www.reuters.com Open in urlscan Pro
2600:9000:26f2:d000:15:5a3e:9d40:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath...
Submission: On August 13 via manual (August 13th 2024, 12:26:36 am UTC) from JP — Scanned from JP

Summary HTTP 367 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 98 IPs in 9 countries across 69 domains to perform 367 HTTP transactions. The main IP is 2600:9000:26f2:d000:15:5a3e:9d40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.reuters.com. The Cisco Umbrella rank of the primary domain is 23410.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 1st 2024. Valid for: a year.

This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2600:9000:26f... 2600:9000:26f2:d000:15:5a3e:9d40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.67.74.245 172.67.74.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:400a:80e::2008	15169 (GOOGLE) (GOOGLE)
3	104.18.24.111 104.18.24.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:140b:a00... 2600:140b:a00:698::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6812:1c7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	13.35.27.29 13.35.27.29	16509 (AMAZON-02) (AMAZON-02)
1	23.34.99.108 23.34.99.108	16625 (AKAMAI-AS) (AKAMAI-AS)
28	104.18.31.150 104.18.31.150	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:20c... 2600:9000:20c5:6e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:140b:1c0... 2600:140b:1c00:38::1732:76be	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.18.20.206 104.18.20.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.33.174.21 13.33.174.21	16509 (AMAZON-02) (AMAZON-02)
1 3	192.29.13.138 192.29.13.138	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
20	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
20	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
1	151.101.108.157 151.101.108.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2406:2000:a4:... 2406:2000:a4:807::1	10230 (YAHOO-SG ...) (YAHOO-SG internet content provider)
1	65.9.39.3 65.9.39.3	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:221... 2600:9000:221a:ce00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.111.152.239 34.111.152.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	117.18.232.195 117.18.232.195	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	54.150.112.144 54.150.112.144	16509 (AMAZON-02) (AMAZON-02)
18	142.250.76.130 142.250.76.130	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:221... 2600:9000:221b:6000:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
2 4	99.84.55.19 99.84.55.19	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:7611	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.179.182.207 54.179.182.207	16509 (AMAZON-02) (AMAZON-02)
2	104.18.20.97 104.18.20.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:20:... 2606:4700:20::681a:832	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:4bd8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.76.134 142.250.76.134	15169 (GOOGLE) (GOOGLE)
2	172.217.25.166 172.217.25.166	15169 (GOOGLE) (GOOGLE)
2	142.250.206.200 142.250.206.200	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:4caf:931f:84c4:3d79	14618 (AMAZON-AES) (AMAZON-AES)
1	52.7.252.0 52.7.252.0	14618 (AMAZON-AES) (AMAZON-AES)
1	52.206.104.174 52.206.104.174	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:140b:a80... 2600:140b:a800:6b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.111.33 34.120.111.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	35.244.193.51 35.244.193.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
12	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	34.107.165.188 34.107.165.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.207.144.134 52.207.144.134	14618 (AMAZON-AES) (AMAZON-AES)
2 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800e... 2620:116:800e:21:6c50:dbee:bef5:203d	16509 (AMAZON-02) (AMAZON-02)
16	35.78.24.19 35.78.24.19	16509 (AMAZON-02) (AMAZON-02)
2	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.241.9.51 35.241.9.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 3	103.43.90.53 103.43.90.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.32.224.239 23.32.224.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.36.214.49 34.36.214.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2404:6800:400... 2404:6800:4004:801::2001	15169 (GOOGLE) (GOOGLE)
8	142.250.196.142 142.250.196.142	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26f... 2600:9000:26f2:4800:f:e061:be80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	44.233.229.211 44.233.229.211	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c06::9d	15169 (GOOGLE) (GOOGLE)
1	142.251.222.3 142.251.222.3	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:206... 2600:9000:2066:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	52.43.27.85 52.43.27.85	16509 (AMAZON-02) (AMAZON-02)
2 2	207.65.34.80 207.65.34.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.250.206.194 142.250.206.194	15169 (GOOGLE) (GOOGLE)
1 1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.199.153.13 52.199.153.13	16509 (AMAZON-02) (AMAZON-02)
1	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	34.102.183.59 34.102.183.59	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.98.127.78 34.98.127.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.177.184 35.244.177.184	15169 (GOOGLE) (GOOGLE)
5	52.12.47.65 52.12.47.65	16509 (AMAZON-02) (AMAZON-02)
6	142.250.76.142 142.250.76.142	15169 (GOOGLE) (GOOGLE)
1	44.193.56.5 44.193.56.5	14618 (AMAZON-AES) (AMAZON-AES)
6	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.195.85.83 23.195.85.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:5... 2600:1901:0:56e0::	15169 (GOOGLE) (GOOGLE)
22	2600:1f18:1ac... 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578	14618 (AMAZON-AES) (AMAZON-AES)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	172.217.25.162 172.217.25.162	15169 (GOOGLE) (GOOGLE)
7	2404:6800:400... 2404:6800:400a:80b::2001	15169 (GOOGLE) (GOOGLE)
2	172.217.161.68 172.217.161.68	15169 (GOOGLE) (GOOGLE)
3	34.117.4.53 34.117.4.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	207.65.34.76 207.65.34.76	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	172.217.25.174 172.217.25.174	15169 (GOOGLE) (GOOGLE)
367	98

20 2600:9000:26f2:d000:15:5a3e:9d40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.74.245 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:400a:80e::2008 (Osaka, Japan)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.24.111 (None, )

ASN13335 (CLOUDFLARENET, US)

scaredsnakes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a00:698::11a6 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1c7f (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.35.27.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-27-29.nrt20.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.34.99.108 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-99-108.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 104.18.31.150 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:20c5:6e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:140b:1c00:38::1732:76be (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

api-reuters-reuters-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.174.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-21.nrt57.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.29.13.138 (Toronto, Canada) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

s2124157686.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.42.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.108.157 (San Francisco, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2000:a4:807::1 (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.39.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-39-3.nrt12.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:221a:ce00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com

optimise.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.18.232.195 (Australia)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.150.112.144 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-112-144.ap-northeast-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.76.130 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:221b:6000:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.55.19 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-55-19.nrt20.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.179.182.207 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-182-207.ap-southeast-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.20.97 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:832 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

freestar-io.videoplayerhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:4bd8 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.76.134 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f6.1e100.net

10844217.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.25.166 (United States)

ASN15169 (GOOGLE, US)
PTR: sin01s16-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.206.200 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4caf:931f:84c4:3d79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.252.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-252-0.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.104.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-104-174.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a800:6b8::11a6 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::b (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.193.51 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.165.188 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.165.107.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.144.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-144-134.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800e:21:6c50:dbee:bef5:203d (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.78.24.19 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com

a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.53 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.224.239 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-224-239.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com

pa.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2001 (Australia)

ASN15169 (GOOGLE, US)

a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.196.142 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26f2:4800:f:e061:be80:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.233.229.211 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-229-211.us-west-2.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c06::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.222.3 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.43.27.85 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-27-85.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.34.80 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.206.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.199.153.13 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-153-13.ap-northeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.183.59 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 59.183.102.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.127.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.127.98.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.177.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.177.244.35.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.12.47.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-12-47-65.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.76.142 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: kix07s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.193.56.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-56-5.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual-analytics.wunderkind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.195.85.83 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-85-83.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.25.162 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2404:6800:400a:80b::2001 (Osaka, Japan)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.161.68 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.4.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.4.117.34.bc.googleusercontent.com

ssp.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.65.34.76 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.25.174 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s13-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 1040 pixel.adsafeprotected.com — Cisco Umbrella Rank: 1139 dt.adsafeprotected.com — Cisco Umbrella Rank: 974	168 KB
31	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280 10844217.fls.doubleclick.net — Cisco Umbrella Rank: 44707 ad.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 cm.g.doubleclick.net — Cisco Umbrella Rank: 363 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	249 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	467 KB
28	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 14117	52 KB
24	pub.network a.pub.network — Cisco Umbrella Rank: 7353 d.pub.network — Cisco Umbrella Rank: 7910 c.pub.network — Cisco Umbrella Rank: 7429	366 KB
23	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 2328 a.ad.gt — Cisco Umbrella Rank: 2521 p.ad.gt — Cisco Umbrella Rank: 2796 ids.ad.gt — Cisco Umbrella Rank: 2348 pixels.ad.gt — Cisco Umbrella Rank: 2702	21 KB
20	reuters.com 1 redirects www.reuters.com — Cisco Umbrella Rank: 23410	898 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662 analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	76 KB
11	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 3941 tag.bounceexchange.com — Cisco Umbrella Rank: 6732 api.bounceexchange.com — Cisco Umbrella Rank: 4107	218 KB
9	segment.com cdn.segment.com — Cisco Umbrella Rank: 3005	147 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	24 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	281 KB
6	pubmatic.com 2 redirects ads.pubmatic.com — Cisco Umbrella Rank: 855 image2.pubmatic.com — Cisco Umbrella Rank: 1373 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744	1007 B
6	arcpublishing.com api-reuters-reuters-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 41755	3 KB
5	segment.io api.segment.io — Cisco Umbrella Rank: 1485	866 B
5	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 2653	1 KB
5	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 4784 rp.liadm.com — Cisco Umbrella Rank: 1645 rp4.liadm.com — Cisco Umbrella Rank: 4911 idx.liadm.com — Cisco Umbrella Rank: 2445 i.liadm.com — Cisco Umbrella Rank: 937	39 KB
4	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 3679	499 B
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 553 mug.criteo.com — Cisco Umbrella Rank: 2813	1 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1573 api.btloader.com — Cisco Umbrella Rank: 1813	19 KB
4	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 4307 api.permutive.com — Cisco Umbrella Rank: 3370	141 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	361 KB
3	wknd.ai ssp.wknd.ai — Cisco Umbrella Rank: 6927	13 B
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 6963 page.cdnbasket.net — Cisco Umbrella Rank: 6969 view.cdnbasket.net — Cisco Umbrella Rank: 6981	1014 B
3	casalemedia.com ssum-sec.casalemedia.com — Cisco Umbrella Rank: 892 as-sec.casalemedia.com — Cisco Umbrella Rank: 4738	2 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 383 secure.adnxs.com — Cisco Umbrella Rank: 764	3 KB
3	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 505	2 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461 mab.chartbeat.com — Cisco Umbrella Rank: 3880	35 KB
3	eloqua.com 1 redirects s2124157686.t.eloqua.com — Cisco Umbrella Rank: 42783	2 KB
3	scaredsnakes.com scaredsnakes.com — Cisco Umbrella Rank: 40907	26 KB
3	tru.am tru.am — Cisco Umbrella Rank: 6235 beacon.tru.am — Cisco Umbrella Rank: 7510	12 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 5623 e.cdnwidget.com — Cisco Umbrella Rank: 20630	332 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 319	1 KB
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 694 eus.rubiconproject.com — Cisco Umbrella Rank: 948	1 KB
2	reutersmedia.net static.reutersmedia.net — Cisco Umbrella Rank: 46316	25 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 2337 pixel.quantserve.com — Cisco Umbrella Rank: 1616	11 KB
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 645	2 KB
2	33across.com 1 redirects lexicon.33across.com — Cisco Umbrella Rank: 2352	597 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1603	1 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 2804	129 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393 ups.analytics.yahoo.com — Cisco Umbrella Rank: 612	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 1020	8 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	76 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 6926 api-js.datadome.co — Cisco Umbrella Rank: 6331	30 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	550 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 2168 c.go-mpulse.net — Cisco Umbrella Rank: 906	51 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	41 KB
1	wunderkind.co contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 5226	332 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1124
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1187	275 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 1077	851 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 2075	1 KB
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 17187	63 B
1	openx.net pa.openx.net — Cisco Umbrella Rank: 5140
1	prmutv.co a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co — Cisco Umbrella Rank: 61732	385 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1369	279 B
1	edkt.io cdn.edkt.io — Cisco Umbrella Rank: 9270	8 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2589	12 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	201 B
1	videoplayerhub.com 1 redirects freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 11720	663 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	394 B
1	t.co t.co — Cisco Umbrella Rank: 979	375 B
1	optimise.net optimise.net — Cisco Umbrella Rank: 8494	870 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2536	48 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 15632	3 KB
367	69

	Domain	Requested by
28	www.dianomi.com	www.reuters.com www.dianomi.com
22	dt.adsafeprotected.com	www.reuters.com
20	pagead2.googlesyndication.com	a.pub.network www.reuters.com pagead2.googlesyndication.com
20	www.reuters.com	1 redirects www.reuters.com
18	securepubads.g.doubleclick.net	a.pub.network securepubads.g.doubleclick.net www.reuters.com pagead2.googlesyndication.com
16	pixel.adsafeprotected.com	static.adsafeprotected.com www.reuters.com
10	ids.ad.gt	1 redirects www.reuters.com
10	c.pub.network	js.datadome.co
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
10	d.pub.network	www.reuters.com js.datadome.co
10	static.adsafeprotected.com	www.reuters.com
9	assets.bounceexchange.com	www.reuters.com tag.bounceexchange.com assets.bounceexchange.com
9	id.hadron.ad.gt	js.datadome.co cdn.hadronid.net
9	cdn.segment.com	www.reuters.com cdn.segment.com
8	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.reuters.com
7	tpc.googlesyndication.com	www.reuters.com
7	cdn.cookielaw.org	www.reuters.com cdn.cookielaw.org js.datadome.co
6	api-reuters-reuters-prod.cdn.arcpublishing.com	www.reuters.com
5	googleads.g.doubleclick.net	www.reuters.com
5	api.segment.io	js.datadome.co
5	protected-by.clarium.io	www.reuters.com
4	events.bouncex.net	www.reuters.com
4	sb.scorecardresearch.com	2 redirects www.reuters.com
4	a.pub.network	www.reuters.com a.pub.network
4	www.googletagmanager.com	www.reuters.com www.googletagmanager.com cdn.segment.com p.ad.gt
3	ssp.wknd.ai	assets.bounceexchange.com
3	pixel.tapad.com	3 redirects
3	api.permutive.com	cdn.permutive.com
3	analytics.google.com	js.datadome.co
3	match.adsrvr.org	2 redirects js.datadome.co
3	s2124157686.t.eloqua.com	1 redirects www.reuters.com img.en25.com
3	scaredsnakes.com	www.reuters.com js.datadome.co
2	hbopenbid.pubmatic.com	assets.bounceexchange.com
2	as-sec.casalemedia.com	assets.bounceexchange.com
2	www.google.com	www.reuters.com
2	dpm.demdex.net	2 redirects
2	cm.g.doubleclick.net	1 redirects www.reuters.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	static.reutersmedia.net	www.reuters.com
2	ads.pubmatic.com	a.pub.network assets.bounceexchange.com
2	api.btloader.com	js.datadome.co freestar-io.videoplayerhub.com
2	id5-sync.com	js.datadome.co
2	mug.criteo.com	www.reuters.com
2	lexicon.33across.com	1 redirects www.reuters.com
2	gum.criteo.com	1 redirects
2	ad-delivery.net	www.reuters.com
2	ad.doubleclick.net	www.reuters.com
2	10844217.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	btloader.com	www.reuters.com js.datadome.co
2	cdn.confiant-integrations.net	a.pub.network cdn.confiant-integrations.net
2	static.chartbeat.com	www.reuters.com
2	www.facebook.com	www.reuters.com
2	s.yimg.com	www.reuters.com s.yimg.com
2	connect.facebook.net	www.reuters.com connect.facebook.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	tru.am	www.reuters.com tru.am
1	static.criteo.net	assets.bounceexchange.com
1	e.cdnwidget.com	www.reuters.com
1	ids.cdnwidget.com	assets.bounceexchange.com
1	contextual-analytics.wunderkind.co	assets.bounceexchange.com
1	eus.rubiconproject.com	assets.bounceexchange.com
1	js-sec.indexww.com	assets.bounceexchange.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	pixels.ad.gt	p.ad.gt
1	i.liadm.com	b-code.liadm.com
1	view.cdnbasket.net	assets.bounceexchange.com
1	page.cdnbasket.net	assets.bounceexchange.com
1	data.cdnbasket.net	assets.bounceexchange.com
1	lb.eu-1-id5-sync.com	js.datadome.co
1	pixel.quantserve.com	www.reuters.com
1	ssum-sec.casalemedia.com	www.reuters.com
1	bh.contextweb.com	1 redirects
1	token.rubiconproject.com	www.reuters.com
1	p.ad.gt	a.ad.gt
1	rules.quantcount.com	secure.quantserve.com
1	tag.bounceexchange.com	assets.bounceexchange.com
1	www.google.co.jp	www.reuters.com
1	a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pa.openx.net	a.pub.network
1	ib.adnxs.com	cdn.permutive.com
1	a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co	cdn.permutive.com
1	secure.quantserve.com	a.pub.network
1	idx.liadm.com	js.datadome.co
1	api.rlcdn.com	js.datadome.co
1	ups.analytics.yahoo.com	js.datadome.co
1	cdn.edkt.io	a.pub.network
1	cdn.hadronid.net	a.pub.network
1	c.go-mpulse.net	s.go-mpulse.net
1	mab.chartbeat.com	static.chartbeat.com
1	ping.chartbeat.net	www.reuters.com
1	rp4.liadm.com	www.reuters.com
1	rp.liadm.com	1 redirects
1	freestar-io.videoplayerhub.com	1 redirects
1	sp.analytics.yahoo.com	www.reuters.com
1	cdn.permutive.com	www.reuters.com
1	api-js.datadome.co	js.datadome.co
1	analytics.twitter.com	www.reuters.com
1	t.co	www.reuters.com
1	optimise.net	js.datadome.co
1	b-code.liadm.com	www.googletagmanager.com
1	www.datadoghq-browser-agent.com	www.reuters.com
1	static.ads-twitter.com	www.googletagmanager.com
1	js.datadome.co	www.reuters.com
1	beacon.tru.am	tru.am
1	img.en25.com	www.reuters.com
1	s.go-mpulse.net	www.reuters.com
367	109

This site contains links to these domains. Also see Links.

