyKf8iGdElkYS89osoGCfz5u7uB4lFh8Lqe8ZfoZEBaCHf1OPuATDaamDAFL5A=
last-modified: Tue, 25 Apr 2023 14:50:15 GMT
server: openresty
etag: W/"036c6e70317977beceb75be545c8cfb0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: vbVZqVkAUNW46IOCWpPoWLjTcHEnx3OuLVX020iOsQ9NvMtObkWQiA==
expires: Mon, 29 Apr 2024 00:52:42 GMT

GET
H2 200 default.css
www.reuters.com/pf/dist/components/combinations/ 496 KB
65 KB 58ms
58ms Stylesheet
text/css 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/default.css?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

2f1287f678334b9fa3f9791f37b2b1e17286696359e7c4150ea6d955a8756cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:41 GMT
content-encoding: gzip
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-request-id: X1DJ7EKX0ZTW64BQ
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.98112017.1682815961.3e7edcd1
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977624_1048501457_30_13417_0_-";dur=1
content-length: 65724
x-amz-id-2: QnJ2ZxBvZhwFAiOwM16L/SLVwBkBRBpJe6xWgCwvUxPzwGEIdrTTewgTivBK6G98S3UQ+UzPKfI=
last-modified: Tue, 25 Apr 2023 14:50:14 GMT
server: openresty
etag: W/"d73f60077da3350f89a3bf4378c7127d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
x-amz-cf-id: YywwanDnvlU2dHah_HS-DHSUgje8_Oa-q1Wiw3VflcFjcgYvL1AUEA==
expires: Mon, 29 Apr 2024 00:52:41 GMT

GET
H2 200 style.css
www.reuters.com/pf/resources/dist/reuters/css/ 857 B
1 KB 66ms
66ms Stylesheet
text/css 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

2c9de517a19168cb14906e31a0f8f8f74ce4d29ea3acb34d6b79c8ce3c6e71e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:41 GMT
content-encoding: gzip
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-request-id: X1DRTZ0GNP461HGT
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.94112017.1682815961.121671d8
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977620_303460824_25_12398_1_-";dur=1
content-length: 197
x-amz-id-2: +IcEtQn2XH9ELXTt2LVuiEmXf1OfUACnpbsymhZJ+0YByX6Luv25Vy4sJyaHx2QXGZR58Be9XXE=
last-modified: Tue, 25 Apr 2023 14:50:13 GMT
server: openresty
etag: W/"e905a5202394f02886b213a399bd8b01"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: lgqPpGwwKAiRHPVDop3Vkkb1wtZbBSqTsuvym9PLUOctRyRxf1ILNA==
expires: Mon, 29 Apr 2024 00:52:41 GMT

GET
H2 200 reuters.js Show response
tru.am/scripts/custom/ 890 B
1 KB 99ms
42ms Script
application/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/reuters.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6d8b16bf827fbfe535f67361873713ba49796900c0e2fc2d2ba081d584441c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2042903
x-guploader-uploadid: ADPycdsjXmJRq7foTNxfjAaR-fqtw9XCWbYkuJc5FXCnEOnJR97uUZ-pQlp7anEpicNh53kQ2TLvgH4NEEzCocIioEEzWpMRSIn0
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 09:09:48 GMT
server: cloudflare
etag: W/"90528dee648b6956a87fecf0c9d0ed65"
vary: Accept-Encoding
x-goog-generation: 1678093788854493
content-type: application/javascript
x-goog-hash: crc32c=rgia6w==, md5=kFKN7mSLaVaof+zwydDtZQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOBnglkYj6MtRMXxt2AJAEbv7UMkk6jooxYPYhymFudz7bD6uUQfWf%2FPcj1gOBuZt1DPdkCcXQL62w9k659MQv4JbcByi31lYYLSz5Rj4v4nioHeyx9ttXg7Tg4LB%2BdGp%2F8mXw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 890
cf-ray: 7bfbcdb2aedd54b5-YYZ
expires: Fri, 05 Apr 2024 09:24:19 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 73ms
33ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
age: 22289
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6757
x-ms-lease-status: unlocked
last-modified: Thu, 27 Apr 2023 20:26:46 GMT
server: cloudflare
etag: 0x8DB475DB9217360
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7adbfebd-601e-0124-504e-7907fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bfbcdb20b6f33ff-YUL

GET
H2 200 HYERPP5EPZPBVNCOB4GX3JF2KQ.jpg
www.reuters.com/resizer/C8JoI2NvKsx1JknAgHOoGb_pVy4=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 9 KB
9 KB 161ms
159ms Image
image/avif 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/C8JoI2NvKsx1JknAgHOoGb_pVy4=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/HYERPP5EPZPBVNCOB4GX3JF2KQ.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1ff0831aa2f6e1e308286f1196b9f47fe306a0c55d5fe31bc46043a27547e146

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-amz-cf-pop: EWR52-C4
x-arc-request-id: 0.14657468.1682815962.109964d5
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_1752458516_278488277_3350_16958_9_-";dur=1
content-length: 8900
last-modified: Sat, 29 Apr 2023 17:28:54 GMT
server: Akamai Image Manager
x-serial: 784
etag: "3fe7b57473b541c21ea73409dbc6ecae4a0dce62"
content-type: image/avif
cache-control: private, no-transform, max-age=31509448
x-amz-cf-id: uhXx_a28OjrB0jmkD2imV61V7vbgcvDDrTrROvUXvzKHhJdEa7aBEg==
expires: Sun, 28 Apr 2024 17:30:10 GMT

GET
H2 200 WFYAPA7YN5J5HK2N74V27A6SQU.jpg
www.reuters.com/resizer/btNKwU7KkNUtscAT8oqjc6H1QEY=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 21 KB
22 KB 48ms
46ms Image
image/avif 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/btNKwU7KkNUtscAT8oqjc6H1QEY=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/WFYAPA7YN5J5HK2N74V27A6SQU.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

50d0d88815187d0a5321f81da91080fb5ec9135341981c5baac04e06c86777a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
x-arc-request-id: 0.36657468.1682815961.ee990d2
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_1752458550_250187986_40_10814_9_-";dur=1
content-length: 21628
last-modified: Sat, 29 Apr 2023 07:18:01 GMT
server: Akamai Image Manager
etag: "a67bf11c0a6a24034986cc7d7fe764e92445c3a1"
content-type: image/avif
cache-control: private, no-transform, max-age=31472612
x-amz-cf-id: 3i7Ogr-pGwTVa69A_barYSGw3P-SLo3P-Pkn7GUyPZ2yhFslY9mExg==
expires: Sun, 28 Apr 2024 07:16:13 GMT

GET
H2 200 Q23WYMJJMFJU7MW6KDP2HB72IY.jpg
www.reuters.com/resizer/nYcvc3geFNpcOErOcl-Pkk9IPeg=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 21 KB
22 KB 49ms
47ms Image
image/avif 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/nYcvc3geFNpcOErOcl-Pkk9IPeg=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/Q23WYMJJMFJU7MW6KDP2HB72IY.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

da37ac687a57e7f478fbf6da5f5e51377a193298a69ec6f8f14fc7b676acbb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-amz-cf-pop: EWR52-C4
x-arc-request-id: 0.36657468.1682815961.ee99284
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_1752458550_250188420_30_10533_9_-";dur=1
content-length: 21869
last-modified: Mon, 17 Apr 2023 05:24:58 GMT
server: Akamai Image Manager
x-serial: 913
etag: "f75117237dcdfa76d153ad61962163c374cdbe5f"
content-type: image/avif
cache-control: private, no-transform, max-age=30429132
x-amz-cf-id: qWWByzHP6Ysy1lj9xD5zfwaCZyrbSwTHiZ4Al3m8H5o50pxUqqrhlw==
expires: Tue, 16 Apr 2024 05:24:53 GMT

GET
H2 200 ZIOCACHXANOYJMCKTRHASQSYKU.jpg
www.reuters.com/resizer/6J99mmlAuvaRgj0QnU7UV_pAGV4=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 20 KB
21 KB 53ms
51ms Image
image/avif 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/6J99mmlAuvaRgj0QnU7UV_pAGV4=/480x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ZIOCACHXANOYJMCKTRHASQSYKU.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