Domain
www.reutersagency.com
www.thomsonreuters.com
www.lseg.com
static.reuters.com
apps.apple.com
play.google.com
reuters.com
x.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
legal.thomsonreuters.com
tax.thomsonreuters.com
trdigital.iad1.qualtrics.com

Subject Issuer	Validity	Valid
www.reuters.com COMODO RSA Organization Validation Secure Server CA	`2024-07-01` - `2025-07-01`	a year	crt.sh
tru.am WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
scaredsnakes.com E5	`2024-07-07` - `2024-10-05`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
dianomi.com E5	`2024-06-28` - `2024-09-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2024-01-08` - `2025-02-08`	a year	crt.sh
pub.network WE1	`2024-07-21` - `2024-10-19`	3 months	crt.sh
*.datadome.co Gandi RSA Domain Validation Secure Server CA 3	`2023-10-10` - `2024-11-09`	a year	crt.sh
d.pub.network WR3	`2024-07-17` - `2024-10-15`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-22` - `2024-08-20`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2024-09-18`	2 months	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-08-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M03	`2023-12-02` - `2024-12-29`	a year	crt.sh
optimise.net WR3	`2024-07-12` - `2024-10-10`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-10-31`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
confiant-integrations.net WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
btloader.com WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
ad-delivery.net WE1	`2024-07-15` - `2024-10-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
hadronid.net WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
edkt.io WR3	`2024-08-03` - `2024-11-01`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-07-30` - `2025-01-22`	6 months	crt.sh
id.hadron.ad.gt WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.id5-sync.com E6	`2024-07-01` - `2024-09-29`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
quantserve.com R10	`2024-06-24` - `2024-09-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M03	`2024-02-28` - `2025-03-29`	a year	crt.sh
api.btloader.com WR3	`2024-08-02` - `2024-10-31`	3 months	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-26` - `2025-04-10`	a year	crt.sh
c.pub.network WR3	`2024-07-14` - `2024-10-12`	3 months	crt.sh
*.prmutv.co R3	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
pa.openx.net WR3	`2024-07-22` - `2024-10-20`	3 months	crt.sh
static.reuters.com COMODO RSA Organization Validation Secure Server CA	`2023-12-21` - `2024-12-20`	a year	crt.sh
assets.bounceexchange.com WR3	`2024-07-17` - `2024-10-15`	3 months	crt.sh
protected-by.clarium.io Amazon RSA 2048 M03	`2023-11-16` - `2024-12-15`	a year	crt.sh
*.google.co.jp WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
a.ad.gt WE1	`2024-08-07` - `2024-11-05`	3 months	crt.sh
tag.bounceexchange.com R10	`2024-07-17` - `2024-10-15`	3 months	crt.sh
api.permutive.com R10	`2024-06-13` - `2024-09-11`	3 months	crt.sh
p.ad.gt Cloudflare Inc ECC CA-3	`2023-11-09` - `2024-11-07`	a year	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
casalemedia.com E5	`2024-06-17` - `2024-09-15`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-07-01` - `2024-09-29`	3 months	crt.sh
data.cdnbasket.net WR3	`2024-07-02` - `2024-09-30`	3 months	crt.sh
page.cdnbasket.net WR3	`2024-07-10` - `2024-10-08`	3 months	crt.sh
view.cdnbasket.net WR3	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
pixels.ad.gt WE1	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.wunderkind.co R10	`2024-08-02` - `2024-10-31`	3 months	crt.sh
indexww.com WE1	`2024-08-03` - `2024-11-02`	3 months	crt.sh
ids.cdnwidget.com R11	`2024-07-10` - `2024-10-08`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M03	`2024-04-25` - `2025-05-23`	a year	crt.sh
e.cdnwidget.com R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh

This page contains 44 frames:

Primary Page: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Frame ID: BA4CC09CD7AA4724B0FC918817E37CEF
Requests: 258 HTTP requests in this frame

Frame: https://10844217.fls.doubleclick.net/activityi;dc_pre=CI7248ba8IcDFUbzTAIdFvkBBg;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=166633955;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Frame ID: 88DDD6F18AF20878123AFFAD8E71F1C8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 9B0E77B3392EA7676DA3FD4F390D1012
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 5D9A00FCC4DF5E25FEDC6AA6752FFC38
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: 373B138FD7CAF78ADFD66ABE4DF96EB9
Requests: 1 HTTP requests in this frame

Frame: https://a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC5B906C9E0BFE1D539296E33B92EF1D
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1
Frame ID: F8741A1D36B6EAE9577860D92BC21C43
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=10165&numAds=6&cf=545.1479.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10165-ZrqoL4cRyrO704Non8cdxgAAABU0&responsiveHeight=1&contextfeedFrameId=1479-673&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 5433C81E6CD5F40E8953F6547216DFC9
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: B3F24A4C8D60572EB79C7DF08D6A9E23
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=10415&numAds=12&cf=545.1480.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10415-ZrqoLwxBIUQlgX8HXJIWPQAAADQ0&responsiveHeight=1&contextfeedFrameId=1480-138&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: BB5951B5F9A846A1E53636436E1DFCA4
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: A47DE6B5F5E2FB4B23E77E6461FA8CC9
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=50378&numAds=3&cf=545.2615.Reut%20(In%20A)&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50378-ZrqoL-m4ev93ZLEZwOw1qQAAABQ0&responsiveHeight=1&contextfeedFrameId=2615-373&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: 1B788D2D64F62FE456BB6CF87F830684
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: 20EDBF3BA4853A20B4C5300EB742C309
Requests: 4 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=45764&numAds=3&cf=545.2383.Reuters%20New&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-45764-ZrqoLz5dj0C-R3QYQHVCGQAAAAs0&responsiveHeight=1&contextfeedFrameId=2383-488&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: E65247FA6E2B170CF657A05EB78F04B7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufbsLoj7KbPRmZ3v0kFKZMJsE4fsdb4-XBNjBiVx4fYE6Pi5by9uOwMTLwmioDPtu8N5lAatGsaj6q5SlntnW0Hj6bDDWWG8e4Ik6PL807MBJvK__Ki_rY900r9HOr7vH-95ORQe6zKZHcyhXEPenWTSlCubIGOykT6Mv_wh8XUurR7eYNSoIpzB6H6M0T4Q0OHXiQPIKLiMYSSfE9A9ZLPBZ6zy6fCfQoo172iV0k67dTqyYrrfuR-jOBsosHnzl2HrBkIfNttrGyQW-iOoEKHTBHoAzCBkk1ALxTfKI2Upqdqc3lv50aaMGhpWQc0V0HLaVnOQZKIaTflP7qDMp1snrnHw&sai=AMfl-YTE4foUVaufQAlx8Md1SMeAevHzRweXTVDIGBcu0m1DOBOqokWHEvqvUGSIqmjILDO3mC1jUHVYhX1EZxahRizjo4LCxI8wzYvRY6utd1wXyBf1Ol_lps4UF5_1HQ&sig=Cg0ArKJSzAfDNm2hDeFCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 5F274BC980A4A21910A25692B4808BB7
Requests: 7 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-07no?duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&euns=0&s=&us_privacy=1---&version=v2.14.3&cd=.reuters.com
Frame ID: B9F9F3C3289354FF3AFD039135921C9C
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 40925AA22CA3C4F80058B0E8306E2412
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8954FDDCFE9BA7292DDD48444E96C0CB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: FA7100B347235272F967D57859614229
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Frame ID: EE6566AA307CB9860EFBA0830CF083A4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtiE1IJ6n0lSc0Ha2pV8haIM8V95z_mCoW9ZHkKbK8Pg0gQvWcL7TjQKra3RoMNFwhszPW8fuqH9BD5ET7wvojM9q2Fr6Odfq6_yDifoC6nq1PUvy8yA3NyLUn9AMIGhhZt0B-W5S0TC-_FXXDm2mM70hcPg3gGv6H-D9OF9uvAmfdodW7Nj1jPoB6-j25YtvtLol-i9DONEK8HCOzCeMAKba4G7wESiUpVOMeW_9vzfucWJD9w8Su2cl7pkuvhVUhuTWOykxQsnArlnjfZ6TOCGddD7BbJ7dUCvYDKFdZWR-0C02BXwhrQqQ57OYpeOUloK7rOKMtL6mh-DY636iLX21vlRINDuADYZ7sqVUzAVBQ5sTU3Sh2Bqss5RL_6hYUp7FI2g&sai=AMfl-YTi_auzP7XEuLcOrBLgDBYl0Nvd8PeBDgyHtXG6nFG4_eEZazhRcyvyJBrLGAa62x618iceAcY3heVQ99VfsjnQlBv6ryWNn47p3ran33E3BKxK7pGF68M5rwtOFA&sig=Cg0ArKJSzDPLB7ozTv3TEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: DBD69C35D419AE11132063D947CA4B57
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=300x250&pubId=4711333878&chanId=22029718962&placementId=6703581563&pubCreative=138471995887&pubOrder=3240396856&cb=1128488074&custom=native&custom2=reuters_desktop_native_1&custom3=111&custom4=
Frame ID: 3CEA02E374F458A0DA7EC1DF605890A3
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuHc4bkRQDjzeY6kvxlCQ8QqEv7yM3qwuteSx_McDR7gui0dHAANvUzviinsNjC4-Hzc-MnUspweoHWhcbAgiSc2snOZbLUPPI6OMAI2rATH6_pN2j_elKNLKCue5AQGPoac5j-_5zI8BqvCDX7lo7mfCEcS2uECP0bw1dSYzkLUaMFVX8aHDW5yg9XEfujzbuaEItzP9GjazO2seAhZDwpeIr6CWnv49Eas48QsAJJnEWp3drfBg59Pfhelt09mIHWJdWIWuiUSbl8GIb2tmGbFYKZNNv4nRXbBXF42SB_8sweYm5yFc01pqj94OuDgLn_ZIOhzB4-nDIJypjQh-tArXmLM5GxDufOXgOrYLrlcOTl8Qe1Tqx33YoSiLD7MpDK2CZHTmOHK-tZUgj1XBVUNpf4dg&sai=AMfl-YRM3elL3e7EnfpaC38w_uRzzf0sIMlesDoFr3nDqrFxshOEGDXDO1iBnxHiZx2ZaUt1EO639HkHSMb-YmPinvM3r0Q6-6sI3V5FSS-01wUKT2PSivYgY0otcW3zvw&sig=Cg0ArKJSzEzlMCRsh4gzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9D8BC60AF30D38A978D1957F9FAF0016
Requests: 11 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=300x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138420677785&pubOrder=3045656367&cb=139253616&custom=mpu2&custom2=reuters_desktop_right_rail_2&custom3=111&custom4=
Frame ID: D86A5133DA5F5F3912491EB22CBCD829
Requests: 2 HTTP requests in this frame

Frame: https://www.dianomi.com/img/dianomi-max-200x38.png
Frame ID: 1C771AA9C41B4AC5067B22F2B7FBA688
Requests: 3 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=50359&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50359-ZrqoMTvmGqZVMQYZ8b_8XQAAABk0&isWaterfall=true&contextfeedFrameId=2611-152&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: E147248F3F68AD32FFD8663AD5F35192
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: DB22F8FFE777DC94B5D18E653E916402
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAptnkBc8cWuUCx52KyQl-ikzXon2LTCkliUay4547onEQ9GIb0JCd0DjYL2OFy2D86oQDmcwsgFE5lG7htfa-jl1mFHSfbS9ANVaEbbt1vdyOO32QYNAQZdIBDJT8IwcPAjP_oYSlb3hSe8PG4i4hE02q_1YzP24fQwa1eWy3noRRvEXq-boweomLeh8FTJQ2J0OxokiYyl2QAArIWpLWG3BHfN2hcURwlMHalNNWy6kHJ0lMm6_YegWr89yWPrkTsev2d4UPbDWUznw38A8EX6PS4GydmjeNMwp7v9n52ogo0rniX1wArHIG2dDi17pm3h8rziH_cKOiXsWYG8cJ2OyA4hQhrPeepY0NW1sGNdNjkPWzmW3aR1s8cV-EUYH5nWSBQskxzFfUrWDoGRY1dJ1AR9I&sai=AMfl-YSB6wNDM-7EO3E7Tlavr719A_sdxveZ4fYt2QDJaM-Bz_hYlcFfptx0oSMFFKrsvQ2nzvX0qITvELYov88uuve0TbZTGHEFplKlWx8QA8KjNuDsN_4_maiOA0USgQ&sig=Cg0ArKJSzDDfg4FzlXfrEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 88A3C042F085223DFD013149EABBBB51
Requests: 12 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=160x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138402384553&pubOrder=3045656367&cb=563844402&custom=mpu&custom2=reuters_desktop_right_rail_1&custom3=111&custom4=
Frame ID: 7CB54C4E4D1335C35AFB3EE378B57640
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 7EF6D90EED341F23107C57D3DA9EF0AD
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=50352&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50352-ZrqoMTvmGqZVMQYZ8b_8XQAAABk1&isWaterfall=true&contextfeedFrameId=2611-152&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0
Frame ID: EE4974F5A16558D2737D22B7EFC7DB49
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html
Frame ID: 4FB3B4A881778D9730642ED09278E152
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418292&abgtt=6&lmt=1723508786&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=32_18~27_14~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508785954&bpp=2&bdt=115&idt=284&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&nras=1&correlator=8499082086406&frm=23&ife=4&pv=2&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=600&ifk=580892243&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31085990%2C95331690%2C95334529%2C95334829%2C95337870%2C95339225%2C95336267%2C21065725%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3620757290989394&tmod=486028010&uas=0&nvt=1&fsapi=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.ko0ehk487kek&btvi=1&fsb=1&dtd=398
Frame ID: A3FF7BB231AFF9E6F6A5CD49F2F6FBEF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=7989338871&adk=3240826221&adf=776189486&pi=t.ma~as.7989338871&w=300&abgtt=6&fwrn=3&lmt=1723508786&format=300x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508785954&bpp=1&bdt=115&idt=320&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&prev_fmts=0x0&nras=1&correlator=8499082086406&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1625&biw=1600&bih=1200&isw=300&ish=600&ifk=580892243&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31085990%2C95331690%2C95334529%2C95334829%2C95337870%2C95339225%2C95336267%2C21065725%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3620757290989394&tmod=486028010&uas=0&nvt=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.8sdndcf92cn&btvi=2&fsb=1&dtd=415
Frame ID: E0EE32D7D5797B0704A9067DE1BFCC62
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: 074C69003C80DF5B5417754E52F33B45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418291&abgtt=6&lmt=1723508786&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aicel=33&aifxl=32_7~27_8~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508786224&bpp=1&bdt=111&idt=38&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&nras=1&correlator=8499082086406&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=160&ish=600&ifk=1942806251&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95331688%2C95332924%2C95334527%2C95334830%2C95337870%2C95340227%2C95338263%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2504788918286052&tmod=486028010&uas=0&nvt=1&fsapi=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.d5etwuc3tggc&fsb=1&dtd=190
Frame ID: 79452CCECBF6D2617E276083BF5D404D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=2991599383&adk=1135573665&adf=776189487&pi=t.ma~as.2991599383&w=160&abgtt=6&fwrn=3&lmt=1723508786&format=160x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508786224&bpp=1&bdt=111&idt=58&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&prev_fmts=0x0&nras=1&correlator=8499082086406&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=393&biw=1600&bih=1200&isw=160&ish=600&ifk=1942806251&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95331688%2C95332924%2C95334527%2C95334830%2C95337870%2C95340227%2C95338263%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2504788918286052&tmod=486028010&uas=0&nvt=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.gmkzbqswdq2s&fsb=1&dtd=201
Frame ID: BA71FDA8D99A68B45A977BDEEC4462BB
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_G8Owz29GV54IIWx9MFmwrJ0y4NPWchICs0FnCGk3_v6Bk4e3deZzRDrdkZgxQWdwnN4ue-3LLYcaP6OavzKOEcCdHnXVd-mZjZSLKDOMRLkGABB9TK0JUiq8Iy5mw_ms53bAwzQpUTwbsPGVrMacE_gHpcJKD4bNgbNbpNdIusQ6ISQR9Fxa3Fcioz2O7m1kTFZO7LhmM_fluDojXJJBoTykYnhWxT0jZB-ApL-VoqboBeyRPF3OCIiEfvU30g0PRFit02IlZVjXprQx0ThlLBHYUuTGhAfnV1R7FTsRwRCkdKQpbQGmZFzIjNXnAMSltIvjeBxtnQchGXV4rxfxpdhdiv07XI2n6MAIKpEoTx7kLpvS3n8w4gctHK8qheNW5WlGWZ7AC58&sai=AMfl-YTsg4KgdY4LeydptwoyVOCe0hWMJ1ByrEZTm1htqpXdySX50dZ0q0on5zIZf6xtb_80g1yMNTu8h1KZM5eE9ocCophzQpQPtWQZ6rP-sDz1cpeYxQk-T0rwwXjrSg&sig=Cg0ArKJSzMUth6rZCrE8EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: DF346169D4A263BF4C8C4982E072E305
Requests: 10 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931336&campId=970x250&pubId=19970472&chanId=22029718962&placementId=6705308864&pubCreative=138477769157&pubOrder=3536745757&cb=1667708849&custom=leaderboard&custom2=reuters_desktop_leaderboard_atf&custom3=111&custom4=
Frame ID: 6D66289E752579FCC7CF66DB089506BB
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.4.js
Frame ID: C24267B32BC122458E021D94F6A5BC05
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C600FC155D98CF72A2F8080AE9E5171C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1DD8B366465DC60FF2B5F0D2E81B7562
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C55B8E0EDF0BFA05DB347D253AF31C8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED6EDA3DC6554605A832AA31712C10D6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

More ransomware websites disappear in aftermath of Colonial Pipeline hack | Reuters

Page URL History Show full URLs

https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-di... HTTP 301
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-di... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

basket.js (JavaScript Libraries) Expand

Overall confidence: 10%
Detected patterns

basket.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

367
Requests

95 %
HTTPS

33 %
IPv6

69
Domains

109
Subdomains

98
IPs

9
Countries

4079 kB
Transfer

17741 kB
Size

179
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.reutersagency.com/en/licensereuterscontent/?utm_medium=rcom-article-media&utm_campaign=rcom-rcp-lead
Title: Purchase Licensing Rights, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/about-us/trust-principles.html
Title: The Thomson Reuters Trust Principles., opens new tab

Search URL Search Domain Scan URL

URL: https://www.lseg.com/en/data-analytics/products/workspace?utm_source=reuters.com&utm_medium=articlebanner&utm_campaign=Reuters_ProductPage_Links
Title: <img src="https://cloudfront-us-east-2.images.arcpublishing.com/reuters/AE6BNNRLSVAQTFG5XHTC4AV6YI.jpg" alt="LSEG Workspace" />

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/reuters-about-us/
Title: About Reuters, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/careers.html
Title: Careers, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/?utm_source=website&utm_medium=reuters&utm_campaign=site-referral&utm_content=us&utm_term=0
Title: Reuters News Agency, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/brand-attribution-guidelines/
Title: Brand Attribution Guidelines, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/leadership-team/
Title: Reuters Leadership, opens new tab

Search URL Search Domain Scan URL

URL: https://static.reuters.com/resources/media/editorial/20210405/DiversityReportApril2021.pdf
Title: Reuters Diversity Report, opens new tab

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/reuters-news/id602660809
Title: Download the App (iOS), opens new tab

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thomsonreuters.reuters
Title: Download the App (Android), opens new tab

Search URL Search Domain Scan URL

URL: https://reuters.com/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://x.com/reuters
Title: X

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Reuters
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Reuters
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ReutersVideo
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10256858/
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://legal.thomsonreuters.com/en/products/westlaw
Title: Westlaw, opens new tab

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/en/onesource
Title: Onesource, opens new tab

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/en/checkpoint
Title: Checkpoint, opens new tab

Search URL Search Domain Scan URL

URL: https://www.lseg.com/en/data-analytics/products/workspace?utm_source=reuters.com&utm_medium=footer&utm_campaign=Reuters_ProductPage_Links
Title: Workspace, opens new tab

Search URL Search Domain Scan URL

URL: https://www.lseg.com/en/data-analytics/financial-data/?utm_source=reuters.com&utm_medium=footer&utm_campaign=Reuters_DataCatalogPage_Links
Title: Data Catalogue, opens new tab

Search URL Search Domain Scan URL

URL: https://www.lseg.com/en/risk-intelligence/screening-solutions/world-check-kyc-screening?utm_source=reuters.com&utm_medium=footer&utm_campaign=Reuters_ProductPage_Links
Title: World-Check, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/services/advertising-solutions/
Title: Advertise With Us, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/licensereuterscontent/?utm_medium=rcom-footer&utm_campaign=rcom-rcp-lead
Title: Purchase Licensing Rights, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html#cookies
Title: Cookies, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: Privacy, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/digital-accessibility-policy.html
Title: Digital Accessibility, opens new tab

Search URL Search Domain Scan URL

URL: https://trdigital.iad1.qualtrics.com/jfe/form/SV_8kte8gArGyCGVhz
Title: Site Feedback, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/copyright.html
Title: All rights reserved

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT HTTP 301
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=377&optin=disabled HTTP 302
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=377&optin=disabled&elqCookie=1

Request Chain 76

https://sb.scorecardresearch.com/cs/37296053/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 81

https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
https://btloader.com/tag?h=freestar-io&upapi=true

Request Chain 85

https://10844217.fls.doubleclick.net/activityi;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=166633955;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F HTTP 302
https://10844217.fls.doubleclick.net/activityi;dc_pre=CI7248ba8IcDFUbzTAIdFvkBBg;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=166633955;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F

Request Chain 90

https://rp.liadm.com/j?dtstmp=1723508783942&aid=a-07no&se=e30&duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1723508783942&aid=a-07no&se=e30&duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg&i6=MmEwMDoxNjMzOjEyODo0Ojoz&n3pc=true

Request Chain 105

https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=0IEiqJ16J5fTq%2F8pABgNdYweP24KiZW1OgN3fmP4xeo%3D

Request Chain 107

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reuters.com%2F&domain=www.reuters.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Aks0GnxjaHgxVmNsb2x2WC8rS1RuSTM4WjVxNkoxZzRqRW1SRkM0WGtFUlVUbWtzT2J0SllNV1hPVEYvZHpGTDN1dmg2eHViekFFZkpxV0Npak13Y3Z3MWV2TkZ0aWF4RkJVZ1d4OEQ1RzJISldoN2xnTVRjTUxSNU03K05yK2g2czh4NVN4SlVUa0FJVjQ2T0kxL1U3cXAyeWJ1YlVWRDV1WHhyZmhUcTB6TTV1YWw1VlArWEZqMURiZlB6bDFFWWZyRzloWk5JZG9mWDcrQy9qQzJTTWVKNTZTRjZmWVZ1NDVuWDBNQlhsODI2SUdncVl0UkZPcElnUUdSSDdwUkZlRmJ3fA&cppv=2

Request Chain 117

https://sb.scorecardresearch.com/b?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723508784366&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723508784366&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9=

Request Chain 173

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723508785-5G44DTF4-D7HH%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&adnxs_id=7215925250408129285&gdpr=0

Request Chain 174

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723508785-5G44DTF4-D7HH&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=fa8e486f-3886-4605-8a81-f3110e75ccec&id=AU1D-0100-001723508785-5G44DTF4-D7HH

Request Chain 175

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=E4D6B1E5-ED43-4A25-AB21-B9D7EC940AC8&id=AU1D-0100-001723508785-5G44DTF4-D7HH

Request Chain 177

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723508785-5G44DTF4-D7HH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723508785-5G44DTF4-D7HH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723508785-5G44DTF4-D7HH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723508785-5G44DTF4-D7HH%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fc315c29-2f77-4417-802c-45cb2f126061%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001723508785-5G44DTF4-D7HH%252526tapad_id%25253Dfc315c29-2f77-4417-802c-45cb2f126061%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fa8e486f-3886-4605-8a81-f3110e75ccec&ttd_puid=fc315c29-2f77-4417-802c-45cb2f126061%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001723508785-5G44DTF4-D7HH%2526tapad_id%253Dfc315c29-2f77-4417-802c-45cb2f126061%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&tapad_id=fc315c29-2f77-4417-802c-45cb2f126061

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&google_gid=CAESEHAcwN8ZP8vmzJQUFNogZhI&google_cver=1&google_ula=450542624,0

Request Chain 179

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwODc4NS01RzQ0RFRGNC1EN0hI

Request Chain 180

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=GiwERFnzLYe0&ev=1&pid=562316&id=AU1D-0100-001723508785-5G44DTF4-D7HH

Request Chain 182

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001723508785-5G44DTF4-D7HH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001723508785-5G44DTF4-D7HH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723508785-5G44DTF4-D7HH HTTP 302
https://ids.ad.gt/api/v1/adb_match?adb=68391133770279347971934597068881128318&id=AU1D-0100-001723508785-5G44DTF4-D7HH

367 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Redirect Chain

https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT
https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

593 KB
66 KB

1489ms
1488ms

Document
text/html

2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

af4a5f71487d00019962fbc228d3cebd9ca9aa12df160c4614da0308899a4e29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=60
content-encoding: gzip
content-security-policy: frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 00:26:22 GMT
etag: W/"930ec-mung6zCN05pPcMC9ES9rZwUAr+0"
expires: Tue, 13 Aug 2024 00:27:22 GMT
last-modified: Tue, 13 Aug 2024 00:26:22 GMT
report-to: {"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=635 origin; dur=796 ak_p; desc="1723508781304_388838166_158844016_143112_9483_1_2_-";dur=1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
x-akamai-transformed: 9 64021 0 pmb=mRUM,2
x-amz-cf-id: 1zQT47f8lAReiHyELk3Noz1dsMjRrHyDiOQ9OptN40OprDFDkshpQA==
x-amz-cf-pop: NRT12-P5
x-arc-pb-request-id: 2e9fdb7a-0dd8-4313-8dc8-486a8fed3954 62ba6090-6efd-45fa-8ddf-e58d900b4fb8
x-arc-request-id: 0.16332d17.1723508781.977c470
x-arc-ttl: -1
x-cache: Miss from cloudfront

Redirect headers

cache-control: private, max-age=60
content-length: 166
content-security-policy: frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
content-type: text/html
date: Tue, 13 Aug 2024 00:26:21 GMT
expires: Tue, 13 Aug 2024 00:27:21 GMT
location: /article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
report-to: {"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=552 origin; dur=19 ak_p; desc="1723508780673_388838133_275404806_57134_8163_2_0_-";dur=1
strict-transport-security: max-age=31536000
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
x-amz-cf-id: lXKnMBgt7EnrGNEaCzveKvsVUxMcNvuUDP6ROgHGZvGpcVMQ7-iOdg==
x-amz-cf-pop: NRT12-P5
x-arc-request-id: 0.f5322d17.1723508780.106a5806
x-arc-ttl: -1
x-cache: Miss from cloudfront

GET
H2 200 index.js Show response
www.reuters.com/pf/resources/dist/reuters/js/ 201 KB
52 KB 42ms
40ms Script
application/javascript 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

ea57209d83b887799897a609dcaa1e3833559ee5604083b5a877b8d09886b62f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000
x-amz-cf-pop: NRT12-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.f5322d17.1723508782.106a6a01
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508782781_388838133_275409409_20_8068_1_3_-";dur=1
content-length: 52813
last-modified: Thu, 08 Aug 2024 14:08:18 GMT
server: openresty
etag: W/"d1e813b7bf5a37b035f55d6ecfbe4b97"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-arc-ttl: 31536000
cache-control: public, max-age=31536000
x-amz-cf-id: atxPHf8FR9bKzb0K6k84L3ibUNx4u9bfXd0yFzoHZGbOMKHhu3a3pw==
expires: Wed, 13 Aug 2025 00:26:22 GMT

GET
H2 200 p.min.js Show response
www.reuters.com/arc/subs/ 119 KB
25 KB 38ms
36ms Script
application/javascript 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/arc/subs/p.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbdf2a38caf189ac22e81145825d2fcc067aceadcc641dd93cb0b5c08bb4c2d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: gfytwwJTXxto8ShpnoKr88TJWLONg3WU
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:22 GMT
content-security-policy: frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
x-amz-cf-pop: NRT12-P5
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000
x-arc-request-id: 0.f5322d17.1723508782.106a6602
x-cache: Miss from cloudfront
server-timing: ak_p; desc="1723508782778_388838133_275408386_472_6752_1_0_-";dur=1
content-length: 24936
last-modified: Mon, 12 Aug 2024 19:23:22 GMT
server: AmazonS3
etag: W/"31b14345d2aa68b10c013946391c749d"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
content-type: application/javascript
x-arc-ttl: 48
cache-control: public, private, max-age=48
x-amz-cf-id: HVYAh1zJWDLJKxd3evD_-WdrS9OAQjuYYscB6TUP7VKiW8tRvYTKvw==
expires: Tue, 13 Aug 2024 00:27:10 GMT

GET
H2 200 react.js Show response
www.reuters.com/pf/dist/engine/ 293 KB
93 KB 35ms
34ms Script
application/javascript 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/engine/react.js?d=207

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

f1c8051bb7e652b262a63f1eee66303294ec06c18c905c40a047383a20edda5c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000
x-amz-cf-pop: NRT12-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.66332d17.1723508782.5b96a99
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508782841_388838246_96037529_21_7856_1_2_-";dur=1
content-length: 94736
last-modified: Thu, 08 Aug 2024 14:08:19 GMT
server: openresty
etag: W/"65478869f30a51f929d2e0d23c779ed4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-arc-ttl: 31536000
cache-control: public, max-age=31536000
x-amz-cf-id: oZ3VJYqXjI2mZ0VrY797XjZiDzVoK2-JL3RZqvPsJnRHhokGFAPfnQ==
expires: Wed, 13 Aug 2025 00:26:22 GMT

GET
H2 200 article.js Show response
www.reuters.com/pf/dist/components/combinations/ 2 MB
479 KB 32ms
31ms Script
application/javascript 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/article.js?d=207

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

dcd3508ddea2fb0e5b18608d9a8210a7ae4af09e0b93561e6eb4e48a7af50bdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000
x-amz-cf-pop: NRT12-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.66332d17.1723508782.5b9650a
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508782855_388838246_96036106_22_7423_1_0_-";dur=1
content-length: 488877
last-modified: Thu, 08 Aug 2024 14:08:19 GMT
server: openresty
etag: W/"b007e43fbb0e884b28b5d3259d7ada67"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-arc-ttl: 31536000
cache-control: public, max-age=31536000
x-amz-cf-id: UOHiAIr9Yd9eu2ULz5JCJ_VBwkkoSraO9b7xsIQeHVBDnJyqUZXLpw==
expires: Wed, 13 Aug 2025 00:26:22 GMT

GET
H2 200 article.css
www.reuters.com/pf/dist/components/combinations/ 303 KB
38 KB 38ms
37ms Stylesheet
text/css 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/article.css?d=207

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

8bce13fdc604cb862198eb7f204e2121f6a40333810a4154215ff45c07857cc7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000
x-amz-cf-pop: NRT12-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.16332d17.1723508782.977c70c
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508782779_388838166_158844684_20_8879_1_2_-";dur=1
content-length: 38172
last-modified: Thu, 08 Aug 2024 14:08:19 GMT
server: openresty
etag: W/"b0d1c34750a68a2753ca8742b392e512"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-arc-ttl: 31536000
cache-control: public, max-age=31536000
x-amz-cf-id: 8jP4sR3gz2LmOdIbF7NdYtWDKWXXqaMZokEoUDoyY7gNbBewoYqZFg==
expires: Wed, 13 Aug 2025 00:26:22 GMT

GET
H2 200 style.css
www.reuters.com/pf/resources/dist/reuters/css/ 15 B
820 B 33ms
32ms Stylesheet
text/css 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=207

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

6d6068180a5c710c68c8ee0e290cb9b37b3450492d3f9e3ae46083deb152fbcf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000
x-amz-cf-pop: NRT12-P5
x-amz-server-side-encryption: AES256
x-arc-request-id: 0.66332d17.1723508782.5b96a79
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508782774_388838246_96037497_21_7129_1_1_-";dur=1
content-length: 35
last-modified: Thu, 08 Aug 2024 14:08:18 GMT
server: openresty
etag: "3c7253c0b17971959285c18f6eea6509"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-arc-ttl: 31536000
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: GQMOubBnFay7V3McgxsmPHUuQM_07ToM5aStWZZ4t8xu5M1Qge5H9Q==
expires: Wed, 13 Aug 2025 00:26:22 GMT

GET
H3 200 reuters.js Show response
tru.am/scripts/custom/ 749 B
1 KB 34ms
17ms Script
application/javascript 172.67.74.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/reuters.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b33eb92d91ab56940b23fbe85241ed60ee72464255a9b50dd949c472e48be928

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1407838
x-guploader-uploadid: ABPtcPoXuRQb0vFwEWAUGtLm6eVYc3LdnsWKMIud9nrwflv43fK3-SwXvpFus3iFa-0tPUAB0BM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Sep 2023 17:10:10 GMT
server: cloudflare
etag: W/"6321b656b97e96b22c1064f3ab2db369"
vary: Accept-Encoding
x-goog-generation: 1695229810364294
content-type: application/javascript
x-goog-hash: crc32c=fdtiSQ==, md5=YyG2Vrl+lrIsEGTzqy2zaQ==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OurSESp7ot0KdsXkUs0c%2FMK2ARKir5E3qhaZyV4jSIF8X%2F%2BdaELW4EZzZe4XIJG1LX3BFLlWR%2B7XEP%2FvxAufNE8LgnRDM23ztOUP8UGVmAI%2BIW3ZAge2TA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 749
cf-ray: 8b2492c4d8e63426-NRT
expires: Sun, 27 Jul 2025 17:22:20 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 34ms
21ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Wbr2pAeg61Hfi+2FuD0cYA==
age: 16144
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Mon, 12 Aug 2024 16:54:52 GMT
server: cloudflare
etag: 0x8DCBAEF7C83B20A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c4e76802-d01e-0101-58e8-ecd422000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b2492c44b0af6ea-NRT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202405.1.0/ 450 KB
110 KB 29ms
16ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FvJhOHkAv4E9FRANYIql4g==
age: 8152
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 111551
x-ms-lease-status: unlocked
last-modified: Tue, 16 Jul 2024 22:01:48 GMT
server: cloudflare
etag: 0x8DCA5E2E4131AEC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1588e6db-901e-0002-1ccc-d79170000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b2492c44b0cf6ea-NRT

GET
H2 200 https%3A%2F%2Farchive-images.prod.global.a201836.reutersmedia.net%2F2021%2F05%2F16%2FLYNXNPEH4F0DI-OCATC.JPG
www.reuters.com/resizer/v2/ 41 KB
42 KB 875ms
874ms Image
image/jpeg 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/v2/https%3A%2F%2Farchive-images.prod.global.a201836.reutersmedia.net%2F2021%2F05%2F16%2FLYNXNPEH4F0DI-OCATC.JPG?auth=28572ba9ea2d8b479c8853b71b8b775ef1a414bd6b41290aa14fc4bf73481cc7&width=640&quality=80

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

b64b6c97167fae4792290ee7bc7bceabd7e2ab42c867291bb950a387c7e779ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
date: Tue, 13 Aug 2024 00:26:23 GMT
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
x-amz-cf-pop: NRT12-P5
x-arc-request-id: 0.f5322d17.1723508782.106a69d7
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=MISS, edge; dur=527, origin; dur=313, ak_p; desc="1723508782777_388838133_275409367_83975_10148_1_0_-";dur=1
content-length: 41901
last-modified: Tue, 29 Aug 2023 14:44:46 GMT
server: Akamai Image Server
etag: "cee90bcdab2f5c667579441845f97ea5"
report-to: {"endpoints":[{"url":"https://reuters.report-uri.com/a/t/g"}],"group":"report-uri","include_subdomains":true,"max_age":31536000}
content-type: image/jpeg
x-arc-ttl: 300
cache-control: private, max-age=300
x-amz-cf-id: IbGUgS3DCrJ0WzV_gfNrUNchvNvnFCfk6yhhq30XJ7e7o1auP0rHVA==
expires: Tue, 13 Aug 2024 00:31:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
94 KB 154ms
91ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d82a76ef13fb52b0f71a3ca123b4fb6e33076ad42300ee59b0dfa8fa343c22e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95558
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 00:26:22 GMT

GET
H3 200 f5805236156d0cce9f4b89727f9c6f459ab2.js Show response
scaredsnakes.com/j/ 72 KB
25 KB 80ms
58ms Script
text/javascript 104.18.24.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredsnakes.com/j/f5805236156d0cce9f4b89727f9c6f459ab2.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