476e47be34ede31e1ef4e1ff0cec8e21ed588343321d759c16a038547164960d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
x-arc-request-id: 0.46657468.1682815961.1b157dd2
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_1752458566_454393298_39_14466_9_-";dur=1
content-length: 20489
last-modified: Sat, 29 Apr 2023 14:13:21 GMT
server: Akamai Image Manager
etag: "4bf9b8e2f1776a126637d93f5845df596087c317"
content-type: image/avif
cache-control: private, no-transform, max-age=31497663
x-amz-cf-id: V0Bb7AEfRB-UB_TnBE2twD-O3XgD22Dfw9ODNVX9iNxuwbXYerWeZQ==
expires: Sun, 28 Apr 2024 14:13:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
76 KB 87ms
35ms Script
application/javascript 2607:f8b0:4020:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c8546913f2e1a48f7a4f9c597c7529f183aaec70279282e3ace315b65e4b7c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77130
x-xss-protection: 0
last-modified: Sun, 30 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 30 Apr 2023 00:52:42 GMT

GET
H2 200 GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 79ms
20ms Script
application/javascript 2600:141b:13:78e::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:78e::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
last-modified: Mon, 17 Apr 2023 01:18:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 knowledge-bold.woff2
www.reuters.com/pf/resources/dist/fonts/ 19 KB
20 KB 91ms
90ms Font
font/woff2 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-bold.woff2?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

c6b46b7b13a4e85c00b13fbd37d45e35ac17a59d174f41721f75897886db93af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138
Origin: https://www.reuters.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-request-id: 555STYRMYDZ3QXR4
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.95112017.1682815962.17a4c55c
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977621_396674396_2382_12316_1_-";dur=1
content-length: 19212
x-amz-id-2: tU81izqndZ4S51/Kpdt7SzALE98Pp5zpYIxUFeDHsDimhsru8j4A7Z7u3JI3KEDSx8u+aNlZzf0=
last-modified: Tue, 25 Apr 2023 14:50:13 GMT
server: openresty
etag: "1c2557b42b061c2550b660dfce2e3667"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 6I0DIo8GtltF6_B7_zGCViQ1FCEN2JfysH2AwELlxlBb5bHhWr5X1w==
expires: Mon, 29 Apr 2024 00:52:42 GMT

GET
H2 200 knowledge-regular.woff2
www.reuters.com/pf/resources/dist/fonts/ 20 KB
21 KB 82ms
81ms Font
font/woff2 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-regular.woff2?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

56a52b977852230c71bef155fdbfff593784fdfa532de2d933f6f0f43f13463b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138
Origin: https://www.reuters.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-request-id: 555K2344VCBC4QM0
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.a5112017.1682815962.906b287
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_387977637_151433863_30_16184_5_-";dur=1
content-length: 20736
x-amz-id-2: 4v+t2oJeSPsEyMaK1xRCmb9UQtvCTTshQGAagja7wJ60mrXkwIdlF8DUrKK42fNXj1U71aPnVL0=
last-modified: Tue, 25 Apr 2023 14:50:13 GMT
server: openresty
etag: "a4182de2d2e782aa10140c73450d9b6a"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ZIeoCPHTI1WDRopELCZFrKkBAlnld_e98Cya9ttxnopFO32-DiNghg==
expires: Mon, 29 Apr 2024 00:52:42 GMT

GET
H2 200 knowledge-medium.woff2
www.reuters.com/pf/resources/dist/fonts/ 20 KB
21 KB 143ms
143ms Font
font/woff2 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-medium.woff2?d=138

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

a7d2775bd324ef36a1f9d17873efeb86b6602cd4a1198b7022be73c8c4493cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=138
Origin: https://www.reuters.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-amz-request-id: 555P16ZJFWWNXWQ3
x-amz-cf-pop: EWR52-C4
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.874fde17.1682815962.40548d23
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467448_400445319_1079282979_22_10681_1_-";dur=1
content-length: 20412
x-amz-id-2: AV4jXb6paKzCfvToV3NfIEk4Lq1E5tHCnOIncCun6FoOrBO+4d7IigJnYq1L0dE5GC85ESnJbeY=
last-modified: Tue, 25 Apr 2023 14:50:13 GMT
server: openresty
etag: "d3e6ebb2856bad445be924e6b5ac8a96"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ODyDuc0htov-yRLHUHWxaFHxjPaW17bUX0Eieej_BN0tHiWKRnUdHA==
expires: Mon, 29 Apr 2024 00:52:42 GMT

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 69ms
13ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 06 Jan 2023 14:14:31 GMT
date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
via: 1.1 varnish
age: 37598
x-guploader-uploadid: ADPycdvrTxxnNGCkktlpypmPiviDm0VAgWgQ2-0LV0YTYMYr_rRamgeG95PWiS-Zd_na7wGNH3pjQxDijd7xNVkhwJPSHw8EoP4i
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6181
x-served-by: cache-yul12827-YUL
last-modified: Thu, 17 Mar 2022 19:00:06 GMT
server: UploadServer
x-timer: S1682815962.108889,VS0,VE0
etag: "1e95949e7c12b7ee6c5f4dd56d15b476"
vary: Origin
x-goog-generation: 1647543606481892
content-type: application/javascript
x-goog-hash: crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6181
accept-ranges: bytes
x-scrolljs: 2
x-cache-hits: 290

GET
H/1.1 200
OK 0.0.async Show response
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/ 6 KB
2 KB 161ms
50ms Script
text/html 209.234.224.18
MOD-PTC

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.234.224.18 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: dfe8c72a5971a45d9ee85a92cff6a59dfdecb468df8efe4e8879673c19461193

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 00:52:42 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 41ms
39ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 27830
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bfbcdb2dce333ff-YUL

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
611 B 75ms
18ms Fetch
application/json 52.85.61.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats-wrapper.privacymanager.io
URL: https://ats-wrapper.privacymanager.io/ats-modules/7e2b52c2-7200-47dc-b3ee-4d1c6e0f9e20/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-101.ewr53.r.cloudfront.net
Software: /
Resource Hash: 70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 08:17:30 GMT
via: 1.1 4eed67f4be7da2537d3407735b8962a8.cloudfront.net (CloudFront), 1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4, EWR53-P1
age: 59712
x-amzn-requestid: e56cd0d6-06e1-448d-9296-725718ea44c8
x-amzn-trace-id: Root=1-644cd29a-35f6fa06697e198b3d57b527;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: EIXYKFDgjoEFs4A=
content-length: 30
x-amz-cf-id: wW0RsFP3zlrAbg8UP-ZgTLNdvNJn9ZK9UPe96ZA18KNIEZx-OL91ng==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/ 5 KB
2 KB 53ms
27ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c6aa0bef20314812d9512a38a148c46995c7a548aa600ee947f11e4774aeb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BHYMwBeo2bUJnperL0BOXw==
age: 74398
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1797
x-ms-lease-status: unlocked
last-modified: Thu, 16 Mar 2023 16:39:31 GMT
server: cloudflare
etag: 0x8DB263D04B5AE4A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d75a32bf-b01e-00e5-04e1-5aca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bfbcdb34acaece6-YUL
expires: Mon, 01 May 2023 00:52:42 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 38ms
37ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1401615
x-guploader-uploadid: ADPycdteIKA6uSWCqX5nF7QKxvF0jEn5A-ljZy2VEOUiRK-fz4hvYFOyvOtq8uE2Bkn9lSMsHcSpIEj8iXTuArsMt4ZQ5g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation: 1658389514760491
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDF8e8H0nwMVheYH7tqjyFKPZQZIrcjWy6BINguMD6Q2%2BeYWDxm3jwzynVEicr7yBqt2go1wln8jlWFzZPH2vpeRlhmaTwwoFn4qHKSOJdeYW1ZbUFgaeDGZUcxzMpzlVsK%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 7bfbcdb3681054b5-YYZ
expires: Thu, 13 Apr 2023 19:32:37 GMT