865a986ee85e47c5e5d7903692a6aad1334cf934a5dbbebf203c55897cf54189

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1389703183
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-asia-east1
etag: W/"22d999d288fafa817e13f43c165dcd4e08c6b244811768a13805fdac61ac4add"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-asia-east1-spot-fpd7
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
cf-ray: 8b2492c4ec0c688c-NRT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 14ms
13ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 11860
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1cbc1a24-b01e-0048-511f-2424b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8b2492c4bb6df6ea-NRT

GET
H2 200 GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 24ms
4ms Script
application/javascript 2600:140b:a00:698::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:698::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Mon, 17 Jun 2024 05:21:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 knowledge-bold.woff2
www.reuters.com/static/fonts/knowledge/ 18 KB
19 KB 8ms
6ms Font
binary/octet-stream 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/static/fonts/knowledge/knowledge-bold.woff2
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fceb9ef8db2a2793edb4cad84716b12c3eac8d25e543598b53dd5f6b44cef5e

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: GCfLjdtW4OIcOjKNOWieNq.n5cgF9ogm
date: Tue, 13 Aug 2024 00:23:33 GMT
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-P5
age: 170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 18776
last-modified: Thu, 08 Aug 2024 19:52:17 GMT
server: AmazonS3
etag: "10a65819df66989fcf3386c18b1aede9"
vary: Accept-Encoding, Origin
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: Bxxh73nh08QgJjK0H9lDLEWstUdwjy-7QJo5_QN2RVKcQzN72_9ysw==

GET
H2 200 knowledge-medium.woff2
www.reuters.com/static/fonts/knowledge/ 19 KB
20 KB 8ms
7ms Font
binary/octet-stream 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/static/fonts/knowledge/knowledge-medium.woff2
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34eca4293b3f87a1abd31c2c4c1623a12d42384698d1805e39a8a198b698c723

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: DbS1RouMfZpEEd.GA7G7UVkb2n6NFvOr
date: Tue, 13 Aug 2024 00:22:10 GMT
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-P5
age: 253
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 19804
last-modified: Tue, 02 Jul 2024 14:37:41 GMT
server: AmazonS3
etag: "166d13b9ba7aa0d3b4996c951e8b1841"
vary: Accept-Encoding, Origin
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: p65p-1noYTskm9eXCLf3rJwZmBk6DylpVAhaw-vvVl1fiRBiWF0KcQ==

GET
H2 200 knowledge-regular.woff2
www.reuters.com/static/fonts/knowledge/ 19 KB
20 KB 8ms
7ms Font
binary/octet-stream 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.reuters.com/static/fonts/knowledge/knowledge-regular.woff2
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdf1aead5ad82438cbd2105c1884c7889f0b3d8fd6870f40c1066b5f821ff180

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6Q0pb79f6Dmkb3NVdvA6sJ.1DRC_2SRX
date: Tue, 13 Aug 2024 00:22:27 GMT
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-P5
age: 236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 19676
last-modified: Thu, 08 Aug 2024 19:52:17 GMT
server: AmazonS3
etag: "d7bef618d45c11f8acda99f68be70e79"
vary: Accept-Encoding, Origin
content-type: binary/octet-stream
accept-ranges: bytes
x-amz-cf-id: u1P0fcDTzSbEioYy34CiV3_oURiAXuurbpc796QcXMp8jeoI1RpfrA==

GET
H2 200 38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/ 7 KB
3 KB 44ms
38ms XHR
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07fd832eec514aac44b1f2b8cc6540ed6f8259e41c96fa5c05324317f2842cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35819
content-md5: zfXKHr0ebpIk50Hmp1jBtw==
content-length: 2066
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jul 2024 14:27:51 GMT
server: cloudflare
etag: 0x8DCACB5F6DCDFED
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7b2f8a87-801e-00f3-6b9e-de40e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b2492c51a3cd5f9-NRT
expires: Wed, 14 Aug 2024 00:26:22 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 75 B
245 B 52ms
27ms Script
text/javascript 2606:4700::6812:1c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19aab8d6e42cc4d6e44909cfffe27ffda20bc671425389fe5d3cdd6dcd83c2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 8b2492c578e78a92-NRT
vary: Accept-Encoding
content-type: text/javascript

GET
H3 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 20ms
20ms Script
text/javascript 172.67.74.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 807424
x-guploader-uploadid: ACJd0NptBgRFsctps8LuNvvtSQs_1i_lRfbG2-JvapA9D_AeANCVJY1rBkDdZcrSLA_Rn5n0qSMxPIwsvA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation: 1658389514760491
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2B5Ho1i4N4vkvn9GLfP687UqrIkgJ80cFbRO3qgFZJmOa6B9NlNuYzWt25bkl%2F27OFWeq9mLJSb0jkHy3gct6FP4zxhYe6k3Vdfs2aq%2F3W7PABUytJVZgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 8b2492c559663426-NRT
expires: Sat, 03 Aug 2024 16:09:28 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
305 B 40ms
34ms XHR
application/json 2606:4700::6812:1c7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c7f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

291ac3898f3f28bd32810a5ef0f380363afee480e535632f0254da751f775c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2492c58bff262a-NRT
access-control-allow-headers: Content-Type

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 103 KB
28 KB 28ms
3ms Script
text/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6094d38d7fe9480541d52a653499ff659b068815ca85351a654839a020bad839

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 4g1zXPcizD7i6SabuHtuX5PuGoUxSXyx
content-encoding: br
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:24:56 GMT
x-amz-cf-pop: NRT20-C1
age: 96
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Jul 2024 22:08:40 GMT
server: AmazonS3
etag: W/"3b8de7eb206b03cfdc5b157010ac6735"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: ZVqaF7WukWM5BuJEYlO-2aonlc-QQ-CNMkMK04Cd6HHyk7xnORoCow==

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 23ms
6ms Script
application/x-javascript 23.34.99.108
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.34.99.108 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-34-99-108.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 13 Aug 2024 00:26:23 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 12 Jul 2024 05:36:33 GMT
ETag: "5fbd42741dd4da1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202407.1.0/ 451 KB
110 KB 15ms
15ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OB5ZPaM1F+xqSvW4fnjknQ==
age: 27512
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 112090
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:43 GMT
server: cloudflare
etag: 0x8DCAB84B4C53B13
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 40aab4d2-001e-0048-0fd9-dda117000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b2492c65d0ff6ea-NRT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 78 KB
6 KB 34ms
34ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fworld%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

d727e7b0f335884d4a6a3afddb3e25110789f205ecba3d0397a70c4455f711cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 8d1668b9-32ef-4daa-adc5-c669726f43f1, 8d1668b9-32ef-4daa-adc5-c669726f43f1
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.f5322d17.1723508783.106a6bb0
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783246_388838133_275409840_38_8487_1_1_-";dur=1
content-length: 4959
last-modified: Tue, 13 Aug 2024 00:20:13 GMT
server: openresty
etag: W/"13852-c9RZ2hXXpq39PZvhnubzAEOh/nE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 120
cache-control: max-age=26
x-amz-cf-id: 6z_2dR_TX8g-HPuSnSA_4YRAqfMihnC2bJ7ZZz0LrQp5b0JgZGo87g==
expires: Tue, 13 Aug 2024 00:26:49 GMT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 61 KB
5 KB 38ms
37ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fbusiness%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

8df14e12641582027690285d2ed7398de091a3335383d547468969fc42683b14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 848fb72d-cd60-43b1-8bd7-ab7440054def, 848fb72d-cd60-43b1-8bd7-ab7440054def
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.16332d17.1723508783.977c815
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783249_388838166_158844949_27_8757_2_2_-";dur=1
content-length: 4193
last-modified: Tue, 13 Aug 2024 00:26:11 GMT
server: openresty
etag: W/"f5bd-sFAhJtXIHtelbP3oblk7ajaAdmo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 300
cache-control: max-age=288
x-amz-cf-id: IBvvNn_XhTIvbJyTwwE9PPKuomYOJodXoiTpS58mwWFEr036WqmlHQ==
expires: Tue, 13 Aug 2024 00:31:11 GMT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 78 KB
5 KB 44ms
43ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fmarkets%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

29c511fefca64e798e43f8d5460e9a164333d9c3b3f2505e363c4c645e2bfd08

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 683d5e84-e3b1-49a2-88f4-e92dc3bdde77, 683d5e84-e3b1-49a2-88f4-e92dc3bdde77
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.f5322d17.1723508783.106a6bbb
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783253_388838133_275409851_17_9725_2_3_-";dur=1
content-length: 4422
last-modified: Tue, 13 Aug 2024 00:23:07 GMT
server: openresty
etag: W/"1392d-sy1TJnCLQxhb1VzVdFuAbxWrUmA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 154
cache-control: max-age=104
x-amz-cf-id: s-rXlEEzkagO-EgOGKV5Os-aBv0cbl0mz-b7oo9OWcK62f0EuHYTSA==
expires: Tue, 13 Aug 2024 00:28:07 GMT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 62 KB
5 KB 39ms
39ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fsustainability%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

1d02097681394ad6eef93d032c5f044141e6b89131fbbe0a0ee88d39f5713fa8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 5e4483d2-8e24-4a81-85ce-7f136897b62e, 5e4483d2-8e24-4a81-85ce-7f136897b62e
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.66332d17.1723508783.5b96b88
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783250_388838246_96037768_29_7877_1_2_-";dur=1
content-length: 4743
last-modified: Tue, 13 Aug 2024 00:22:27 GMT
server: openresty
etag: W/"f688-lYslgs1fjw7op41LD3e76lxwYdo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 205
cache-control: max-age=64
x-amz-cf-id: tT4V-1QDewJX0ia9Up8vub_bG2kG6iOuQOOKRe9dTJLJHZndkpooEQ==
expires: Tue, 13 Aug 2024 00:27:27 GMT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 62 KB
5 KB 36ms
35ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Flegal%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

ac6eaae89e3bb38cc362917c72836b2bf2484901208a5c608577e9afd3f90055

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 910a3ba1-c525-446b-b270-1e5d6bdccccf, 910a3ba1-c525-446b-b270-1e5d6bdccccf
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.66332d17.1723508783.5b96b85
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783246_388838246_96037765_23_7725_1_2_-";dur=1
content-length: 4571
last-modified: Tue, 13 Aug 2024 00:24:34 GMT
server: openresty
etag: W/"f68a-ggx8MlNMm8o8X8t6pO/mnVmeOlI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 300
cache-control: max-age=191
x-amz-cf-id: 58NsAZw6MXEI8ngEYpgm6xz9WLxavYRIlJmgaOwxXrfC04X-h1dq_Q==
expires: Tue, 13 Aug 2024 00:29:34 GMT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 62 KB
5 KB 40ms
40ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Fbreakingviews%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

b0cec1148d29c292b051ef4b8a5f07b423aa9ad71626d5aa4145776dddd05ea6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 6d02224a-3f3e-4b9b-8c89-5ac445c78950, 6d02224a-3f3e-4b9b-8c89-5ac445c78950
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.66332d17.1723508783.5b96b89
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783250_388838246_96037769_22_6977_1_2_-";dur=1
content-length: 4634
last-modified: Tue, 13 Aug 2024 00:23:23 GMT
server: openresty
etag: W/"f8a1-zRUNshw+p3K5Rn1j5Icwzdd5e40"
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 299
cache-control: max-age=120
x-amz-cf-id: 7ZAibTiRNpC_MQTxSb7j6NjG0L64eABNvVwXYixV5NcGYA1e8MPyuw==
expires: Tue, 13 Aug 2024 00:28:23 GMT

GET
H2 200 recent-stories-by-sections-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 71 KB
5 KB 46ms
46ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/recent-stories-by-sections-v1?query=%7B%22section_ids%22%3A%22%2Ftechnology%2F%22%2C%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

05cd6b59b9bd19aab8ea512f132c22843b1f75c3d7c99dc159fbd2c39fcd9f79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: a89269d4-56e7-4296-af44-2d16c33a9ade, a89269d4-56e7-4296-af44-2d16c33a9ade
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.16332d17.1723508783.977c819
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783260_388838166_158844953_21_9598_1_2_-";dur=1
content-length: 4719
last-modified: Tue, 13 Aug 2024 00:19:39 GMT
server: openresty
etag: W/"11b04-En6mgVEZrS2M9T3XEOeDv6gZ/Xw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 120
cache-control: max-age=0
x-amz-cf-id: sHP5lCVLNdtCFIiJQsXIObzI6wRACu6_EOp0yXBhTag6ko53aOjbLA==
expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H2 200 articles-by-trends-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 79 KB
6 KB 56ms
55ms Fetch
application/json 2600:9000:26f2:d000:15:5a3e:9d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/articles-by-trends-v1?query=%7B%22size%22%3A4%2C%22website%22%3A%22reuters%22%7D&d=207&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26f2:d000:15:5a3e:9d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

25c9b8e7cb9dae0db5af2ec376f985da44b241ef4a8c6c7130231030f7a4ea45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-arc-pb-request-id: 3c8414e4-6de7-460d-8651-fa228cd1cc15, 3c8414e4-6de7-460d-8651-fa228cd1cc15
content-encoding: gzip
via: 1.1 8d2556f8d358589fd2c70935653595a8.cloudfront.net (CloudFront)
date: Tue, 13 Aug 2024 00:26:23 GMT
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: NRT12-P5
strict-transport-security: max-age=31536000
x-arc-request-id: 0.16332d17.1723508783.977c81f
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1723508783268_388838166_158844959_34_9041_1_2_-";dur=1
content-length: 5619
last-modified: Tue, 13 Aug 2024 00:22:50 GMT
server: openresty
etag: W/"13c26-GY7YaNf6+CKMwj0YO6FzPyQayD4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-arc-ttl: 300
cache-control: max-age=87
x-amz-cf-id: KlEcb-3Ve-5FUi2lZS5wZRpjv1BU6mfDdeVwu82OwKT2RGOsOcVA6g==
expires: Tue, 13 Aug 2024 00:27:50 GMT

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 298 KB
46 KB 53ms
32ms Script
application/javascript 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd1589f452fb979ca876d514c0560ce0504047e6845b3fb70316104e3cde439

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 31
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 05 Aug 2024 13:58:20 GMT
server: cloudflare
etag: W/"4a9e8-61ef011dd6fc8"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 8b2492c76bea6872-NRT
expires: Tue, 13 Aug 2024 00:28:23 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 355ms
101ms Image
image/gif 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?ab=1&zoneid=6100134_advertisement_
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: eU_dMRO_NPgNxAvjciFDNW-VU6l_6B6qA7z2d7Usd1AAgobsBO_tuQ==

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 95 B
993 B 458ms
458ms XHR
application/json 2600:140b:1c00:38::1732:76be
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76be Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Referer: https://www.reuters.com/

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000 ; preload
max-age: 900
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
x-arc-ttl: -1
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-arc-request-id: 0.be252d17.1723508783.789564e
access-control-allow-headers: Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 95
expires: Tue, 13 Aug 2024 00:26:23 GMT

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 209ms
185ms Preflight 2600:140b:1c00:38::1732:76be
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76be Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 7200
cache-control: max-age=0, no-cache, no-store
date: Tue, 13 Aug 2024 00:26:23 GMT
expires: Tue, 13 Aug 2024 00:26:23 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; preload
x-arc-request-id: 0.be252d17.1723508783.78955d1
x-arc-ttl: -1

GET
H3 200 pubfig.min.js Show response
a.pub.network/reuters-com/ 151 KB
49 KB 37ms
21ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/reuters-com/pubfig.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/article.js?d=207

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892331505e4a765c86728fa0a8e183eb60267192537f8bfed4afa1e836589b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 10200
x-guploader-uploadid: AHxI1nM22ELzoF2v4EC-AdH4kmjggvbTcU6QW7qNjg6QXppIojG9EEYU-i8fVl4xs1yn5gXouyVD8FUjqA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 19:07:08 GMT
server: cloudflare
etag: W/"57201fe96a05525db963a16a07301ea0"
vary: Accept-Encoding
x-goog-hash: crc32c=oolPAA==, md5=VyAf6WoFUl25Y6FqBzAeoA==
x-goog-generation: 1723489628352389
access-control-allow-origin: *
content-type: application/javascript
cache-control: public, max-age=1800
x-goog-stored-content-length: 154361
access-control-expose-headers: *
cf-ray: 8b2492c80faa6839-NRT
link: <https://d.pub.network/v2/sites/reuters-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Tue, 13 Aug 2024 00:56:23 GMT

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 95 B
990 B 618ms
170ms XHR
application/json 2600:140b:1c00:38::1732:76be
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76be Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Referer: https://www.reuters.com/

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=31536000 ; preload
max-age: 900
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
x-arc-ttl: -1
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-arc-request-id: 0.be252d17.1723508783.7895747
access-control-allow-headers: Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 95
expires: Tue, 13 Aug 2024 00:26:24 GMT

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 95 B
988 B 782ms
166ms XHR
application/json 2600:140b:1c00:38::1732:76be
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76be Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Referer: https://www.reuters.com/

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=31536000 ; preload
max-age: 900
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
x-arc-ttl: -1
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-arc-request-id: 0.be252d17.1723508784.78957aa
access-control-allow-headers: Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 95
expires: Tue, 13 Aug 2024 00:26:24 GMT

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 170ms
170ms Preflight 2600:140b:1c00:38::1732:76be
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76be Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 7200
cache-control: max-age=0, no-cache, no-store
date: Tue, 13 Aug 2024 00:26:23 GMT
expires: Tue, 13 Aug 2024 00:26:23 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; preload
x-arc-request-id: 0.be252d17.1723508783.78955e2
x-arc-ttl: -1

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 172ms
172ms Preflight 2600:140b:1c00:38::1732:76be
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1c00:38::1732:76be Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 7200
cache-control: max-age=0, no-cache, no-store
date: Tue, 13 Aug 2024 00:26:23 GMT
expires: Tue, 13 Aug 2024 00:26:23 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; preload
x-arc-request-id: 0.be252d17.1723508783.78955e3
x-arc-ttl: -1

POST
H3 204 beacon
beacon.tru.am/ 0
0 209ms
192ms Fetch 172.67.74.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:23 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
surrogate-control: no-store
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ya7WDPt%2FDdkizyePkUh%2FEekhA8Tt%2FX51q18DJ5Apx0LeHZV0MVQZgckxlFTMAcu0Aja%2FQCDnBqVIFiOKUrrIO%2BinLL8b95IOpYGJK3MM%2B14CXK38get%2BuoPRp72PJTU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 8b2492c81a280aa0-NRT
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 tags.js Show response
js.datadome.co/ 157 KB
29 KB 22ms
3ms Script
text/javascript 13.33.174.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.174.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-174-21.nrt57.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: xwE673c.fkzJ8mdhNbpSFitxZIm0Cv_u
content-encoding: gzip
via: 1.1 1ea6da116083fc60c507da0ebeef580e.cloudfront.net (CloudFront)
date: Mon, 12 Aug 2024 23:27:06 GMT
strict-transport-security: max-age=15768000
x-amz-cf-pop: NRT57-C2
age: 3558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 01 Aug 2024 11:41:36 GMT
server: AmazonS3
etag: W/"ee8364483523f4897404c6a35e76d353"
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: max-age=3600, public
x-amz-cf-id: BzFXhtEfiF-VHl22r8kN3AZ0fUuxqJ3cqXM4rZJbE6QR3RFATOZehg==

GET
H/1.1

200
OK

svrGP.aspx
s2124157686.t.eloqua.com/visitor/v200/
Redirect Chain

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappe...
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-di...

49 B
448 B

238ms
237ms

Image
image/gif

192.29.13.138
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=377&optin=disabled&elqCookie=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

HTTP/1.1

Server

192.29.13.138 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 13 Aug 2024 00:26:23 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 13 Aug 2024 00:26:23 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Location: https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref2=elqNone&tzo=-540&ms=377&optin=disabled&elqCookie=1
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 461
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 39 KB
9 KB 13ms
5ms Fetch
application/json 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c24bd2b08320d1ccb2c5271d79a8f0c0544c5f234298de9a6010edb2dab938a2

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: QDmLJgim4Mn.frrvqqwnpJn5qNUALluj
content-encoding: gzip
via: 1.1 307a97273db3ed9a5fe03619bd9907b4.cloudfront.net (CloudFront)
date: Mon, 12 Aug 2024 21:48:41 GMT
x-amz-cf-pop: NRT20-C1
age: 9463
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 25 Jul 2024 20:02:50 GMT
server: AmazonS3
etag: W/"c88b6ef98ad6501d86d6fda4d1911834"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: PFhe-ewIv4kC0DCqXpPWLwzUwIsRSssdkNIAk9_uIVhC3M-rIf_cwg==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/01902773-595e-7ddc-8430-a8a73eb3153d/ 273 KB
42 KB 55ms
54ms Fetch
application/x-javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/01902773-595e-7ddc-8430-a8a73eb3153d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202407.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b22f8b1f99c2ee5032f2bba7fbe15d5ba7b8626288a2ed9667aa711a617946b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35812
content-md5: TzqhqbJJpJCI0Uy0ORgrkw==
content-length: 43077
x-ms-lease-status: unlocked
last-modified: Thu, 25 Jul 2024 14:28:11 GMT
server: cloudflare
etag: 0x8DCACB603039DD6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7b2f8ac3-801e-00f3-219e-de40e3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8b2492c83e7ed5f9-NRT
expires: Wed, 14 Aug 2024 00:26:23 GMT

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 2 KB
963 B 300ms
299ms Fetch
application/json 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=2615&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2910b72d6e95e29d0cdbb93ebef03e69a25885d511a2ddc5dfc327c890561bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 8b2492c88d4f6872-NRT
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 2 KB
953 B 315ms
315ms Fetch
application/json 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=2383&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57ff788a3286d485d204e146f963eaae248e3e90745be195942de776ab8424b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 8b2492c88d506872-NRT
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 435 B
445 B 185ms
184ms Fetch
application/json 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=1479&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15beb082b421426321619cdf5c91e22faaa57f6a4c0d3338de923dfdfd63ef35

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 8b2492c88d516872-NRT
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 478 B
381 B 196ms
196ms Fetch
application/json 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=1480&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0577799468639d33beb4baca148931b28e676bff3a67b393cfff93dd82f35c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 8b2492c88d526872-NRT
x-xss-protection: 1; mode=block

GET
H2 200 configs
d.pub.network/v2/sites/reuters-com/ 175 KB
10 KB 68ms
49ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/v2/sites/reuters-com/configs?env=PROD

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

a66ccfd805c4656fe04123a86f728267cda99d4c30367d5d4e880c5e5fda305c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 4ms
4ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 00:13:49 GMT
x-amz-version-id: 9qvxEzhMdkuAWyrcAUYn2gyyZogKC5qo
content-encoding: br
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C1
age: 1383155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Jul 2024 21:05:36 GMT
server: AmazonS3
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: gZhprGmpQnHNCGV3iaIFBXkvX9lQ_z2voeisDsrioB-V9_MMt7h51Q==

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 95ms
51ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

725bfd9ff0be5216d6ecf44932f13df036ed1f7bac5aee4b8bd29f8b74e8c522

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52651
x-xss-protection: 0
server: cafe
etag: 11248014667122208776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 14ms
2ms Script
application/javascript 151.101.108.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.108.157 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2024 20:58:07 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kcgs7200117-IAD, cache-tyo11949-TYO

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 213 KB
77 KB 135ms
133ms Script
application/javascript 2404:6800:400a:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-10844217&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80e::2008 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d96735e3b0d7f2db5e495ff22ea25190bdf9f799649655c4c5e58045df2f972d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78460
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 12ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Aug 2024 00:26:23 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58865
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1297, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: edRCIeZwYY1sa1fCYgVbjXYDoiS6LlOXU9VnycFfBQGQmckmuOCc3PGuMVKe7VvVrfJgsY6TJXkpHyCr/DTIQw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 103ms
3ms Script
application/javascript 2406:2000:a4:807::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:807::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 12 Aug 2024 23:27:17 GMT
x-amz-version-id: VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: TQKAATXVE2P3GVMG
age: 3547
x-amz-server-side-encryption: AES256
content-length: 6672
x-amz-id-2: 41oeATVxpEk2RRX1OuyraL23KB542+0Ze6l8UKHJCdw8Usz2783vjnIC4D3UeoEMrN08t5nsIpjiqBwExaNQUuUg4iBPqlOH
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 10 Jul 2024 13:59:59 GMT
server: ATS
etag: "b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 150 KB
48 KB 179ms
3ms Script
application/javascript 65.9.39.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.39.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-39-3.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:01 GMT
content-encoding: br
via: 1.1 e461cfe48b147c7ebb96d61448fb1152.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 11:26:13 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C5
age: 23
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: grCXyAV5Gogfq_besATF6GFGLkZJSupY_JNuuMWYtrC5GimyPpqkgg==

GET
H2 200 a-07no.min.js Show response
b-code.liadm.com/ 101 KB
36 KB 93ms
4ms Script
application/javascript 2600:9000:221a:ce00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-07no.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221a:ce00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 90932472b6e39c392dee868ffb46cef80a253047e904b41803554c957dc02f62

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:31:52 GMT
content-encoding: gzip
via: 1.1 1b2ec020d55b8b35f77724dc49853982.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P2
age: 3271
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=86400
x-amz-cf-id: -avdyGuoHnakU__6ymRY4JSVMDPKBxNsQ1iDMLCa4uDW-FQ39OaCZA==

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202407.1.0/assets/ 24 KB
4 KB 25ms
24ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202407.1.0/assets/otCommonStyles.css

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: HyPJ72TNHxdfOI82cqKVqA==
age: 2928
x-ms-lease-status: unlocked
last-modified: Wed, 24 Jul 2024 02:02:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d562afed-f01e-005d-56d3-dd638e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8b2492c9680ad5f9-NRT

GET
BLOB 200
OK ac403af7-7a87-4d16-8bf8-c41c38bcf53f
https://www.reuters.com/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reuters.com/ac403af7-7a87-4d16-8bf8-c41c38bcf53f
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 4ms
3ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 00:27:17 GMT
x-amz-version-id: GZkxxGQYnMYoYVnKFcnwLSgzjntbsOOq
content-encoding: gzip
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT20-C1
age: 2937547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 09 Jul 2024 22:18:04 GMT
server: AmazonS3
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: wNsA9NQxLrMhEl5wtCRX7nYmnBfv6D2284zQERXgI72TsZ-fKnY4vQ==

GET
H2 200 / Show response
optimise.net/ 275 B
870 B 23ms
5ms Fetch
application/json 34.111.152.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://optimise.net/?k=0&d=reuters.com&t=desktop&c=JP

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

239.152.111.34.bc.googleusercontent.com

Software

Resource Hash

93bb2153c6409ef1737e371fb5926acb1a496558fff5278788f651470ba04797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 google
fs-country: JP
date: Tue, 13 Aug 2024 00:26:19 GMT
fs-client-rtt: 2
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
pragma: no-cache
access-control-max-age: 3600
access-control-allow-methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: fs-client-rtt,fs-country
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires: 0

GET
H2 200 adsct
t.co/i/ 43 B
375 B 121ms
104ms Image
image/gif 117.18.232.195
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ef9eb795-0753-453c-adc8-688ce5791d84&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eed23340-fb88-4165-bab0-3d2aab4b1d91&tw_document_href=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61xp&type=javascript&version=2.3.30

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.232.195 , Australia, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 97
date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=0
server: tsa_m
content-type: image/gif;charset=utf-8
x-transaction-id: a6f80fa812c4bee9
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 05b0de95128d78f577941fbe42b7d270d5df29a69fa04287cf1e3e90e9bd207e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 124ms
102ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ef9eb795-0753-453c-adc8-688ce5791d84&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=eed23340-fb88-4165-bab0-3d2aab4b1d91&tw_document_href=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o61xp&type=javascript&version=2.3.30

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_m /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-response-time: 99
date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=631138519
server: tsa_m
content-type: image/gif;charset=utf-8
x-transaction-id: 4a52615965453e3b
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: df9692339034cb5c9564fa2171dfb558e3b634c016b92e868df77d5980d5356a
content-length: 43

GET
H2 200 1586315481640631 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1586315481640631?v=2.9.164&r=stable&domain=www.reuters.com&hme=61ff4e692c87a9a2ce7b19822df2b04638e3ca38b23c1be6c0f1945ccadb2ad5&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C167%2C170%2C182%2C178%2C179%2C181%2C29%2C98%2C52%2C75%2C180%2C162%2C165%2C175%2C176%2C183%2C127%2C40%2C34%2C139%2C15%2C49%2C189%2C188%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C163%2C166%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ae718f7ecf0409e554c04c716a473acc8778c51e276d928bafdf5164c5cddd2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 13 Aug 2024 00:26:23 GMT
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15440
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=65, mss=1297, tbw=64390, tp=-1, tpl=-1, uplat=5, ullat=-1
pragma: public
x-fb-debug: QcgOzDrR6w8DbB0z/h3i/QFb8KG5EN4JiUnmhxun0tNKf11ZaR3WV5HE1+JSepaknVxv9WLJ8IWEBDoDA+amKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 696290db1b58ec303210.js Show response
cdn.segment.com/next-integrations/actions/google-analytics-4-web/ 196 KB
55 KB 5ms
5ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/696290db1b58ec303210.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b504b32cdcea5e389725b80ed023c44131253f75085868220e15cf3256a1a713

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6N4AAXWiqwQVAy6JTPjfze3RJBZpz_SQ
content-encoding: br
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
date: Mon, 12 Aug 2024 04:21:46 GMT
x-amz-cf-pop: NRT20-C1
age: 72278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2024 17:58:56 GMT
server: AmazonS3
etag: W/"613c38bd3305cb30ef4a09fc282a8241"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: 8UMyOU8tWMmlbGiPXbyimBJo58wKmGINIHUZ4CalbRINCkqfTtuInQ==

POST
H2 200 / Show response
api-js.datadome.co/js/ 232 B
410 B 34ms
7ms XHR
application/json 54.150.112.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.150.112.144 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-112-144.ap-northeast-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 6c2c4f74a7cea042049296ab1407474567c1e985e74eb97c7ae2549022674f38

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:23 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 232
expires: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
32 KB 135ms
87ms Script
text/javascript 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f894417f370f24187401367ddb12d8939bd19fc725e8e324ec44de0fe767ba28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32694
x-xss-protection: 0
server: cafe
etag: 802 / 19948 / m202408080101 / config-hash: 11703879449924443192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H3 200 pubfig.engine.js Show response
a.pub.network/core/pubfig/5.76.1/ 361 KB
105 KB 34ms
33ms Script
text/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77bc90e5c022cd53ed2d03490bb105cb27c0097272d336ee9d05c41e0b2eab50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 10630
x-guploader-uploadid: AHxI1nPgs4Oqwh5jpz7WKN4347fw2Rfxl_2lzvnd3uLwwdz1_GQ6OC-G4YdAKYdHb2OPyRpVjSc7Qi48SQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jun 2024 11:47:21 GMT
server: cloudflare
etag: W/"522c88214aea10cad8dc21322d085959"
vary: Accept-Encoding
x-goog-generation: 1719316041459753
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=5LwbPw==, md5=UiyIIUrqEMrY3CEyLQhZWQ==
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 370139
cf-ray: 8b2492ca28806839-NRT
expires: Tue, 13 Aug 2024 01:26:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 12ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1586315481640631&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&rl=&if=false&ts=1723508783752&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4125&fbp=fb.1.1723508783749.169453839658229990&cs_est=true&ler=empty&cdl=API_unavailable&it=1723508783652&coo=false&rqm=GET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Aug 2024 00:26:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 189ms
181ms Image
image/png 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1586315481640631&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&rl=&if=false&ts=1723508783752&sw=1600&sh=1200&v=2.9.164&r=stable&ec=0&o=4125&fbp=fb.1.1723508783749.169453839658229990&cs_est=true&ler=empty&cdl=API_unavailable&it=1723508783652&coo=false&rqm=FGET

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Tue, 13 Aug 2024 00:26:23 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7402413857868613064", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=10, mss=1297, tbw=3111, tp=-1, tpl=-1, uplat=177, ullat=0
pragma: no-cache
x-fb-debug: yInTb8hOba1UTZWA9XIxjhyM7CLXO6CwjtDMHCwv933upZMxHc+17+4eryfkpu+re10k8qmN9ed/QLgDTfJkhA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7402413857868613064"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10160484.json Show response
s.yimg.com/wi/config/ 2 B
466 B 8ms
3ms XHR
application/json 2406:2000:a4:807::1
YAHOO-SG internet...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10160484.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2000:a4:807::1 , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Mon, 12 Aug 2024 23:39:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 0Y0DKFK6HFTY4NA1
age: 2827
content-length: 2
x-amz-id-2: ypP8z3N15LCTQbwanFEOf33v8dXKvUPX65gMzj74eN/comjGQ3iqMpwom4mChy7cUmzCqf8f8wI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 91ms
7ms Script
application/x-javascript 2600:9000:221b:6000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221b:6000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 17:50:04 GMT
content-encoding: gzip
via: 1.1 d0614a0036a5a0b82aa46019b45fae22.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:07:44 GMT
server: nginx
x-amz-cf-pop: NRT57-P3
age: 23779
etag: W/"665fac50-11d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Ycyf8InpbQwZJii8ZZr59VjxFYHsQSrMuPlXKFtzKD7i7xAN6-OrTw==
expires: Tue, 13 Aug 2024 17:50:03 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 90ms
6ms Script
application/x-javascript 2600:9000:221b:6000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:221b:6000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:30:05 GMT
content-encoding: gzip
via: 1.1 d0614a0036a5a0b82aa46019b45fae22.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: NRT57-P3
age: 71778
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: la_h5WE_nKWh51atM8EQX-GGFIKEosKiQPubsEj8TP-Z-285mPl9Jg==
expires: Tue, 13 Aug 2024 04:30:05 GMT

GET
H2 200 iasPET.1.js Show response
static.adsafeprotected.com/ 22 KB
7 KB 106ms
106ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id: UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205532
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Jun 2021 13:42:44 GMT
server: AmazonS3
etag: W/"51636de3ce868a2172f9e6996c2934e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: As8LybmvGbKtr3PrqURZb-4XfqJn5SZK94YIm5vH5EuDGa3RBvBCpA==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/37296053/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

10ms
6ms

Script
application/javascript

99.84.55.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 99.84.55.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-55-19.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 21:12:30 GMT
content-encoding: gzip
via: 1.1 f5ea107910388dd712f11441721cd0ae.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C3
age: 11635
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: R_-RlAZAQCsewbLsTbr_G9fVSZYM-dG3GAw3y4fDfrLSySNaT3S_FQ==

Redirect headers

date: Tue, 13 Aug 2024 00:26:23 GMT
via: 1.1 f5ea107910388dd712f11441721cd0ae.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: NRT20-C3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: B3-WaRrLrNcr2nXEM1TNYvcz2yBKnf9IcVNmE0M16yeWjOWnY448NQ==

GET
H2 200 a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js Show response
cdn.permutive.com/ 617 KB
140 KB 31ms
15ms Script
application/javascript 2606:4700::6811:7611
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d09ba9d469727e2f09cf9c9c12073ab1c22b4797680bd5f19207d1f470ce43c7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: a55a84b3-9632-4869-b625-3d8ef43ed18d
age: 0
x-guploader-uploadid: AHxI1nM4ZbEvsb_pdUUKDp_94KVlZrBbpapswofUL8Dg-6JZO1S3yMi7bzG4Sl73l-EKmimHXEFTfkMWAg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
content-length: 143013
last-modified: Sat, 10 Aug 2024 00:09:30 GMT
server: cloudflare
etag: "57e44beb5573bc67eb9340ea4d280bae"
vary: Accept-Encoding
x-goog-generation: 1723248570203379
content-type: application/javascript
x-goog-hash: crc32c=ydN9nQ==, md5=V+RL61VzvGfrk0DqTSgLrg==
cache-control: public, max-age=900
x-goog-stored-content-length: 143013
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b2492cacf36264e-NRT
expires: Tue, 13 Aug 2024 00:41:23 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
670 B 438ms
71ms Image
image/gif 54.179.182.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2013%20Aug%202024%2000%3A26%3A23%20GMT&n=-9&b=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&.yp=10160484&f=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&enc=UTF-8&us_privacy=1---&yv=1.16.0&tagmgr=gtm

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.182.207 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-182-207.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.134
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 13 Aug 2024 00:26:24 GMT