GET
H2 200 reuters.js Show response
tru.am/scripts/1/ 1 KB
1 KB 37ms
36ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/1/reuters.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54486745343e400531943c92df648cc6b40c2ccd4dec6b9bf2964b3368a9cd1e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2189870
x-guploader-uploadid: ADPycduAMu6kZPrpdLcqFATAus5QPn3QyPtPBFKqNQzXIdYKxsyRi7U23RgO4mp9R-EBA4CGiM9fCxUbUEssHUZhBShUcQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 30 Nov 2022 09:02:13 GMT
server: cloudflare
etag: W/"74a109db3509043e828a15d798a6561e"
vary: Accept-Encoding
x-goog-generation: 1669798933286991
content-type: text/javascript
x-goog-hash: crc32c=i2ghBA==, md5=dKEJ2zUJBD6CihXXmKZWHg==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qh27A2QY6EMnppbs5fp7Jn63P6AqIhrnz8nOHTDdPdof1Uomb9F2v2Qiff0DwnU3GX8qFJLwZXD76T9zx5ZcaBXm7mdkx25DaWQ5PfwaMiqQmYWAQ8A9enb0%2BZbZTFSXAn0udg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1265
cf-ray: 7bfbcdb3680f54b5-YYZ
expires: Tue, 04 Apr 2023 17:34:52 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 77 B
246 B 76ms
34ms Script
text/javascript 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26722786cc2b7257efb9ed4b77e7c4f0cae058303ac58a67e74f191db592eda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 7bfbcdb3e8814bd7-YUL
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 138 KB
44 KB 98ms
24ms Script
application/javascript 13.225.224.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.224.171 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-224-171.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 75d3ed5d686101a435fa0256ba1961881937961dbfb5de541163dd0a5246cf9d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:29 GMT
content-encoding: br
via: 1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
last-modified: Tue, 25 Apr 2023 13:11:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK51-C1
age: 14
x-amz-server-side-encryption: AES256
etag: W/"a71a788d4ecc15d342ce0bff1bb2862f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: jrL_9jrMSE_B877u4nSeMqDmjQI-SiTnyCKcfpZx3qnkUknFrpeEOQ==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
315 B 73ms
45ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.reuters.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7bfbcdb408a6ecf6-YUL
access-control-allow-headers: Content-Type

GET
H2 403 contextfeed.js
www.dianomi.com/js/ 0
0 84ms
32ms Script
text/html 104.18.16.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dianomi.com/js/contextfeed.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/default.js?d=138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 KXHH5ZRY4JP6LFIS4KE43VTGZI.jpg
www.reuters.com/resizer/nyu9fD_6k4XYoZGuuD_sagV5dq4=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 78 KB
78 KB 325ms
325ms Image
image/avif 2600:9000:2120:2e00:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/nyu9fD_6k4XYoZGuuD_sagV5dq4=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/KXHH5ZRY4JP6LFIS4KE43VTGZI.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2120:2e00:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b5f1153fe2b3be67cc533db17aa1424bfd50989f8494d61e565430993408612d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=31536000
via: 1.1 c570205d9c25a388cc883e795771ef82.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-amz-cf-pop: EWR52-C4
x-arc-request-id: 0.64657468.1682815962.1979f6a9
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=MISS, edge; dur=151, origin; dur=124, ak_p; desc="467448_1752458596_427423401_27580_15329_9_-";dur=1
content-length: 79428
last-modified: Thu, 27 Apr 2023 06:16:14 GMT
server: Akamai Image Manager
x-serial: 185
etag: "123c0b0d36004be09fcc81d3a8a9ecf53258d78d"
content-type: image/avif
cache-control: private, no-transform, max-age=31296222
x-amz-cf-id: 9xBeMR3_KD0VMzFqg9rjUbWza8gnVj1BUVu_2suVQsBSrxWivuGT5w==
expires: Fri, 26 Apr 2024 06:16:24 GMT

GET
H2 200 LGPI5ZGLQZHD7CMN4K5OCNT5RQ.png
cloudfront-us-east-2.images.arcpublishing.com/reuters/ 68 KB
69 KB 92ms
21ms Image
image/png 13.226.34.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cloudfront-us-east-2.images.arcpublishing.com/reuters/LGPI5ZGLQZHD7CMN4K5OCNT5RQ.png
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-92.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 732dcc5d27224fce2cfbc13b5968c4acd6e2b3b6a598f48b46e6cbca9d844ae3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: LM1rT4IlG0kGgnVoPhXpyj6KPSzKw7cJ
date: Sat, 29 Apr 2023 15:53:45 GMT
via: 1.1 dee6858c751ff64f8ae28f155bee69b2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 32338
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 70128
last-modified: Tue, 31 Jan 2023 18:54:07 GMT
server: AmazonS3
etag: "05f33f113aad0b68ebbf616af6ac0147"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: whSluJxGIZmH6gShP3NUMPqOprFu7QqkiAF2yTUrh9FwqggKOKfa5g==

GET
H2 200 pubfig.min.js Show response
a.pub.network/reuters-com/ 168 KB
59 KB 66ms
28ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/reuters-com/pubfig.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/default.js?d=138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14eec0a397676c68c57356acc3037aa1e5ce92a209aaddef12ac67964e74c1c5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 287879
x-guploader-uploadid: ADPycduedZV2mSunm0SvhSKBo3OX3V53RqSMWXcny_vN_64iwHL1BpkFceERozrA3LtcIHey3Q25MFuUjElsYB8wqOJInLfcTnyk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 25 Apr 2023 12:03:12 GMT
server: cloudflare
etag: W/"247b4244c0df0a14987b88b6aac4a1c8"
vary: Accept-Encoding
x-goog-generation: 1682424192781789
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=SfBbYQ==, md5=JHtCRMDfChSYe4i2qsShyA==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 171661
cf-ray: 7bfbcdb67fba33fb-YUL
expires: Sun, 30 Apr 2023 01:22:42 GMT

GET
H2

200

connatix.player.js Show response
cds.connatix.com/p/263050/ Frame 36C4
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/263050/connatix.player.js?tier=1

1022 KB
265 KB

75ms
50ms

Script
application/javascript

172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/263050/connatix.player.js?tier=1
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6db37e805ba6712b7fb90bfd44c9421ad137f057841202f9850ee504ae89d2

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
x-amz-version-id: xXUPSy8rRyQKu2jxBuKNfZCAAviaX9UK
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 11:33:05 GMT
server: cloudflare
etag: W/"f64353538d617c73e72af10f26b1eb52"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7bfbcdb79cb25401-YYZ
access-control-allow-headers: range
expires: Mon, 29 Apr 2024 00:52:42 GMT

Redirect headers

date: Sun, 30 Apr 2023 00:52:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/263050/connatix.player.js?tier=1
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7bfbcdb6cb505401-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 104 KB
28 KB 102ms
23ms Script
text/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1caec7759e0a1800933780c51b2e863602b74f79dea670cb1930f54f7013d20a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: iAyRBlksRYIzw8uc9QwV3Io7AqCVn2dG
content-encoding: br
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
date: Sun, 30 Apr 2023 00:52:42 GMT
x-amz-cf-pop: JFK51-C1
age: 60
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 28 Apr 2023 00:35:48 GMT
server: AmazonS3
etag: W/"d11ffd85f9d22c81eb61b4c1e2a92538"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: daqS2OrT-QmNlTaGBHpx1ZhKEbDvR8s2012_yweVIrI_5_2m7-uJPA==

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 103ms
27ms Script
application/x-javascript 23.192.60.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.192.60.27 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-60-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 30 Apr 2023 00:52:42 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Sun, 30 Apr 2023 00:52:42 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/ 402 KB
96 KB 27ms
27ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0jjE9bRWjdK9YwiQScw/ZQ==
age: 19105
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98329
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:10 GMT
server: cloudflare
etag: 0x8DB1098882046FE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0a72193a-b01e-010f-04e1-5a7345000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bfbcdb74dd833ff-YUL

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 98 B
642 B 151ms
150ms XHR
application/json 2600:141b:13::172f:91aa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::172f:91aa New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

39a3dcdaa3117d0f349beea9fec257badcdbf86655207db8a0f28d45b2bab86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
Referer: https://www.reuters.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 00:52:43 GMT
strict-transport-security: max-age=31536000 ; preload
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
anonid: 223454be-42b5-405f-ac4b-9b69689f5115
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
content-length: 98
expires: Sun, 30 Apr 2023 00:52:43 GMT

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 294ms
198ms Preflight 2600:141b:13::172f:91aa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::172f:91aa New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
date: Sun, 30 Apr 2023 00:52:43 GMT
expires: Sun, 30 Apr 2023 00:52:43 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; preload

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 290ms
197ms Preflight 2600:141b:13::172f:91aa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::172f:91aa New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
date: Sun, 30 Apr 2023 00:52:42 GMT
expires: Sun, 30 Apr 2023 00:52:42 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; preload

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 98 B
641 B 272ms
270ms XHR
application/json 2600:141b:13::172f:91aa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:13::172f:91aa New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

39a3dcdaa3117d0f349beea9fec257badcdbf86655207db8a0f28d45b2bab86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
Referer: https://www.reuters.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 00:52:43 GMT
strict-transport-security: max-age=31536000 ; preload
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
anonid: 08068a3b-d9b6-47a1-8711-3288cd4e0050
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
content-length: 98
expires: Sun, 30 Apr 2023 00:52:43 GMT