GET
H2 200 2d04d1da143afcea0dd4.js Show response
cdn.segment.com/next-integrations/actions/845/ 27 KB
8 KB 5ms
5ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/google-analytics-4-web/696290db1b58ec303210.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 6QwFHwiTFjRaoadUFPfbiMxzeAQ1Qs2f
content-encoding: br
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
date: Mon, 12 Aug 2024 15:55:40 GMT
x-amz-cf-pop: NRT20-C1
age: 30644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 02 Jul 2024 17:58:54 GMT
server: AmazonS3
etag: W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: ujB7jv4wgxzJiiiwQ_DHbuxxYQzw-hzqpE8hiULWgimqViCmwXZqhQ==

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/ 95 KB
22 KB 40ms
22ms Script
text/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/config.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c965a51152f2754a59c31d2f61e93bb43376ebbd8d963bc1e90806a1c2b6a80d

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: CDD65XGC5HHZWWKP
age: 516
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 22547
x-amz-id-2: tcko2GbhnPlwLU2HPsHtxNRJUYYdax56KlGBsDnTSpN4UlVIwudHUkml76QT1+V2NX7p3ixWqdM=
last-modified: Mon, 12 Aug 2024 22:21:17 GMT
server: cloudflare
etag: "ccf24534bcfbb523dbdc5849e940a58f"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
cf-ray: 8b2492cb3e228a5c-NRT

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://freestar-io.videoplayerhub.com/gallery.js
https://btloader.com/tag?h=freestar-io&upapi=true

55 KB
18 KB

22ms
13ms

Script
application/javascript

2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?h=freestar-io&upapi=true
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e6b8c097ed798b561e51796fc897c5d6a60f9049e49ad7f40d0ce858644447c

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 23:54:51 GMT
server: cloudflare
age: 1877
etag: "82f221c1f91a4ac64326ad18896b765a"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b2492cbaf2d6849-NRT
content-length: 18586

Redirect headers

date: Tue, 13 Aug 2024 00:26:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pnbdXrr8GSIzp8LyD3NY8yy9lgGNP2O3MwJ4WUTNQs7wVtay9HDuB5dvlCMTjlNafb4mDKbITD2z%2B6Fcz1eFJFRIxLe4%2Bo6gwPwdn0%2FvKmyQV3I3TC8pELujJVqa5N7CznSKPPWeiC4C2vMT2DeL8QF%2FnTa5mvlLJXJyBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://btloader.com/tag?h=freestar-io&upapi=true
cache-control: max-age=3600
cf-ray: 8b2492cb3d662642-NRT
content-length: 167
expires: Tue, 13 Aug 2024 01:26:23 GMT

GET
H3 200 prebid-analytics-8.49.2.js Show response
a.pub.network/core/ 581 KB
194 KB 30ms
30ms Script
text/html 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/prebid-analytics-8.49.2.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f466e8eb144636ff511dfab8f04a6a1df6ae357b69d979da098a206f656321fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 10631
x-guploader-uploadid: AHxI1nMe5EruFaPzo2_bLwkI1pqdo7JsVUFKC_BYgnguP0wx2opA52PFi17BAqssad80T3ueyTmCZNVQ3g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 17 Jun 2024 18:34:26 GMT
server: cloudflare
etag: W/"9122692025ce50d2fad0a821dce36b40"
vary: Accept-Encoding
x-goog-generation: 1718649266295872
content-type: text/html
access-control-allow-origin: *
x-goog-hash: crc32c=ueWS3g==, md5=kSJpICXOUNL60Kgh3ONrQA==
content-language: en
access-control-expose-headers: *
cache-control: public, max-age=31525369
x-goog-stored-content-length: 595373
cf-ray: 8b2492cb38d56839-NRT
expires: Tue, 12 Aug 2025 21:29:12 GMT

GET
H3 200 analytics.min.js Show response
a.pub.network/core/analytics/1.4.2/ 13 KB
6 KB 16ms
15ms Script
application/javascript 104.18.20.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.pub.network/core/analytics/1.4.2/analytics.min.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 10631
x-guploader-uploadid: AHxI1nOxOp5PuEhfOnrKFMw7qZiWB4XXjL-S1yUm4vr1Vd7EzPL7TpfZp08C0pIYi6rrezAJt2sgSyeMpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 May 2024 13:59:25 GMT
server: cloudflare
etag: W/"35dcda30703508261b9c4d8f98f94a6a"
vary: Accept-Encoding
x-goog-hash: crc32c=vucjuw==, md5=NdzaMHA1CCYbnE2PmPlKag==
x-goog-generation: 1716386365851052
access-control-allow-origin: *
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 13601
access-control-expose-headers: *
cf-ray: 8b2492cb38d76839-NRT
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Tue, 13 Aug 2024 01:26:23 GMT

POST
H3 200 5c8c65c595705a121b55be1ea6442be118393 Show response
scaredsnakes.com/post/d35e790a54f346b/ 299 B
715 B 77ms
68ms Fetch
application/json 104.18.24.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredsnakes.com/post/d35e790a54f346b/5c8c65c595705a121b55be1ea6442be118393

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96380759d5e2d30f44ff04b932b72079b16e6b5df6b8add56b56d61c1d6364f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1389703183
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-asia-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reuters.com
x-hostname: fen-hoothoot-asia-east1-spot-fpd7
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8b2492cb4bda34ff-NRT
expires: Tue, 13 Aug 2024 00:26:22 GMT

GET
H2

200

activityi;dc_pre=CI7248ba8IcDFUbzTAIdFvkBBg;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-...
10844217.fls.doubleclick.net/ Frame 88DD
Redirect Chain

https://10844217.fls.doubleclick.net/activityi;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-produc...
https://10844217.fls.doubleclick.net/activityi;dc_pre=CI7248ba8IcDFUbzTAIdFvkBBg;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reu...

0
0

68ms
67ms

Document
text/html

142.250.76.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10844217.fls.doubleclick.net/activityi;dc_pre=CI7248ba8IcDFUbzTAIdFvkBBg;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=166633955;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10844217&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.134 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 474
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:24 GMT
expires: Tue, 13 Aug 2024 00:26:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10844217.fls.doubleclick.net/activityi;dc_pre=CI7248ba8IcDFUbzTAIdFvkBBg;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=166633955;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipe...
ad.doubleclick.net/ 0
23 B 104ms
50ms Image
image/png 172.217.25.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=10844217;type=remarket;cat=allpages;ord=6041596976761;npa=0;auiddc=883357341.1723508784;u1=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;u2=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters;ps=1;pcor=166633955;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4880v9190294677z8835251020za201zb835251020;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F?

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"15261665604773820385"}],"aggregatable_trigger_data":[{"filters":[{"14":["11180872"]}],"key_piece":"0xe851e10a96f88442","source_keys":["12","13","14","15","16","17","18","19","20","21","16785176","16785177","16785178","16785179","628551132","628551133","628551134","628551135"]},{"key_piece":"0x92e912fd53fe2ba","not_filters":{"14":["11180872"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","16785176","16785177","16785178","16785179","628551132","628551133","628551134","628551135"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"16785176":163,"16785177":163,"16785178":163,"16785179":15892,"17":65,"18":6356,"19":65,"20":65,"21":6356,"628551132":32,"628551133":32,"628551134":32,"628551135":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"8741281553106466452","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15261665604773820385","filters":[{"14":["11180872"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15261665604773820385","filters":[{"14":["11180872"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15261665604773820385","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15261665604773820385","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["10844217"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 4ms
4ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 17:04:33 GMT
content-encoding: gzip
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-version-id: EFE9lusc4JimpUbDBPawD3guBabh51Lw
x-amz-cf-pop: NRT20-C1
age: 2964111
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Mon, 03 Jun 2024 14:40:12 GMT
server: AmazonS3
etag: "6a3ed21f9b6777c0c37e6e248ea22387"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: MPqfI2-4-cF7o3nqcZfvnwMN6QM6U4dTHBMWtiG8NPQ46ZClHax4oQ==

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 4ms
4ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3999ddde00a86aa8cac52ba54aa3cbf69ccd2ff81a1ecbf5d179eeee6ac835c1

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 17:04:22 GMT
content-encoding: gzip
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-version-id: DoW4mJHS0hsNZpGbS4scbmBbg7UReS6C
x-amz-cf-pop: NRT20-C1
age: 2964122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15523
last-modified: Mon, 03 Jun 2024 14:40:13 GMT
server: AmazonS3
etag: "1e6ed20ae1ef59e0a54725d717b8454f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: K4PZmOxELX_l0XrtQWl1R-6y8IvqqHYKRKyK9IZ34spbDGQx60rjFQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
101 KB 96ms
95ms Script
application/javascript 142.250.206.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WBSR7WLTGD

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7d71f8ec99ba1079fa5786d59dcf0f757134fcccdb591a130e3fcec1dc21f23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1723508783942&aid=a-07no&se=e30&duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline...
https://rp4.liadm.com/j?dtstmp=1723508783942&aid=a-07no&se=e30&duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipelin...

13 B
347 B

586ms
169ms

XHR
application/json

52.7.252.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?dtstmp=1723508783942&aid=a-07no&se=e30&duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg&i6=MmEwMDoxNjMzOjEyODo0Ojoz&n3pc=true
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.7.252.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-252-0.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
x-pixel-event-id: 9f9b0194-3ea4-4424-816c-eb2e03fde882
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?dtstmp=1723508783942&aid=a-07no&se=e30&duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&tv=v2.14.3&pu=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&us_privacy=1---&wpn=lc-bundle&cd=.reuters.com&c=PHRpdGxlPk1vcmUgcmFuc29td2FyZSB3ZWJzaXRlcyBkaXNhcHBlYXIgaW4gYWZ0ZXJtYXRoIG9mIENvbG9uaWFsIFBpcGVsaW5lIGhhY2sgfCBSZXV0ZXJzPC90aXRsZT48bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iVHdvIG1vcmUgcmFuc29td2FyZSBvcGVyYXRvcnMgYXBwZWFyIHRvIGhhdmUgZGlzYXBwZWFyZWQgZnJvbSB0aGUgd2ViLCBhIGN5YmVyc2VjdXJpdHkgcmVzZWFyY2hlciBzYWlkIG9uIFN1bmRheSwgaW4gYW5vdGhlciBwb3RlbnRpYWwgYWZ0ZXJzaG9jayBmb2xsb3dpbmcgdGhpcyBtb250aCdzIGhhY2sgb2YgVS5TLiBmdWVsIHRyYW5zcG9ydCBjb21wYW55IENvbG9uaWFsIFBpcGVsaW5lLiI-PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdGVjaG5vbG9neS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIj48aDEgZGF0YS10ZXN0aWQ9IkhlYWRpbmciIGNsYXNzPSJ0ZXh0X190ZXh0X18xRlpMZSB0ZXh0X19kYXJrLWdyZXlfXzNNbDQzIHRleHRfX21lZGl1bV9fMWtiT2ggdGV4dF9faGVhZGluZ18zX18xa0RoYyBoZWFkaW5nX19iYXNlX18yVDI4aiBoZWFkaW5nX19oZWFkaW5nXzNfXzNhTDU0Ij5Nb3JlIHJhbnNvbXdhcmUgd2Vic2l0ZXMgZGlzYXBwZWFyIGluIGFmdGVybWF0aCBvZiBDb2xvbmlhbCBQaXBlbGluZSBoYWNrPC9oMT48dGl0bGUgaWQ9IlRleHRJY29uSWQiPlRleHQ8L3RpdGxlPjx0aXRsZSBpZD0iU21hbGxUZXh0SWNvbklkIj5TbWFsbCBUZXh0PC90aXRsZT48dGl0bGUgaWQ9Ik1lZGl1bVRleHRJY29uSWQiPk1lZGl1bSBUZXh0PC90aXRsZT48dGl0bGUgaWQ9IkxhcmdlVGV4dEljb25JZCI-TGFyZ2UgVGV4dDwvdGl0bGU-PHRpdGxlIGlkPSJTaGFyZUljb25JZCI-U2hhcmU8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iTGlua2VkaW5JY29uSWQiPkxpbmtlZGluPC90aXRsZT48dGl0bGUgaWQ9IkVtYWlsSWNvbklkIj5FbWFpbDwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rSWNvbklkIj5MaW5rPC90aXRsZT48dGl0bGUgaWQ9IlNoYXJlSWNvbklkIj5TaGFyZTwvdGl0bGU-PHRpdGxlIGlkPSJUd2l0dGVySWNvbklkIj5YPC90aXRsZT48dGl0bGUgaWQ9IkZhY2Vib29rSWNvbklkIj5GYWNlYm9vazwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPjx0aXRsZSBpZD0iRW1haWxJY29uSWQiPkVtYWlsPC90aXRsZT48dGl0bGUgaWQ9IkxpbmtJY29uSWQiPkxpbms8L3RpdGxlPjx0aXRsZSBpZD0iVHdpdHRlckljb25JZCI-WDwvdGl0bGU-PHRpdGxlIGlkPSJGYWNlYm9va0ljb25JZCI-RmFjZWJvb2s8L3RpdGxlPjx0aXRsZSBpZD0iSW5zdGFncmFtSWNvbklkIj5JbnN0YWdyYW08L3RpdGxlPjx0aXRsZSBpZD0iWW91dHViZUljb25JZCI-WW91dHViZTwvdGl0bGU-PHRpdGxlIGlkPSJMaW5rZWRpbkljb25JZCI-TGlua2VkaW48L3RpdGxlPg&i6=MmEwMDoxNjMzOjEyODo0Ojoz&n3pc=true
access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:24 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 19ms
19ms Script
text/javascript 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 10:20:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50732
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Aug 2025 10:20:51 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 509ms
168ms Image
image/gif 52.206.104.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=reuters.com&p=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&u=TMOjZwx5qNCn7uca&d=reuters.com&g=52639&g0=Technology&g1=Raphael%20Satter&g4=regular-article&nc=1&c=0&x=0&m=0&y=5172&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&b=3553&t=C7CmrjcnJvnD1MpYODuvuwRSIFPk&V=147&i=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&tz=-540&_acct=anon&sn=1&sv=DOfdS5FvpJXC7LYrWBFn4_yDjOOdo&sr=external&sd=1&im=067b0cff&_
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.104.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-104-174.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 263 B
562 B 340ms
168ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=reuters.com&domain=reuters.com&path=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37fa714e469dacbc174f44741436eb7b7325daf3aa670f921526db70f2e6bf90

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sun, 11 Aug 2024 00:26:24 GMT
date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 203
x-served-by: cache-nrt-rjtf7700072-NRT
x-timer: S1723508784.176842,VS0,VE165
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 300 KB
107 KB 13ms
13ms Script
application/javascript 104.18.20.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/2hM0ZNne-9T1MoOzybLgfOGLqg0/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.20.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 335GZGA3F2MC3B2C
age: 6394546
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 109265
x-amz-id-2: 7IrhZ9IlFGZ2j+9iy244a3xvv4ov5hX3CLnhTzy7Od2IGD8zCpxduMLBjL/4dJUyulM+R/BtDB4=
last-modified: Mon, 12 Feb 2024 15:11:18 GMT
server: cloudflare
etag: "3d93a0af15b12fc9dbbc93edd96a2b7f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8b2492cc1f3f8a5c-NRT

GET
BLOB 200
OK 3825f40e-50ad-4c18-a4b7-fa674f5ca254
https://www.reuters.com/ 389 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.reuters.com/3825f40e-50ad-4c18-a4b7-fa674f5ca254
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60683094c3e55c42f072fb9394c040403ebb8fa2b198a6a920dc10960cab00a0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 398339
Content-Type

GET
H2 200 commons.a61d7bea37d2de5d4b69.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 70 KB
22 KB 4ms
4ms Script
application/javascript 13.35.27.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.27.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-27-29.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 17:04:22 GMT
content-encoding: gzip
via: 1.1 9bf92639763e2dc7c1ea8eb4814a239e.cloudfront.net (CloudFront)
x-amz-version-id: V.SxMmReU8g28xcE4bFlqm5TAakYuTpt
x-amz-cf-pop: NRT20-C1
age: 2964123
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 21911
last-modified: Mon, 03 Jun 2024 14:40:11 GMT
server: AmazonS3
etag: "c467a63b2e7c3a99be423ace649014d8"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: RIugKvOAquLm30kwvNw1ecB84fu1J9vBYDbXlI6BHEwWcqWPJh7xYw==

GET
H2 200 websiteconfig Show response
btloader.com/ 728 B
663 B 22ms
14ms Fetch
application/json 2606:4700:10::6816:4bd8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=reuters.com
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4bd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 271bdec2cdd30742b94baeb064fc1d66e8f3fffbf3d7252ffaff60b3cecbe031

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 12 Aug 2024 23:53:21 GMT
server: cloudflare
age: 1777
etag: "8f4493fab1fe620c7ae325f571b3d7e2"
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 8b2492cceeb02621-NRT
content-length: 381

GET
H2 200 px.gif
ad-delivery.net/ 43 B
925 B 20ms
10ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818235
x-guploader-uploadid: ABPtcPpag7yP9AhBVuaaF3oPtfX3M-Brg_TQfmpbxEYES8rw9pR5YL-HLNb1OUzD9fZh4PppaDBjeA4j-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J0srjtr47BgSdkVphdGcFIRK0SHo9NVwhm0%2Fre1K1LLb54k%2BqMq24Fm7U96%2B37bpykM0FVTPWziOTk8U1opY71hphAZrQwSlap2w9ZWyIe%2BPbp%2Fk2xUOyckSXA6bii0ZN%2F%2BiNtZrKCL2w%2BjhDw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8b2492ccfa5d351d-NRT
expires: Wed, 14 Aug 2024 00:26:24 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 12ms
11ms Image
image/x-icon 172.217.25.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sin01s16-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 08:35:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 08:35:21 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
339 B 20ms
12ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.7318528668653412
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 818235
x-guploader-uploadid: ABPtcPpag7yP9AhBVuaaF3oPtfX3M-Brg_TQfmpbxEYES8rw9pR5YL-HLNb1OUzD9fZh4PppaDBjeA4j-w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vJFh%2FnwZzyaNaMN%2Fy2D8bmblopudc%2BiLBethyO78I8N12Q6aWhlpKn5ES%2FnIDjDXhbv4P89frNygqOWHfPam7SmB0iDe4HHEhwJPqzTVDrUKMG1MeiC7vUxTiOvItXCNV1zj4V4x0KvlVcVDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8b2492ccfa5e351d-NRT
expires: Wed, 14 Aug 2024 00:26:24 GMT