GET
H3 200 reuters_pixel.194f3e.js Show response
tru.am/scripts/a/ 29 KB
10 KB 62ms
59ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/a/reuters_pixel.194f3e.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/1/reuters.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dabbc5acd6819a5cfe8d6535d9887bf1682449ceb6f1855a2caac82394f1003

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2303298
x-guploader-uploadid: ADPycdvlVjuUDVhDwq-HJLX_sT-EbD4Hykz2QkWU3iRdUIwg-ESLzt9YgeWPKdtSk6bN9YRqaIG0C4K4l5fIMwRpQpD2NA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 30 Nov 2022 08:58:37 GMT
server: cloudflare
etag: W/"cb01f70440544f3516aa1280be996f3d"
vary: Accept-Encoding
x-goog-generation: 1669798717543405
content-type: text/javascript
x-goog-hash: crc32c=lEP+bQ==, md5=ywH3BEBUTzUWqhKAvplvPQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JLcW1CI%2BikiR%2BWNQ0tat22t7P0PhjicqCMWD79ldjsxEn2hkSt7I3b1q%2B0YfR9PUJh1FOEQWoP8V%2Ft%2FFsUqL0cnEnGPV9D2Ttf7bpTkqfckWxh5qwM9fLqiw5PbFjl83fOUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 30129
cf-ray: 7bfbcdb76ddba222-YYZ
expires: Mon, 03 Apr 2023 10:04:24 GMT

GET
H/1.1 200
OK 1682815962;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Fbusiness_@2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15_@2F;;; Show response
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/ 780 B
1 KB 60ms
59ms Script
text/html 209.234.224.18
MOD-PTC

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/1682815962;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Fbusiness_@2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15_@2F;;;
Requested by: Host: ad.wsod.com
URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.234.224.18 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: 92c64848b096648ac7c03d99a336c163671b72d9d02b0440931c4a3ece1499b1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Apr 2023 00:52:42 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-cache, no-store
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 beacon
beacon.tru.am/ 0
0 159ms
107ms Fetch 2606:4700:20::ac43:4af5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.reuters.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 00:52:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
surrogate-control: no-store
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wj4g8F18o6AuM9vF5vwgGltlK54eg%2Bo80mw8QJxSYGZi%2BU8QWxRI8AePpZeFAPoSgwSC7nE56X6QDvf3bepKO8UxqYHkEnjYw5coljEgdNDQGKy1BI5gRyZxeQZ7Dnsl4cnVUWOrSDAUJJA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7bfbcdb7c95da211-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

svrGP.aspx
s2124157686.t.eloqua.com/visitor/v200/
Redirect Chain

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-...
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-aga...

49 B
448 B

291ms
291ms

Image
image/gif

142.0.173.23
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&ref2=elqNone&tzo=0&ms=789&optin=disabled&elqCookie=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

HTTP/1.1

Server

142.0.173.23 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 30 Apr 2023 00:52:43 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Sun, 30 Apr 2023 00:52:42 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Location: https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&ref2=elqNone&tzo=0&ms=789&optin=disabled&elqCookie=1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 416
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 36 KB
8 KB 58ms
19ms Fetch
application/json 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84194ce76dfac3b3a7a3d946e534e3ad60da6d9a73d484fffd33cd3e11e436a2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: LAmLJU1zy5wkTge2P_kkeLKPIF4YsDXA
content-encoding: gzip
via: 1.1 cd63f8907abcdddac217d30e29b586a0.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 22:21:10 GMT
x-amz-cf-pop: JFK51-C1
age: 9096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 27 Apr 2023 10:20:57 GMT
server: AmazonS3
etag: W/"a9f1d06837d7b4bec98e63be92d16a33"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: XpfrpH1pI6S4oUS1Ag4X_Jq9__Z6Qw2f54iua2emAYkNwpoH82-fjg==

GET
H2 200 v2xyxWHb1iYjhaN6DJmVsbKxjJIwDIXzoLlFfFKoajdFDRN8iQ4UHumg Show response
scaredsnakes.com/ 64 KB
23 KB 93ms
42ms Script
text/javascript 2600:1901:0:636d::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredsnakes.com/v2xyxWHb1iYjhaN6DJmVsbKxjJIwDIXzoLlFfFKoajdFDRN8iQ4UHumg

Requested by

Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

665778d03e88e6432bfc5c6fb2adee37a23a5fbb1f280ad4e0d7b85bc2651566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sun, 30 Apr 2023 00:52:42 GMT
x-datacenter: gce-us-east1
etag: "b1db2ee4e160e9a27409d3e89a9ea98dd5356805f1ae2cea7b25a5b1c6f6f4cb"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-us-east1-test-jrrc
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 832971200
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 init Show response
d.pub.network/v2/ 105 KB
7 KB 93ms
55ms XHR
application/json 34.160.110.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/init?siteId=1783&env=PROD
Requested by: Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.110.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.110.160.34.bc.googleusercontent.com
Software: /
Resource Hash: e25ef2dd307bde593fff6534bbeaacf65acc21c5f5c711c6791f70e7cf60c52d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.reuters.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/cd59287c-fe70-435f-b569-faa4229947b6/ 273 KB
47 KB 28ms
27ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/cd59287c-fe70-435f-b569-faa4229947b6/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f25a9e43371235aa29f76d7d2d3bc8ebf6a951a78bd17c503b62bca1d9f92c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /g+6JseJaHQWno6aaBpXpg==
age: 74349
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 47650
x-ms-lease-status: unlocked
last-modified: Thu, 16 Mar 2023 16:39:22 GMT
server: cloudflare
etag: 0x8DB263CFF0A4FEE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9d53c1b4-901e-001c-30e1-5a00f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bfbcdb7e8a6ece6-YUL
expires: Mon, 01 May 2023 00:52:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 61ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tru.am
URL: https://tru.am/scripts/a/reuters_pixel.194f3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Apr 2023 00:52:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jo8IEIrGKj8Borf5KlBFjrh3+nBRgbUkjBxeNF43VL+Y6P9ZIgPMvS36HPP93R9Ikk4RreRQp3vPtsZ05AGhvg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ajs-destination.bundle.a1b5627f72b6c90f2baa.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 19ms
18ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.a1b5627f72b6c90f2baa.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 13:02:16 GMT
x-amz-version-id: nog3Y.tiFf03vq0CZJGGOqdjlUDsQMqM
content-encoding: br
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 820227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 20 Apr 2023 12:05:42 GMT
server: AmazonS3
etag: W/"dba2c033bf5f6f351c330af3a7fde619"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: ZSuPwKcGibkMvBpAmDwJiDPNA8b6PrcPeTLKlLEhevqPUkwWfsLzjg==

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 2 KB
968 B 133ms
51ms XHR
application/json 2600:141b:13:6ae::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW&d=www.reuters.com&t=5609387&v=1.632.0&sl=0&si=ukv35qa4fhj-rtwl3u&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=656997
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:6ae::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b9fe8baf337833cb5e931fce48f793de3054e17823bb0a71f0dd9e4cb00daa5a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sun, 30 Apr 2023 00:52:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 648

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 80ms
22ms Script
application/javascript 199.232.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 15:55:14 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100040-IAD, cache-lga21963-LGA

GET
H2

200

activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers... Show response
10844217.fls.doubleclick.net/ Frame 2BB3
Redirect Chain

https://10844217.fls.doubleclick.net/activityi;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhack...
https://10844217.fls.doubleclick.net/activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2...