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 51 B
214 B 70ms
48ms XHR
application/json 2600:140b:a800:6b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW&d=www.reuters.com&t=5745029&v=1.632.0&sl=0&si=9ecvodyvlqf-si4rvz&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=656997
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800:6b8::11a6 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6aff8294af9ed8a0de81943befa1bf28a20befd348f4df64bd30a201d37b8504

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 00:26:24 GMT
cache-control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 51
content-type: application/json

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 15ms
7ms Preflight
application/json 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reuters.com%2F&domain=www.reuters.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Aug 2024 00:26:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 214191
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 33ms
19ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNMNHQXA94JVW78
age: 4037
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8b2492cd2a012047-NRT
x-amz-id-2: FNS8Lc8R9Qji432eQyZbGDDgvyWHvIXmOzDykwh9qe1J2fX8u6aO0aANuFN3vxu6aVi9rB6lRRQ=

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/PV483g/ 22 KB
8 KB 18ms
4ms Script
text/javascript 34.120.111.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.111.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c509862f8eeee6bff0dadf913f679fe1d7b9a0e1706c4d5927cc494a0ee54b99

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 20:41:30 GMT
content-encoding: gzip
age: 13494
x-guploader-uploadid: AHxI1nNEe0Lq7d1MJCDN3vB90qDEJG_Y-tOcahJFkiprITTpdRDKVU2Joib7FLAJ66maVt3CAb4UY-d6hg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7359
last-modified: Fri, 26 Jul 2024 15:48:38 GMT
server: UploadServer
etag: "3780a6ce450ee27499532356da75f0ca"
x-goog-generation: 1722008918218582
x-goog-hash: crc32c=7Siytw==, md5=N4CmzkUO4nSZUyNW2nXwyg==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7359
accept-ranges: bytes
expires: Tue, 13 Aug 2024 20:41:30 GMT

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=0IEiqJ16J5fTq%2F8pABgNdYweP24KiZW1OgN3fmP4xeo%3D

42 B
138 B

94ms
93ms

Fetch
application/json

35.244.193.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=0IEiqJ16J5fTq%2F8pABgNdYweP24KiZW1OgN3fmP4xeo%3D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Tue, 13 Aug 2024 00:26:23 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://www.reuters.com
location: https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.2&coppa=0&b=1&tp=0IEiqJ16J5fTq%2F8pABgNdYweP24KiZW1OgN3fmP4xeo%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58657/ 2 B
382 B 451ms
74ms Fetch
application/json 18.143.106.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/&pixelId=58657

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.143.106.89 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.134 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.134
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.reuters.com
content-type: application/json
access-control-allow-credentials: true

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reuters.com%2F&domain=www.reuters.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Aks0GnxjaHgxVmNsb2x2WC8rS1RuSTM4WjVxNkoxZzRqRW1SRkM0WGtFUlVUbWtzT2J0SllNV1hPVEYvZHpGTDN1dmg2eHViekFFZkpxV0Npak13Y3Z3MWV2TkZ0aWF4RkJVZ1d4OEQ1RzJISldoN2xnTVRjTUxSNU03K0...

351 B
642 B

7ms
3ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Aks0GnxjaHgxVmNsb2x2WC8rS1RuSTM4WjVxNkoxZzRqRW1SRkM0WGtFUlVUbWtzT2J0SllNV1hPVEYvZHpGTDN1dmg2eHViekFFZkpxV0Npak13Y3Z3MWV2TkZ0aWF4RkJVZ1d4OEQ1RzJISldoN2xnTVRjTUxSNU03K05yK2g2czh4NVN4SlVUa0FJVjQ2T0kxL1U3cXAyeWJ1YlVWRDV1WHhyZmhUcTB6TTV1YWw1VlArWEZqMURiZlB6bDFFWWZyRzloWk5JZG9mWDcrQy9qQzJTTWVKNTZTRjZmWVZ1NDVuWDBNQlhsODI2SUdncVl0UkZPcElnUUdSSDdwUkZlRmJ3fA&cppv=2

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ab414e3fd2457835c0c9be15805841599bc3aff63e1b3f853292de53a4119729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 580291
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://www.reuters.com
location: https://mug.criteo.com/sid?cpp=Aks0GnxjaHgxVmNsb2x2WC8rS1RuSTM4WjVxNkoxZzRqRW1SRkM0WGtFUlVUbWtzT2J0SllNV1hPVEYvZHpGTDN1dmg2eHViekFFZkpxV0Npak13Y3Z3MWV2TkZ0aWF4RkJVZ1d4OEQ1RzJISldoN2xnTVRjTUxSNU03K05yK2g2czh4NVN4SlVUa0FJVjQ2T0kxL1U3cXAyeWJ1YlVWRDV1WHhyZmhUcTB6TTV1YWw1VlArWEZqMURiZlB6bDFFWWZyRzloWk5JZG9mWDcrQy9qQzJTTWVKNTZTRjZmWVZ1NDVuWDBNQlhsODI2SUdncVl0UkZPcElnUUdSSDdwUkZlRmJ3fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 326239
content-length: 0
expires: 0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
318 B 92ms
16ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=www.reuters.com
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7522414b9a7d076f4978fd6d895b083a6c9131b477d315b481431caac9c5bb97

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
server: cloudflare
allow: POST, OPTIONS, GET
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 8b2492cdae2dafc1-NRT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
664 B 756ms
250ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.reuters.com
content-type: application/json;charset=UTF-8
date: Tue, 13 Aug 2024 00:26:23 GMT
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p: CP="CAO PSA OUR"

GET
H2 204 envelope Show response
api.rlcdn.com/api/identity/ 0
279 B 170ms
150ms Fetch 34.107.165.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13928
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.165.188 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 188.165.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 any Show response
idx.liadm.com/idex/did-0047/ 0
371 B 525ms
172ms Fetch 52.207.144.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/did-0047/any?duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&did=did-0047&cd=.reuters.com&pu=https%3A%2F%2Fwww.reuters.com&resolve=nonId&resolve=uid2&resolve=index&resolve=bidswitch&resolve=pubmatic&resolve=magnite&resolve=openx&resolve=thetradedesk&resolve=medianet

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.144.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-144-134.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 1
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=3599, private
access-control-allow-credentials: true
trace-id: 0b6fc902f65e815a
expires: Tue, 13 Aug 2024 01:26:24 GMT

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
563 B 17ms
5ms Fetch
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: ec25581a23ee67e0795e7f8042c6f7cc62119e72ec5048110c8c55bff4880d10

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Thu, 12 Sep 2024 00:26:24 GMT

GET
H2 200 22876227373 Show response
fundingchoicesmessages.google.com/i/ 203 KB
67 KB 102ms
62ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22876227373?href=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT&ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

995540fade9df8f6ba38f4de4fdbecd63be2d92d43e17181408729c75ae8dfb1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3LZNckwPYyjzzAiIxP1Vjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-3LZNckwPYyjzzAiIxP1Vjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDg2XHi1lU3gwMFj_YxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgYWhoZ6BubxBQYAqLVAEg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
10 KB 412ms
80ms Script
application/javascript 2620:116:800e:21:6c50:dbee:bef5:203d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.76.1/pubfig.engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
etag: "tIg8n6xaLBY4WwNLLw9OGA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 20 Aug 2024 00:26:24 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 653 B
630 B 186ms
76ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_1x1_bouncex,ss:%5B1.1%5D,p:/4735792/reuters.com/bouncex,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e1f093f89ab82413207b9fd5f4cb4de8b0defffe3a5dc0250b699c70fa0d3a77

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 8ms
2ms Preflight
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Aug 2024 00:26:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 194524
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723508784366&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723508784366&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2...

0
224 B

226ms
226ms

Image
text/plain

99.84.55.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723508784366&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 99.84.55.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-55-19.nrt20.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
via: 1.1 f5ea107910388dd712f11441721cd0ae.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: NRT20-C3
x-amz-cf-id: O4wnmm5Pngx6IsUAST1KdZb22PjHJP544WINioJxVOm69XfpPl3aDQ==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 13 Aug 2024 00:26:24 GMT
via: 1.1 f5ea107910388dd712f11441721cd0ae.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: NRT20-C3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=37296053&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1723508784366&ns_c=UTF-8&cs_ucfr=0&cs_fpid=*null&cs_fpit=*null&cs_fpdm=*null&cs_fpdt=*null&c7=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&c8=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&c9=
content-length: 0
x-amz-cf-id: RxyuCUYXoBxoa5Vv79GEQ8KnGO_8xzqH_CSvW7xiPV9EGKKG-6AacA==

POST
H3 200 5c8c65c595705a121b55be1ea6442be118393 Show response
scaredsnakes.com/d25e790a54f346b/ 3 B
455 B 83ms
83ms Fetch
application/json 104.18.24.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scaredsnakes.com/d25e790a54f346b/5c8c65c595705a121b55be1ea6442be118393

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.24.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
x-buildnumber: 1389703183
alt-svc: h3=":443"; ma=86400
content-length: 3
server: cloudflare
x-datacenter: gce-asia-east1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reuters.com
x-hostname: fen-hoothoot-asia-east1-spot-fpd7
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 8b2492ce7ed534ff-NRT
expires: Tue, 13 Aug 2024 00:26:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 4ms
3ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Aug 2024 23:45:33 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2451
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 13 Aug 2024 01:45:33 GMT

GET
H2 200 country Show response
api.btloader.com/ 37 B
215 B 159ms
151ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country?o=5714937848528896
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 2fc364844767afcfcadb2bd75ae41d008d1ac70351d355f03d3d4814c09bc09d

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37

GET
H/1.1 200
OK svrGP Show response
s2124157686.t.eloqua.com/visitor/v200/ 79 B
582 B 188ms
188ms Script
application/javascript 192.29.13.138
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=2124157686&ms=377

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.29.13.138 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

c16cc4ad1d41faba72592a20cd8f50ef779cf16e05c115034fa7c2fade845b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Tue, 13 Aug 2024 00:26:24 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 107
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 121 B
257 B 123ms
122ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.reuters.com&url=https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7d95daaf9dd4a2a49ad95e52ce1f131b5cb4c7092c6420ce0fcd444149aa81f

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization,content-type
cf-ray: 8b2492cfd968afc1-NRT

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 121ms
120ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.reuters.com&url=https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 8b2492cf185dafc1-NRT
content-length: 0
content-type: application/json
date: Tue, 13 Aug 2024 00:26:24 GMT
debug: OPTIONS block
server: cloudflare

GET
H2 200 AGSKWxXC85gH0Dl12hyY-0qL2iRNL-jj7Jm5NRBiXnbmj2d4z12vD1hqJyDmSSd-SskSUkb_uFqr4Rs3k0uaG1MqS6X12Nwk-jwxR_iatctvK58Cr-nkfLFrEsZMijje6fBWGojfdeZvVw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 57ms
57ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXC85gH0Dl12hyY-0qL2iRNL-jj7Jm5NRBiXnbmj2d4z12vD1hqJyDmSSd-SskSUkb_uFqr4Rs3k0uaG1MqS6X12Nwk-jwxR_iatctvK58Cr-nkfLFrEsZMijje6fBWGojfdeZvVw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTA4Nzg0LDUyNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucmV1dGVycy5jb20vYXJ0aWNsZS91cy11c2EtcHJvZHVjdHMtY29sb25pYWwtcGlwZWxpbmUtcmFuc29tL21vcmUtcmFuc29td2FyZS13ZWJzaXRlcy1kaXNhcHBlYXItaW4tYWZ0ZXJtYXRoLW9mLWNvbG9uaWFsLXBpcGVsaW5lLWhhY2staWRVU0tDTjJDWDBLVC8iLG51bGwsW1s4LCJva2xWWk4zaEh3OCJdLFs5LCJqYSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjldLG51bGwsMTRdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/am=XDA/d=1/rs=AJlcJMwPsGdESBCbSdSsXYoHuHF5ndqdnQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62bf7cc75fd49bab4a4c572158661fd9ccfb265256f98cb985d38e8a25e06b67

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MhBoaRD5dy9owukyFfP4XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MhBoaRD5dy9owukyFfP4XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDg2XHi1lU1gxuU_PUxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgYWhoZ6BubxBQYAqEJAJw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9B0E 0
0 59ms
11ms Document
text/html 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29247
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Aug 2024 23:54:27 GMT
expires: Tue, 13 Aug 2024 00:44:27 GMT
last-modified: Mon, 12 Aug 2024 19:45:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 150ms
150ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=P1n08oSvv&w=5689481349824512&o=5714937848528896&cv=2.1.48&widget=false&checksum=f9133749&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&sid=wRGW8O3n&pm=true&upapi=true
Requested by: Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Aug 2024 00:26:24 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

OPTIONS
H2 200 rtd
id.hadron.ad.gt/api/v1/ Frame 0
0 125ms
125ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 8b2492cf58c7afc1-NRT
content-length: 0
content-type: application/json
date: Tue, 13 Aug 2024 00:26:24 GMT
debug: rtd-nx-sv
server: cloudflare

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
86 B 122ms
121ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 8b2492d029d3afc1-NRT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 50ms
43ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

OPTIONS
H2 200 c
c.pub.network/v2/ Frame 0
0 55ms
39ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 13 Aug 2024 00:26:24 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 google

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1014 B 3ms
2ms Script
text/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:46:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Aug 2024 00:46:33 GMT

GET
H2 200 pxid Show response
a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co/v2.0/ 46 B
385 B 268ms
252ms XHR
application/json 35.241.9.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co/v2.0/pxid?k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 7807f4740735457f48be40a489cd920d92e6174873447f28313da1c3ce30d277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
701 B 207ms
69ms XHR
application/json 103.43.90.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.53 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
an-x-request-uuid: 31e640d5-701d-49b4-8f59-86ec4fe14cc4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.167; 31.204.145.167; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 5D9A 0
0 240ms
3ms Document
text/html 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=158374
content-encoding: gzip
content-length: 859
content-type: text/html
date: Tue, 13 Aug 2024 00:26:24 GMT
expires: Wed, 14 Aug 2024 20:25:58 GMT
last-modified: Tue, 21 Mar 2023 05:02:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 topics_frame.html
pa.openx.net/ Frame 373B 0
0 13ms
3ms Document
text/html 34.36.214.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.openx.net/topics_frame.html?bidder=openx
Requested by: Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.214.36.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-length: 1036
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 00:19:34 GMT
etag: "c5379e35e267deacc52e06ed0f5fa81f"
last-modified: Mon, 22 Jan 2024 14:38:43 GMT
server: UploadServer
supports-loading-mode: fenced-frame
vary: Origin
x-allow-fledge: true
x-goog-generation: 1705934323795552
x-goog-hash: crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1036
x-guploader-uploadid: AHxI1nOwooDKRldNmNcWeUz2xNk06vtExkvfpneLe5byqC_e1etllOXT6bQpG1Gh1Yr8D94bteJE5sVg8Q

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 88ms
87ms XHR
text/plain 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a3614319da4644172f68e7a82236a24f257e9d9cb903519c68aa9611d4de39ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12559
x-xss-protection: 0
google-lineitem-id: 6706797525
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138472987123
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC5B 0
0 161ms
41ms Document
text/html 2404:6800:4004:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:24 GMT
expires: Tue, 13 Aug 2024 00:26:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 AGSKWxUQ0Bueh5MZRARC6rrbdbGXSPTYcL_r16MtJGjPj9tLTZe5zzU6K2UIiqnER42oLMfWMifYp_vgbC8S10zjb4FnCLVQI-fUnO1u6GXlYBMkY5ZNTQjesr14US4b7D4by4eynQzQuQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 64ms
63ms Script
application/javascript 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUQ0Bueh5MZRARC6rrbdbGXSPTYcL_r16MtJGjPj9tLTZe5zzU6K2UIiqnER42oLMfWMifYp_vgbC8S10zjb4FnCLVQI-fUnO1u6GXlYBMkY5ZNTQjesr14US4b7D4by4eynQzQuQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTA4Nzg0LDYzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImphIl0sImh0dHBzOi8vd3d3LnJldXRlcnMuY29tL2FydGljbGUvdXMtdXNhLXByb2R1Y3RzLWNvbG9uaWFsLXBpcGVsaW5lLXJhbnNvbS9tb3JlLXJhbnNvbXdhcmUtd2Vic2l0ZXMtZGlzYXBwZWFyLWluLWFmdGVybWF0aC1vZi1jb2xvbmlhbC1waXBlbGluZS1oYWNrLWlkVVNLQ04yQ1gwS1QvIixudWxsLFtbOCwib2tsVlpOM2hIdzgiXSxbOSwiamEiXSxbMjIsInRydWUiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY5XSxudWxsLDE0XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

f77bbd8e2c78a97a819e5d88732de7c4e7e94e9e4b658d2952f96237233e1deb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P_454nKm7fURNDGsKme7PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P_454nKm7fURNDGsKme7PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDg2XHi1lU3gxPqNh5mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDA31DMzjCwwAqLNAIg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame F874 169 B
324 B 20ms
20ms Stylesheet
text/css 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 4772
cf-polished: origSize=199
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2492d01bce6872-NRT
expires: Tue, 13 Aug 2024 04:26:24 GMT

GET
H2 200 smartads.epl
www.dianomi.com/ Frame 5433 0
0 389ms
380ms Document
text/html 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=10165&numAds=6&cf=545.1479.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10165-ZrqoL4cRyrO704Non8cdxgAAABU0&responsiveHeight=1&contextfeedFrameId=1479-673&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8b2492d03dbe7366-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:25 GMT
expires: now
link: </img/a/pss/4203/15.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame F874 1 KB
1 KB 32ms
30ms Image
image/webp 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 132047
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b2492d02bd46872-NRT
expires: Thu, 12 Sep 2024 10:26:24 GMT

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame F874 77 B
137 B 193ms
192ms Image
image/gif 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.1479.Reuters&geo_ccod=jp