854 B
575 B

41ms
39ms

Document
text/html

172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10844217.fls.doubleclick.net/activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

cafe /

Resource Hash

66a7ad32a6ee043b7bc0cc57a38769e1a46e5d37a6add1bd3b48162638c6623e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 00:52:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 00:52:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10844217.fls.doubleclick.net/activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 104ms
31ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:42 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: GN5RDBTG6X0JSM7P
age: 2
x-amz-server-side-encryption: AES256
x-amz-id-2: raPUEwOhf+i8L17Oocll3lnyz21ek19HRm9CxYqN4lW0V/JgamMKSq6tZXbyaSfqnY7g9r48SLui5ACpnyJfPUfKK0q/NNCDqsOYTPYHbBs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 62 KB
15 KB 28ms
28ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jrvDF4hzrY2HZpgxWknk0A==
age: 66534
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14749
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:04 GMT
server: cloudflare
etag: 0x8DB109884565BA0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cbc139d4-701e-015d-2de1-5a6eb7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bfbcdb8b98eece6-YUL

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 21 KB
4 KB 29ms
29ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 69387
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4b382b96-d01e-0076-2ce1-5a5c5a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bfbcdb8b991ece6-YUL

GET
H2 200 pubfig.engine.4.37.0.0bfb359452e8f3221e6ba8d1400baedf448377d8.js Show response
a.pub.network/core/pubfig/ 448 KB
135 KB 25ms
24ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.0bfb359452e8f3221e6ba8d1400baedf448377d8.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ebd5f5bc31fc2519d8b06bf0e79520a9384a906076819f2c573591fe8e2e0a9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 287879
x-guploader-uploadid: ADPycdv1cxX_XtninA0x4MtdfSf9UqvKja--iAMLqUn01Rv3xCQoKtYIfYYqtnjziaR9IDTUHuw38W9EqYphNpjFv3L3KQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 13 Dec 2022 17:00:10 GMT
server: cloudflare
etag: W/"8a0ae9cca339304ea1769abd702251ac"
vary: Accept-Encoding
x-goog-generation: 1670950810399796
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=9NNhow==, md5=igrpzKM5ME6hdpq9cCJRrA==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 459117
access-control-allow-origin: *
cf-ray: 7bfbcdb8ccd333fb-YUL
expires: Sun, 30 Apr 2023 01:52:43 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 82ms
21ms Image
image/gif 2600:9000:21dd:1c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?bannnerid=243003_advertisement_
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 07:41:00 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 7233103
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 1KPL363DlID-vARfYZYYutpZWAAFS8pRIAJhvjk4qgGkXj1jgReDNg==

GET
H2 200 player.css
cds.connatix.com/p/263050/ 65 KB
11 KB 32ms
31ms Stylesheet
text/css 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/263050/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d4d7169daabc676334f89544fef9f89cda2616e5d87c47630fb052f3cff2a35

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
x-amz-version-id: OwDfUM6i.qXuuaGFT8wejXxtWUiawLdI
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Apr 2023 11:33:06 GMT
server: cloudflare
etag: W/"8515afd25779c595316d81b3d9c8593c"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7bfbcdb96f9c5401-YYZ
access-control-allow-headers: range
expires: Mon, 29 Apr 2024 00:52:43 GMT

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 23ms
23ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 08:09:28 GMT
x-amz-version-id: .soeuzGR0yQtuXsQ2XFkej_BqRyD0UqI
content-encoding: br
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 2047396
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 06 Apr 2023 08:06:31 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: AmwB1hxfXKZ-wJqR4ENAX2qCrpfaM0Wud2PTD6JeHyJAnes5YcOPsA==

GET
H2 200 231683795448623 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 21ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231683795448623?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d0c618c288fc27c1173446ac356bcff2645788035d16b54e853d4e68381422f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Apr 2023 00:52:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110301
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 36iowmzVWKz56llpNNYwZBzNCtJLfXZIdyNb0srTDR7RA30RJGAs6iFOMac7+z295YqGgAWzxtlOz4mqNCdNOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
375 B 138ms
40ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=c623183c-0f14-4988-ba5d-e90de0ccb82f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=87c3defa-4eee-4376-9415-62810339cfd4&tw_document_href=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61xp&type=javascript&version=2.3.29

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 5
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: bf2d2ce8eb32b129
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 409bdd5a6e411b37f7de3ef23ec282838cabc33e79e980aa75562808c2224d94
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
392 B 125ms
39ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=c623183c-0f14-4988-ba5d-e90de0ccb82f&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=87c3defa-4eee-4376-9415-62810339cfd4&tw_document_href=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61xp&type=javascript&version=2.3.29

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time: 4
date: Sun, 30 Apr 2023 00:52:42 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: e4f1ca371a2af43b
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a7ac07838bd4b415b6ded7eda76ca929790491a2bb0a3a1e5776cd74e0d086e7
content-length: 43

GET
H2 200 r_h_lg_rgb_ps_copy.png
cdn.cookielaw.org/logos/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/832341a0-c51b-47e9-ab89-aa5355568171/bf48f6de-6912-476c-9aee-2ef9dc4dc07d/ 5 KB
5 KB 25ms
24ms Image
image/png 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/832341a0-c51b-47e9-ab89-aa5355568171/bf48f6de-6912-476c-9aee-2ef9dc4dc07d/r_h_lg_rgb_ps_copy.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2966f4808cdde4d3878e5dcdee63eaed6844c23c8eb96f4ead3a1c86c7e14058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: d1bXiraWLYi1eW3sW0vtzQ==
age: 74390
content-length: 4900
x-ms-lease-status: unlocked
last-modified: Fri, 14 Aug 2020 08:27:10 GMT
server: cloudflare
etag: 0x8D8402BD6FB185A
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: ce1ecd9e-401e-00bf-7ee1-5acc90000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7bfbcdb9dba333ff-YUL

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 29ms
29ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 30 Apr 2023 00:52:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 19678
x-ms-lease-status: unlocked
last-modified: Thu, 27 Apr 2023 20:26:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ad8eee9b-301e-0055-0199-793391000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7bfbcdb9dba833ff-YUL

GET
H2 200 10160484.json Show response
s.yimg.com/wi/config/ 2 B
450 B 94ms
32ms XHR
application/json 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10160484.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:19:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XVJEDSY4GEKCX7GB
age: 1964
content-length: 2
x-amz-id-2: r64qBkgm7PNzl0tZA6JTuB5BysUgKvrQv1ONgwtUo6b6RLsE5PIDQR0SccPrhOJQ+C0Ur+1gxZc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/ 79 KB
18 KB 66ms
25ms Script
text/javascript 2606:4700:4400::6812:220a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.0bfb359452e8f3221e6ba8d1400baedf448377d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedcfcb101385ac447e7f7f5859e844af6656fd863371dc70ceef167c06288c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 29 Apr 2023 21:52:04 GMT
server: cloudflare
x-amz-request-id: E2300XAGXFJ1QN57
age: 209
etag: W/"3ca7f000d676096de48f841930d12c6e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7bfbcdba9bdf4bc5-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NBowamtecf1AGVYgm9WLCw+B8bCPBcERmubFOEM754SroweaTds8d/A7pX4maau6k4y6ROF8xYY=

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 96ms
53ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.0bfb359452e8f3221e6ba8d1400baedf448377d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7038be9a015722ccab31acdd8c92f01125085c7f2d128836186a252d4508038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24704
x-xss-protection: 0
server: cafe
etag: 795 / 19477 / 31074204 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 00:52:43 GMT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

1 MB
119 KB

91ms
37ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ab0e11dbe3d413ddf9f68f7a28665effe2299a09e8f7f142438f181ffcdd5f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 30 Apr 2023 00:01:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2940
etag: W/"c467719d80088d9672539cf6fc6d05b9"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQdXpxQLBYNeXL2TxzS5BwlwpD9DDPJ%2F%2Byiw5IBzIR65GVkWVjvtRgKRZu0WdV63XMGBRJzChOji3twXDhk6kr68ZHkzsrz7ijfjlmjEWgRz16bWLJdHv14eGhR5g9kwyc5jnWSBxd784Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7bfbcdbc085653ef-YYZ

Redirect headers

date: Sun, 30 Apr 2023 00:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT1keMIr9KAWlAYGaaAhgrQJ1KIkvy7pMfNkmA%2F0sj2wFgUmynnIfnbG1ZUrTOWrTaHXeUYK42JiHWIa1zrNVYBi%2BCP0NbdczARUy2Cu%2Fs%2BNnetMoWYUjq6GZRYTMgkqVVnnGstOP8xEHPicZvwkFyYFz0SAWa%2BCCiWpqA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 7bfbcdbabac0a244-YYZ
expires: Sun, 30 Apr 2023 01:52:43 GMT

GET
H2 200 prebid-analytics-7.19.8.js Show response
a.pub.network/core/ 547 KB
169 KB 28ms
22ms Script
text/html 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/prebid-analytics-7.19.8.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/pubfig.engine.4.37.0.0bfb359452e8f3221e6ba8d1400baedf448377d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94659d833506ce389c63600cfca80aa079eb4fca4c67736dfbeec87dfe6885fa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 28491
x-guploader-uploadid: ADPycduEzptLc7j5y9CRSgdU6E4Fs7e-zFnPKItr6PC-1MBcS993ByimwIapOlZ7Wg3-Lsj_XY_yUqBtdkF2j2c7w-mUag2_lXJ3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
last-modified: Fri, 02 Dec 2022 16:03:29 GMT
server: cloudflare
etag: W/"51ace935aa2aa7ac94ab810fd2e22d1d"
vary: Accept-Encoding
x-goog-generation: 1669997008969213
content-type: text/html
access-control-allow-origin: *
x-goog-hash: crc32c=6w1rdg==, md5=UazpNaoqp6yUq4EP0uItHQ==
content-language: en
access-control-expose-headers: *
cache-control: public, max-age=31507351
x-goog-stored-content-length: 560022
cf-ray: 7bfbcdba7ff133fb-YUL
expires: Sun, 28 Apr 2024 16:55:14 GMT

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 36C4 19 KB
6 KB 123ms
98ms XHR
application/x-protobuf 172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=263050
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b305dc81505f76515b7bbb65b8f5b99e86509f954aaabfca7537ef8e7ed2653

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7bfbcdbaba145401-YYZ
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sp...
adservice.google.com/ddm/fls/i/ Frame 2CE8 853 B
0 96ms
46ms Document
text/html 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F

Requested by

Host: 10844217.fls.doubleclick.net
URL: https://10844217.fls.doubleclick.net/activityi;dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10844217.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Apr 2023 00:52:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
42 KB 84ms
21ms Script
application/javascript 13.226.34.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=138
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-118.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 09:40:55 GMT
content-encoding: br
via: 1.1 b0ff224008cc113345fc49da87d20e9a.cloudfront.net (CloudFront)
x-amz-version-id: 77yKHytHO_pcAyQcoklw1dHdk4sqBtp0
last-modified: Tue, 04 Oct 2022 14:09:32 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 54709
x-amz-server-side-encryption: AES256
etag: W/"dfd164092f8d8abc70b55ba8c1bc2e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: XCy4j_5mdvVgqpQxqST82O-ESSMcMID38YKRV9lFvF7RW5ouhsVz2Q==

GET
H2 200 6f5f818a429a5d480a71.js Show response
cdn.segment.com/next-integrations/actions/google-analytics-4-web/ 188 KB
54 KB 21ms
21ms Script
application/javascript 13.225.223.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/6f5f818a429a5d480a71.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.223.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-223-151.jfk51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecbf43c569ee4955c7c18b4bf74acac6cddf21498125e59ef9593364580dfa9a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: nm8E1Tcr2wNFBSD0qTCdovHCfpzhXUWo
content-encoding: br
via: 1.1 fb7a91e6436d6c6ab7f46f75c256840c.cloudfront.net (CloudFront)
date: Sat, 29 Apr 2023 17:38:24 GMT
x-amz-cf-pop: JFK51-C1
age: 26059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 18 Apr 2023 16:53:07 GMT
server: AmazonS3
etag: W/"754202917f150769bc3ff4b4aaa812cd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: -QtsuL6-U4JbL02t1i_NgBRrEaWf-B8SZIY9WF9XtFJwJf3h-S06GA==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
634 B 70ms
25ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2030%20Apr%202023%2000%3A52%3A43%20GMT&n=0&b=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds%27%20dominance%20against%20it%20%7C%20Reuters&.yp=10160484&f=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&enc=UTF-8&us_privacy=1---&yv=1.14.0&tagmgr=gtm

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Apr 2023 00:52:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 30 Apr 2023 00:52:43 GMT

GET
H3 200 1586315481640631 Show response
connect.facebook.net/signals/config/ 383 KB
109 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1586315481640631?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

09df4a29a72bd397ef4c15696d9ca68adc0f03d69f1f53d7a73fb345d604d2dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Apr 2023 00:52:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 111179
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: f6+HMXXs3raA7G/gThQwLcgJgDLEXxq7IdcO3VNOuEEdZY0e1/mCVJG0AS6gC4ICABDI4hmgNGKRdDacoGaRKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
18ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231683795448623&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&rl=&if=false&ts=1682815963452&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=29&cs_est=true&fbp=fb.1.1682815963450.1425949118&it=1682815963117&coo=false&tm=1&rqm=GET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/business/hackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Apr 2023 00:52:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET insights.bin
ins.connatix.com/08d333ae-e444-4081-9ed0-be2a074bbfd7/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/0b57a6e7-94e3-4a0a-a0dd-12f9421edc14/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/c0c74a0d-9444-41d0-af94-5593a45f91a9/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/ba4d8903-b598-43eb-aba2-d97a56d6213f/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/93b9c976-fbff-40b1-9154-5356cb15fd59/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/7fd68b7e-c4cb-4304-97f4-bf2cef372eb5/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/6cd2c94d-5c5a-492a-ac10-ffb4ed230b80/4/ Frame 36C4 0
0

GET insights.bin
ins.connatix.com/ef9cb695-4769-4c56-b5a6-86603838f6b1/4/ Frame 36C4 0
0

GET blockedDomains_23.bin
lit.connatix.com/08d73c4a-1f08-bb8e-5601-47e4bef1e155/ Frame 36C4 0
0

POST sr
capi.connatix.com/tr/ Frame 36C4 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 97ms
50ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f427bc42b61926eb7556df5f1becb158b006cdb24727c01c9206e61e4805c9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24756
x-xss-protection: 0
server: cafe
etag: 976 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 30 Apr 2023 00:52:43 GMT

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/08d333ae-e444-4081-9ed0-be2a074bbfd7/ Frame 36C4 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 36C4 0
0

GET elements.ui.5c9685a29db4b3c950db.js
cds.connatix.com/p/263050/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/0b57a6e7-94e3-4a0a-a0dd-12f9421edc14/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/c0c74a0d-9444-41d0-af94-5593a45f91a9/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/ba4d8903-b598-43eb-aba2-d97a56d6213f/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/93b9c976-fbff-40b1-9154-5356cb15fd59/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/7fd68b7e-c4cb-4304-97f4-bf2cef372eb5/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/6cd2c94d-5c5a-492a-ac10-ffb4ed230b80/ Frame 36C4 0
0

GET 4_media.bin
vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/ef9cb695-4769-4c56-b5a6-86603838f6b1/ Frame 36C4 0
0

GET
H2

200

cks Show response
cks.connatix.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1
https://cks.connatix.com/cks?pid=19&uid=2535a965-ee76-4152-b45c-97872a4b3900&ttl=1685407963

146 B
164 B

47ms
26ms

Script
application/javascript

172.64.154.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cks.connatix.com/cks?pid=19&uid=2535a965-ee76-4152-b45c-97872a4b3900&ttl=1685407963
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c861c5bdc1920b6e5f5a5f6a7eddbdc7d5a5bfb2a0570a6b70006e0910508092

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7bfbcdbdcfa75401-YYZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Sun, 30 Apr 2023 00:52:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cks.connatix.com/cks?pid=19&uid=2535a965-ee76-4152-b45c-97872a4b3900&ttl=1685407963
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 213

GET userSync.js
ads.pubmatic.com/AdServer/js/ Frame 36C4 0
0

GET
H2

200

1000.gif Show response
id.rlcdn.com/
Redirect Chain

https://id.rlcdn.com/712202.gif?cparams=655d4eddc8744163b95cf3608f11dab2
https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNv3tqIGEgUI6AcQAEIASiA2NTVkNGVkZGM4NzQ0MTYzYjk1Y2YzNjA4ZjExZGFiMg

42 B
310 B

44ms
43ms

Script
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNv3tqIGEgUI6AcQAEIASiA2NTVkNGVkZGM4NzQ0MTYzYjk1Y2YzNjA4ZjExZGFiMg
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Sun, 30 Apr 2023 00:52:43 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNv3tqIGEgUI6AcQAEIASiA2NTVkNGVkZGM4NzQ0MTYzYjk1Y2YzNjA4ZjExZGFiMg
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET cm
us-u.openx.net/w/1.0/ Frame 36C4 0
0

GET dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sp...
adservice.google.ca/ddm/fls/i/ Frame EA70 0
0

POST /
pl.connatix.com/ Frame 36C4 0
0

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 79ms
28ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192344
x-guploader-uploadid: ADPycdt_e1uvDZ9znMbUCBkDZP4LwJp4S2JB_HRIM8QnmxkUBhIk2e4w9kGpe6AYWl0IQDssl86SP8spaaQi05kkyQ799pw85mlx
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppgeYec2wEqKZdN3%2Fgdht03HZWpl4TE6OPqNU5nmc31%2Bx2t7p3mPqDFgGXcmf71dDCC0iBg7fzBgJWOGIsDKGwLAx4F3abQAI4LFUbGy4cEMor%2FvbgPdDm7FwY%2ByT8YgYP7t%2FCf4MDqMXHDI0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7bfbcdbe4d28f991-YYZ
expires: Thu, 27 Apr 2023 19:49:22 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 64ms
11ms Image
image/x-icon 172.217.13.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul02s04-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 05:42:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 30 Apr 2023 05:42:49 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
933 B 78ms
27ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.8874523779393937
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 00:52:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 192344
x-guploader-uploadid: ADPycdt_e1uvDZ9znMbUCBkDZP4LwJp4S2JB_HRIM8QnmxkUBhIk2e4w9kGpe6AYWl0IQDssl86SP8spaaQi05kkyQ799pw85mlx
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9vB0vDRXxult23PS4nHslS03s7uZecxjNg3PSuM6jPe8PDeaddS73j97Ohh96nAdruOpxZdxKPTqYMcSQWU2orLfzIs%2FKulSIoHht5fyDZV7j5K%2FJvw46%2BMRqnG6YkFZnNX3bPAOylW1DUf5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7bfbcdbe4d2df991-YYZ
expires: Thu, 27 Apr 2023 19:49:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ins.connatix.com
URL: https://ins.connatix.com/08d333ae-e444-4081-9ed0-be2a074bbfd7/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/0b57a6e7-94e3-4a0a-a0dd-12f9421edc14/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/c0c74a0d-9444-41d0-af94-5593a45f91a9/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/ba4d8903-b598-43eb-aba2-d97a56d6213f/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/93b9c976-fbff-40b1-9154-5356cb15fd59/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/7fd68b7e-c4cb-4304-97f4-bf2cef372eb5/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/6cd2c94d-5c5a-492a-ac10-ffb4ed230b80/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/ef9cb695-4769-4c56-b5a6-86603838f6b1/4/insights.bin

Domain: lit.connatix.com
URL: https://lit.connatix.com/08d73c4a-1f08-bb8e-5601-47e4bef1e155/blockedDomains_23.bin

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/sr?v=263050&tier=2

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/08d333ae-e444-4081-9ed0-be2a074bbfd7/4_media.bin

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/263050/elements.ui.5c9685a29db4b3c950db.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/0b57a6e7-94e3-4a0a-a0dd-12f9421edc14/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/c0c74a0d-9444-41d0-af94-5593a45f91a9/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/ba4d8903-b598-43eb-aba2-d97a56d6213f/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/93b9c976-fbff-40b1-9154-5356cb15fd59/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/7fd68b7e-c4cb-4304-97f4-bf2cef372eb5/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/6cd2c94d-5c5a-492a-ac10-ffb4ed230b80/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-aff83c07-ac06-4ba6-af0e-2ddf8dbbe3fa/ef9cb695-4769-4c56-b5a6-86603838f6b1/4_media.bin

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/userSync.js

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d655d4eddc8744163b95cf3608f11dab2%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d

Domain: adservice.google.ca
URL: https://adservice.google.ca/ddm/fls/i/dc_pre=COXkzf2x0P4CFZFKDQodkOAMsA;src=10844217;type=remarket;cat=allpages;ord=1971578257017;gtm=45He34q0;auiddc=1276132895.1682815963;u1=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F;u2=Hackers%20at%20center%20of%20sprawling%20spy%20campaign%20turned%20SolarWinds'%20dominance%20against%20it%20%7C%20Reuters;~oref=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F

Domain: pl.connatix.com
URL: https://pl.connatix.com/

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reuters.com/	1970-01-20 11:37:00	Name: cleared-onetrust-cookies Value: Thu, 17 Feb 2022 19:17:07 GMT
www.reuters.com/	1970-01-20 11:28:22	Name: _lr_geo_location_state Value: QC
www.reuters.com/	1970-01-20 11:28:22	Name: _lr_geo_location Value: CA
www.reuters.com/	1970-01-20 20:12:31	Name: usprivacy Value: 1---
.reuters.com/	1970-01-20 11:37:00	Name: RT Value: "z=1&dm=reuters.com&si=ukv35qa4fhj&ss=lh2p6ag3&sl=0&tt=0"
www.reuters.com/	1969-12-31 23:59:59	Name: fs.bot.check Value: true
.wsod.com/	1970-01-20 12:53:19	Name: ub Value: B8485644dbbdabeb1f:0:1600:1200:1
.wsod.com/	1970-01-20 12:11:34	Name: f77 Value: !!!!!!0:1682815962
.reuters.com/	1970-01-20 21:02:55	Name: ta-octane.id Value: 8159deca-6565-4531-bee6-d0cfe003e60e\|8e9ceb3f-3122-4f6f-8e78-d5b92985b6ea\|0\|
www.reuters.com/	1969-12-31 23:59:59	Name: reuters-geo Value: {"country":"-", "region":"-"}
.pub.network/	1970-01-20 21:02:55	Name: _fsuid Value: b0a73059-bfc2-4acf-a132-13e3ffa3231d
.reuters.com/	1970-01-20 13:36:31	Name: _gcl_au Value: 1.1.1276132895.1682815963
.eloqua.com/	1970-01-20 20:57:10	Name: ELOQUA Value: GUID=54DD5E5EDE774B9280622159D7FA6EA2
.eloqua.com/	1970-01-20 20:57:10	Name: ELQSTATUS Value: OK
.doubleclick.net/	1970-01-20 11:26:56	Name: test_cookie Value: CheckForPermission
.reuters.com/	1970-01-20 20:12:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Apr+30+2023+00%3A52%3A43+GMT%2B0000+(GMT)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=e4e9b4c6-e4b9-4aa5-bfdb-fc4c2f0844ca&interactionCount=0&landingPath=https%3A%2F%2Fwww.reuters.com%2Fbusiness%2Fhackers-center-sprawling-spy-campaign-turned-solarwinds-dominance-against-it-2020-12-15%2F&groups=1%3A1%2C3%3A1%2CSPD_BG%3A1%2C2%3A1%2C4%3A1
www.reuters.com/	1970-01-20 21:02:55	Name: fs.session.id Value: 6dbcdfd3-eb0f-490d-b74c-561c098a4e69
.twitter.com/	1970-01-20 21:02:55	Name: personalization_id Value: "v1_MlOzSWaFXW2uoxEXkfes7w=="
.t.co/	1970-01-20 21:02:55	Name: muc_ads Value: ef1d59b5-511d-40d9-9db2-83f74039fc49
.connatix.com/	1970-01-20 12:10:07	Name: cnx_userId Value: 655d4eddc8744163b95cf3608f11dab2
.reuters.com/	1970-01-20 13:36:31	Name: _fbp Value: fb.1.1682815963450.1425949118
.yahoo.com/	1970-01-20 20:12:53	Name: A3 Value: d=AQABBNu7TWQCENCghx8_ZRgk4cj74JF_6SAFEgEBAQENT2RXZCXcxyMA_eMAAA&S=AQAAArNcP2Mgmgq-1pHmNVCw9B8
www.reuters.com/	1970-01-20 12:10:07	Name: cnx_userId Value: 655d4eddc8744163b95cf3608f11dab2
.openx.net/	1970-01-20 20:12:31	Name: i Value: a8d2547d-e8e1-0dbc-2391-cf3531c564ba\|1682815963
.adsrvr.org/	1970-01-20 20:13:58	Name: TDID Value: 2535a965-ee76-4152-b45c-97872a4b3900
.rlcdn.com/	1970-01-20 20:12:31	Name: rlas3 Value: euim3IKg7JqfabPfPdkSkSlyDGTGTI0KbmyessQxrFI=
.adsrvr.org/	1970-01-20 20:13:58	Name: TDCPM Value: CAEYBSABKAIyCwjW5tyC_sfkOxAFOAE.
.rlcdn.com/	1970-01-20 12:53:19	Name: pxrc Value: CNv3tqIGEgUI6AcQAA==
www.reuters.com/	1970-01-20 11:26:56	Name: _dd_s Value: rum=0&expire=1682816863009

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.dianomi.com/js/contextfeed.js Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: about:blank Message: Refused to execute script from 'https://id.rlcdn.com/1000.gif?memo=CIq8KxoNCNv3tqIGEgUI6AcQAEIASiA2NTVkNGVkZGM4NzQ0MTYzYjk1Y2YzNjA4ZjExZGFiMg' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10844217.fls.doubleclick.net
a.pub.network
ad-delivery.net
ad.doubleclick.net
ad.wsod.com
ads.pubmatic.com
adservice.google.ca
adservice.google.com
analytics.twitter.com
api-reuters-reuters-prod.cdn.arcpublishing.com
ats-wrapper.privacymanager.io
beacon.tru.am
btloader.com
c.go-mpulse.net
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.segment.com
cdn.sophi.io
cds.connatix.com
cks.connatix.com
cloudfront-us-east-2.images.arcpublishing.com
connect.facebook.net
d.pub.network
freestar-io.videoplayerhub.com
geo.privacymanager.io
geolocation.onetrust.com
id.rlcdn.com
imasdk.googleapis.com
img.en25.com
ins.connatix.com
lit.connatix.com
match.adsrvr.org
pl.connatix.com
s.go-mpulse.net
s.yimg.com
s2124157686.t.eloqua.com
scaredsnakes.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
static.ads-twitter.com
static.adsafeprotected.com
static.scroll.com
t.co
tru.am
us-u.openx.net
vid.connatix.com
www.datadoghq-browser-agent.com
www.dianomi.com
www.facebook.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.reuters.com
ads.pubmatic.com
adservice.google.ca
capi.connatix.com
cds.connatix.com
imasdk.googleapis.com
ins.connatix.com
lit.connatix.com
pl.connatix.com
us-u.openx.net
vid.connatix.com
104.18.16.195
104.244.42.131
104.244.42.197
13.225.223.151
13.225.224.171
13.226.34.118
13.226.34.92
142.0.173.23
172.217.13.102
172.217.13.198
172.64.154.204
18.164.116.102
199.232.194.217
199.232.36.157
2001:4998:14:800::1001
209.234.224.18
23.192.60.27
2600:141b:13:6ae::11a6
2600:141b:13:78e::11a6
2600:141b:13::172f:91aa
2600:1901:0:636d::1
2600:9000:2120:2e00:15:5a3e:9d40:93a1
2600:9000:21dd:1c00:8:48e:53c0:93a1
2606:4700:20::681a:274
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700:20::ac43:4af5
2606:4700:4400::6812:220a
2606:4700:4400::ac40:9062
2606:4700::6812:15ce
2606:4700::6813:bc61
2607:f8b0:4020:804::200e
2607:f8b0:4020:805::2002
2607:f8b0:4020:806::2002
2607:f8b0:4020:806::2008
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.160.110.8
35.190.60.146
52.223.40.198
52.85.61.101
76.13.32.146
08610105081cf1afc8fc221c8f8052ff461f70cc1e8a3ad49fdb4afe1ed3f2fd
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
096a0419a3787b284e7105edeebc7cf4915cb9549f3b433258f65483acc24510
09df4a29a72bd397ef4c15696d9ca68adc0f03d69f1f53d7a73fb345d604d2dc
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
14eec0a397676c68c57356acc3037aa1e5ce92a209aaddef12ac67964e74c1c5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a6d8b16bf827fbfe535f67361873713ba49796900c0e2fc2d2ba081d584441c
1caec7759e0a1800933780c51b2e863602b74f79dea670cb1930f54f7013d20a
1d0c618c288fc27c1173446ac356bcff2645788035d16b54e853d4e68381422f
1ebd5f5bc31fc2519d8b06bf0e79520a9384a906076819f2c573591fe8e2e0a9
1ff0831aa2f6e1e308286f1196b9f47fe306a0c55d5fe31bc46043a27547e146
23f8f783c7655b0ffb37d84b8fe0221dc36721c9ebbfda898baf78f6fb51f10a
26722786cc2b7257efb9ed4b77e7c4f0cae058303ac58a67e74f191db592eda7
2966f4808cdde4d3878e5dcdee63eaed6844c23c8eb96f4ead3a1c86c7e14058
2973d76478f49defa06e14482a83b7fee3229daa65e6f9c0fcbc3d56f891b2d1
2c6aa0bef20314812d9512a38a148c46995c7a548aa600ee947f11e4774aeb97
2c9de517a19168cb14906e31a0f8f8f74ce4d29ea3acb34d6b79c8ce3c6e71e6
2dabbc5acd6819a5cfe8d6535d9887bf1682449ceb6f1855a2caac82394f1003
2f1287f678334b9fa3f9791f37b2b1e17286696359e7c4150ea6d955a8756cea
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
39a3dcdaa3117d0f349beea9fec257badcdbf86655207db8a0f28d45b2bab86d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
476e47be34ede31e1ef4e1ff0cec8e21ed588343321d759c16a038547164960d
47fd252290fadf05a467960179a2051f15e05f5d55ca2767487646ecde31af47
50d0d88815187d0a5321f81da91080fb5ec9135341981c5baac04e06c86777a1
54486745343e400531943c92df648cc6b40c2ccd4dec6b9bf2964b3368a9cd1e
56a52b977852230c71bef155fdbfff593784fdfa532de2d933f6f0f43f13463b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
665778d03e88e6432bfc5c6fb2adee37a23a5fbb1f280ad4e0d7b85bc2651566
66a7ad32a6ee043b7bc0cc57a38769e1a46e5d37a6add1bd3b48162638c6623e
6b305dc81505f76515b7bbb65b8f5b99e86509f954aaabfca7537ef8e7ed2653
6d4d7169daabc676334f89544fef9f89cda2616e5d87c47630fb052f3cff2a35
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
732dcc5d27224fce2cfbc13b5968c4acd6e2b3b6a598f48b46e6cbca9d844ae3
75d3ed5d686101a435fa0256ba1961881937961dbfb5de541163dd0a5246cf9d
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
84194ce76dfac3b3a7a3d946e534e3ad60da6d9a73d484fffd33cd3e11e436a2
891349c486e4c789b377af14fd1e7319335911fd3e1b30ea20195fea2a04ab16
8fedcfcb101385ac447e7f7f5859e844af6656fd863371dc70ceef167c06288c
92c64848b096648ac7c03d99a336c163671b72d9d02b0440931c4a3ece1499b1
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
94659d833506ce389c63600cfca80aa079eb4fca4c67736dfbeec87dfe6885fa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95ab7fd9b41e1b63e1a85258a6efc2b0ed38bddd4cd86ebb4459fc8c7709dd0e
9c8546913f2e1a48f7a4f9c597c7529f183aaec70279282e3ace315b65e4b7c3
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a7d2775bd324ef36a1f9d17873efeb86b6602cd4a1198b7022be73c8c4493cf5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5f1153fe2b3be67cc533db17aa1424bfd50989f8494d61e565430993408612d
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b7ab0e11dbe3d413ddf9f68f7a28665effe2299a09e8f7f142438f181ffcdd5f
b9fe8baf337833cb5e931fce48f793de3054e17823bb0a71f0dd9e4cb00daa5a
c6b46b7b13a4e85c00b13fbd37d45e35ac17a59d174f41721f75897886db93af
c7038be9a015722ccab31acdd8c92f01125085c7f2d128836186a252d4508038
c861c5bdc1920b6e5f5a5f6a7eddbdc7d5a5bfb2a0570a6b70006e0910508092
cd6db37e805ba6712b7fb90bfd44c9421ad137f057841202f9850ee504ae89d2
cef181b89850405f733232c050e35b633a648eacee98005f2663b481ac3b0db4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d976009e0ff2a163ec0fec368655f9d213b36817354f1d3f02cfbc99dbff51e7
da37ac687a57e7f478fbf6da5f5e51377a193298a69ec6f8f14fc7b676acbb08
dfe8c72a5971a45d9ee85a92cff6a59dfdecb468df8efe4e8879673c19461193
e25ef2dd307bde593fff6534bbeaacf65acc21c5f5c711c6791f70e7cf60c52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbf43c569ee4955c7c18b4bf74acac6cddf21498125e59ef9593364580dfa9a
eefe7f7a5381463b0f8317fe171995b69d68e15f04c8fb7172844ee38eb93387
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f25a9e43371235aa29f76d7d2d3bc8ebf6a951a78bd17c503b62bca1d9f92c82
f427bc42b61926eb7556df5f1becb158b006cdb24727c01c9206e61e4805c9c5

www.reuters.com Open in urlscan Pro 2600:9000:2120:2e00:15:5a3e:9d40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

73 %HTTPS

51 %IPv6

41 Domains

55 Subdomains

42 IPs

3 Countries

2956 kBTransfer

11520 kBSize

29 Cookies

0 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.reuters.com Open in urlscan Pro
2600:9000:2120:2e00:15:5a3e:9d40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

73 %
HTTPS

51 %
IPv6

41
Domains

55
Subdomains

42
IPs

3
Countries

2956 kB
Transfer

11520 kB
Size

29
Cookies

109 HTTP transactions
0 data transactions