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8b2492d02bd86872-NRT
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 12 Aug 2024 00:26:24 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame B3F2 1 KB
0 30ms
30ms Image
image/webp 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 132047
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b2492d02bd46872-NRT
expires: Thu, 12 Sep 2024 10:26:24 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame B3F2 169 B
0 15ms
15ms Stylesheet
text/css 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4772
cf-polished: origSize=199
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2492d01bce6872-NRT
expires: Tue, 13 Aug 2024 04:26:24 GMT

GET
H2 200 smartads.epl
www.dianomi.com/ Frame BB59 0
0 410ms
404ms Document
text/html 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=10415&numAds=12&cf=545.1480.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-10415-ZrqoLwxBIUQlgX8HXJIWPQAAADQ0&responsiveHeight=1&contextfeedFrameId=1480-138&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8b2492d03dc47366-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:25 GMT
expires: now
link: </img/a/pss/4205/19.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame B3F2 77 B
137 B 180ms
179ms Image
image/gif 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.1480.Reuters&geo_ccod=jp

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8b2492d02bde6872-NRT
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 12 Aug 2024 00:26:24 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame A47D 1 KB
0 28ms
28ms Image
image/webp 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 132047
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b2492d02bd46872-NRT
expires: Thu, 12 Sep 2024 10:26:24 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame A47D 169 B
0 14ms
14ms Stylesheet
text/css 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4772
cf-polished: origSize=199
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2492d01bce6872-NRT
expires: Tue, 13 Aug 2024 04:26:24 GMT

GET
H2 200 smartads.epl
www.dianomi.com/ Frame 1B78 0
0 363ms
361ms Document
text/html 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=50378&numAds=3&cf=545.2615.Reut%20(In%20A)&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50378-ZrqoL-m4ev93ZLEZwOw1qQAAABQ0&responsiveHeight=1&contextfeedFrameId=2615-373&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8b2492d03dc27366-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:25 GMT
expires: now
link: </img/a/pss/4248/83.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame A47D 77 B
137 B 193ms
192ms Image
image/gif 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.2615.Reut%20(In%20A)&geo_ccod=jp

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8b2492d03bdf6872-NRT
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 12 Aug 2024 00:26:24 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 20ED 1 KB
0 26ms
26ms Image
image/webp 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 132047
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b2492d02bd46872-NRT
expires: Thu, 12 Sep 2024 10:26:24 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame 20ED 169 B
0 12ms
12ms Stylesheet
text/css 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4772
cf-polished: origSize=199
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2492d01bce6872-NRT
expires: Tue, 13 Aug 2024 04:26:24 GMT

GET
H2 200 smartads.epl
www.dianomi.com/ Frame E652 0
0 367ms
366ms Document
text/html 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=45764&numAds=3&cf=545.2383.Reuters%20New&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-45764-ZrqoLz5dj0C-R3QYQHVCGQAAAAs0&responsiveHeight=1&contextfeedFrameId=2383-488&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8b2492d03dc67366-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:25 GMT
expires: now
link: </img/a/pss/4248/83.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 20ED 77 B
259 B 175ms
174ms Image
image/gif 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.2383.Reuters%20New&geo_ccod=jp

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8b2492d03be06872-NRT
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 12 Aug 2024 00:26:24 GMT

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame A47D 24 KB
25 KB 96ms
4ms Font
application/font-woff 2600:9000:26f2:4800:f:e061:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26f2:4800:f:e061:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:14:10 GMT
x-amz-version-id: DbaVTgAAtc_EnW57ITdheJlY66L21oBm
via: 1.1 22e92c1698289b5b69a870b2341cc2ec.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-P5
age: 4335
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 24720
last-modified: Thu, 21 Dec 2023 05:28:25 GMT
server: AmazonS3
etag: "cb2231d363ef66f1b18bd8fe996f3e25"
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: dk2gHWeVtHtVTVPuxQU_ztosKPD14-HOsCXU_FiS25bntpSKTZBXwg==

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame 20ED 24 KB
0 96ms
96ms Font
application/font-woff 2600:9000:26f2:4800:f:e061:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26f2:4800:f:e061:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:14:10 GMT
x-amz-version-id: DbaVTgAAtc_EnW57ITdheJlY66L21oBm
via: 1.1 22e92c1698289b5b69a870b2341cc2ec.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-P5
age: 4335
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 24720
last-modified: Thu, 21 Dec 2023 05:28:25 GMT
server: AmazonS3
etag: "cb2231d363ef66f1b18bd8fe996f3e25"
content-type: application/font-woff
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: dk2gHWeVtHtVTVPuxQU_ztosKPD14-HOsCXU_FiS25bntpSKTZBXwg==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F27 0
0 49ms
48ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufbsLoj7KbPRmZ3v0kFKZMJsE4fsdb4-XBNjBiVx4fYE6Pi5by9uOwMTLwmioDPtu8N5lAatGsaj6q5SlntnW0Hj6bDDWWG8e4Ik6PL807MBJvK__Ki_rY900r9HOr7vH-95ORQe6zKZHcyhXEPenWTSlCubIGOykT6Mv_wh8XUurR7eYNSoIpzB6H6M0T4Q0OHXiQPIKLiMYSSfE9A9ZLPBZ6zy6fCfQoo172iV0k67dTqyYrrfuR-jOBsosHnzl2HrBkIfNttrGyQW-iOoEKHTBHoAzCBkk1ALxTfKI2Upqdqc3lv50aaMGhpWQc0V0HLaVnOQZKIaTflP7qDMp1snrnHw&sai=AMfl-YTE4foUVaufQAlx8Md1SMeAevHzRweXTVDIGBcu0m1DOBOqokWHEvqvUGSIqmjILDO3mC1jUHVYhX1EZxahRizjo4LCxI8wzYvRY6utd1wXyBf1Ol_lps4UF5_1HQ&sig=Cg0ArKJSzAfDNm2hDeFCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 iframebuster.js Show response
assets.bounceexchange.com/assets/bounce/ Frame 5F27 2 KB
1 KB 29ms
3ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 05:08:17 GMT
content-encoding: br
ad-auction-allowed: true
age: 501487
x-guploader-uploadid: AHxI1nOEiI-3-KeyyonzhlnuCxlrqTacWZEYDaUX4q5fXNdTDSeMOra6gU8UdtoX8cFCL3FbESjI6Diujw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 834
last-modified: Tue, 06 Aug 2024 20:13:04 GMT
server: UploadServer
etag: W/"e834a0cd12abffd04acda8e08953a77a"
vary: Accept-Encoding
x-goog-generation: 1722975184297794
x-goog-hash: crc32c=PdRfKg==, md5=6DSgzRKr/9BKzajgiVOneg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 2317
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5F27 204 KB
63 KB 4ms
3ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64724
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 01:15:19 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 5F27 68 B
244 B 361ms
120ms Image
image/png 44.233.229.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzM1MzkwMDQ0MTM6MXgx&v=5&s=v31i54i1vk1&id=eyJkZnAiOnsiYWQiOjQ5NTc1MzQwMTksImMiOjEzODQ3Mjk4NzEyMywibCI6NjcwNjc5NzUyNSwibyI6MzUzOTAwNDQxMywiQSI6Ii80NzM1NzkyL3JldXRlcnMuY29tL2JvdW5jZXgiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfMXgxX2JvdW5jZXgifX0%3D&cb=5076642&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TTFNemt3TURRME1UTTZNWGd4Iiwid2QiOnsibyI6MzUzOTAwNDQxMywidyI6IjEiLCJoIjoiMSJ9LCJ3ciI6Mn0=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
content-type: image/png

POST
H2 204 collect Show response
analytics.google.com/g/ 0
254 B 91ms
44ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723508782818&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1845032605.1723508785&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&_s=1&sid=1723508784&sct=1&seg=0&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&en=ad_impression&_fv=1&_ss=1&ep.query_id=CO6Egsfa8IcDFeyI6QUdXeYGQw&tfd=4366
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 150ms
50ms Ping
text/plain 2404:6800:4008:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WBSR7WLTGD&cid=1845032605.1723508785&gtm=45je4880v9105432122za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WBSR7WLTGD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c06::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.jp/ads/ 42 B
63 B 86ms
46ms Image
image/gif 142.251.222.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WBSR7WLTGD&cid=1845032605.1723508785&gtm=45je4880v9105432122za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&tag_exp=0&tag_exp=0&z=2067266330

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 474 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 44ms
18ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 784743726290dd380a31c6169744d1ae18d21d8f42227b606d22109870f9f808

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 00:19:43 GMT
server: cloudflare
age: 296
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8b2492d12dec2641-NRT

GET
H2 200 i.js Show response
tag.bounceexchange.com/5431/ 5 KB
3 KB 23ms
4ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/5431/i.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 1b420d5f4d5b45fae15afb30c074f34ea0d08fc0824eba6e5d71e4422c49d9d4

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:14 GMT
content-encoding: gzip
x-envoy-decorator-operation: tag-router.tag-router.svc.cluster.local:80/*
via: 1.1 google
age: 10
x-envoy-upstream-service-time: 0
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2313
server: istio-envoy
etag: 474f1c7e9b72eb
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 rules-p-UeXruRVtZz7w6.js Show response
rules.quantcount.com/ 2 KB
1 KB 21ms
3ms Script
application/javascript 2600:9000:2066:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:40:48 GMT
content-encoding: gzip
via: 1.1 1f83e59f609910f3106a87395db1ee4a.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
age: 2737
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 07 Dec 2017 17:06:25 GMT
server: AmazonS3
etag: W/"cbc97d16c77ea1fcbbf42d246001e982"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: fU52iXtLJcT7J2qpRbJekSgw1qg7JyQfkod0kkr8uWvZouGg6cnQYA==

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 271ms
264ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 0ec43be2e9ae42ed9ced8e118df8c5a58d8b6d5a30c2c0c2c94afca82bf4e0a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
DATA 200
OK truncated
/ Frame 5F27 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 442afc1b7860673941a069b2b8935009cdaea8745d47cf42713f3faa0165cc81

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F27 0
0 83ms
41ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 474 Show response
p.ad.gt/api/v1/p/ 40 KB
13 KB 67ms
42ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/474
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 081964cb42fb3168a6ccacae28e19cef8ca6d1aab6e7e4c4445f6da1442e3da7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Aug 2024 00:23:45 GMT
server: cloudflare
age: 13
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b2492d1ff66687d-NRT

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
143 B 579ms
255ms Image
image/gif 52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&halo_id=060ixdlju6a65efg99jagd8a8ci8cgc7dihuok0wi0e0ymoq66weqk4e4iu4iqi2k
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
191 B 453ms
129ms Image
text/html 52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
server: nginx/1.24.0
content-length: 0
content-type: text/html; charset=utf-8

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001723508785-5G44DTF4-D7HH%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&adnxs_id=7215925250408129285&gdpr=0

43 B
143 B

404ms
254ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&adnxs_id=7215925250408129285&gdpr=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
an-x-request-uuid: 1565d80c-b673-424d-8c13-db19effe4c12
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&adnxs_id=7215925250408129285&gdpr=0
x-proxy-origin: 31.204.145.167; 31.204.145.167; 594.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001723508785-5G44DTF4-D7HH&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=fa8e486f-3886-4605-8a81-f3110e75ccec&id=AU1D-0100-001723508785-5G44DTF4-D7HH

43 B
143 B

444ms
129ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=fa8e486f-3886-4605-8a81-f3110e75ccec&id=AU1D-0100-001723508785-5G44DTF4-D7HH
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=fa8e486f-3886-4605-8a81-f3110e75ccec&id=AU1D-0100-001723508785-5G44DTF4-D7HH
date: Tue, 13 Aug 2024 00:26:24 GMT
server: Kestrel
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723508785-5G44DTF4-D7HH
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001723508785-5G44DTF4-D7HH
https://ids.ad.gt/api/v1/pbm_match?pbm=E4D6B1E5-ED43-4A25-AB21-B9D7EC940AC8&id=AU1D-0100-001723508785-5G44DTF4-D7HH

43 B
143 B

385ms
130ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=E4D6B1E5-ED43-4A25-AB21-B9D7EC940AC8&id=AU1D-0100-001723508785-5G44DTF4-D7HH
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=E4D6B1E5-ED43-4A25-AB21-B9D7EC940AC8&id=AU1D-0100-001723508785-5G44DTF4-D7HH
date: Tue, 13 Aug 2024 00:26:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
1 KB 331ms
71ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001723508785-5G44DTF4-D7HH&gdpr=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4290507b7388fb86809e552482e2fff0
Expires: 0

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001723508785-5G44DTF4-D7HH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723508785...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001723508785-5G44DTF4-D7HH&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001723...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=fc315c29-2f77-4417-802c-45cb2f126061%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fa8e486f-3886-4605-8a81-f3110e75ccec&ttd_puid=fc315c29-2f77-4417-802c-45cb2f126061%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&tapad_id=fc315c29-2f77-4417-802c-45cb2f126061

43 B
143 B

253ms
130ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&tapad_id=fc315c29-2f77-4417-802c-45cb2f126061
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&tapad_id=fc315c29-2f77-4417-802c-45cb2f126061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001723508785-5G44DTF4-D7HH
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&google_gid=CAESEHAcwN8ZP8vmzJQUFNogZhI&google_cver=1&google_ula=450542624,0

43 B
143 B

455ms
255ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&google_gid=CAESEHAcwN8ZP8vmzJQUFNogZhI&google_cver=1&google_ula=450542624,0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001723508785-5G44DTF4-D7HH&google_gid=CAESEHAcwN8ZP8vmzJQUFNogZhI&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001723508785-5G44DTF4-D7HH
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwODc4NS01RzQ0RFRGNC1EN0hI

170 B
243 B

51ms
49ms

Image
image/png

142.250.206.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwODc4NS01RzQ0RFRGNC1EN0hI

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Server

142.250.206.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMzUwODc4NS01RzQ0RFRGNC1EN0hI
date: Tue, 13 Aug 2024 00:26:25 GMT
server: nginx/1.24.0
content-length: 453
content-type: text/html; charset=utf-8

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001723508785-5G44DTF4-D7HH
https://ids.ad.gt/api/v1/ppnt_match?uid=GiwERFnzLYe0&ev=1&pid=562316&id=AU1D-0100-001723508785-5G44DTF4-D7HH

43 B
143 B

135ms
134ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=GiwERFnzLYe0&ev=1&pid=562316&id=AU1D-0100-001723508785-5G44DTF4-D7HH
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: ja-JP
location: https://ids.ad.gt/api/v1/ppnt_match?uid=GiwERFnzLYe0&ev=1&pid=562316&id=AU1D-0100-001723508785-5G44DTF4-D7HH
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-c98ddcc9f-lxw7r
expires: -1

GET
H2 400 ium
ssum-sec.casalemedia.com/ 0
476 B 30ms
18ms Image
text/plain 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060ixdlju6a65efg99jagd8a8ci8cgc7dihuok0wi0e0ymoq66weqk4e4iu4iqi2k&gdpr=0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eO29vv5kn6tXxMHD%2FtB2UodcVEKSe5J6sESsoX7fWgf1BAwdwe5RYoEZWglBl38y5AitQMSmrAc5JzRCsemfIVJKLKp%2F2gx8CzCUG%2BSJj6L3npHPW8wAmbtlJ%2FQ0lXdIFKYYGD3j2kthiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, no-cache, no-store
cf-ray: 8b2492d32cfadff9-NRT
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H2

200

adb_match
ids.ad.gt/api/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001723508785-5G44DTF4-D7HH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001723508785-5G44DT...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001723508785-5G44DTF4-D7HH&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-01...
https://ids.ad.gt/api/v1/adb_match?adb=68391133770279347971934597068881128318&id=AU1D-0100-001723508785-5G44DTF4-D7HH

43 B
143 B

243ms
243ms

Image
image/gif

52.43.27.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/adb_match?adb=68391133770279347971934597068881128318&id=AU1D-0100-001723508785-5G44DTF4-D7HH
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Server: 52.43.27.85 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-43-27-85.us-west-2.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-cache
server: nginx/1.24.0
content-length: 43
content-type: image/gif

Redirect headers

dcs: dcs-prod-tyo3-1-v060-026520354.edge-tyo3.demdex.com 2 ms
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dKxrvXWbQs8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://ids.ad.gt/api/v1/adb_match?adb=68391133770279347971934597068881128318&id=AU1D-0100-001723508785-5G44DTF4-D7HH
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 5ms
4ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/5431/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 01 Aug 2024 20:09:15 GMT
content-encoding: br
ad-auction-allowed: true
age: 965829
x-guploader-uploadid: AHxI1nMwX6tD6fMyF0Uy3uEvv-G4dDYzaaqX9lP6JKjSb3Oc9t8Q4Mj_2d3AwyEtCaj9ckMQauz9-ca7AQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Thu, 01 Aug 2024 15:26:24 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1722525984630144
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 pixel;r=1750756299;labels=keywords.HACK%2Ckeywords.PPL%2Ckeywords.US%2Ccategory.HACK%2Ccategory.PPL%2Ccategory.US%2Ccategory.Technology%2Ctitle.More%20ransomware%20websites%20disappear%20in%20after...
pixel.quantserve.com/ 35 B
1 KB 80ms
73ms Image
image/gif 2620:116:800e:21:6c50:dbee:bef5:203d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1750756299;labels=keywords.HACK%2Ckeywords.PPL%2Ckeywords.US%2Ccategory.HACK%2Ccategory.PPL%2Ccategory.US%2Ccategory.Technology%2Ctitle.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%2Ctitle.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%2Ctitle.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters%2Cauthor.Raphael%20Satter;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F;uht=2;fpan=1;fpa=P0-1177105574-1723508784871;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;us_privacy=1---;ref=;d=reuters.com;dst=0;et=1723508784936;tzo=-540;ogl=title.More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ereuters%252Ecom%2Fpf%2Fresources%2Fimages%2Freuters%2Freuters-default%252Ewebp%3Fd%3D207%2Curl.https%3A%2F%2Fwww%252Ereuters%252Ecom%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in%2Cdescription.Two%20more%20ransomware%20operators%20appear%20to%20have%20disappeared%20from%20the%20web%252C%20a%20cyberse%2Clocale.en_US%2Csite_name.Reuters%2Cimage%3Aurl.https%3A%2F%2Fwww%252Ereuters%252Ecom%2Fpf%2Fresources%2Fimages%2Freuters%2Freuters-default%252Ewebp%3Fd%3D207%2Cimage%3Awidth.1200%2Cimage%3Aheight.628%2Cimage%3Aalt.Reuters%20logo%2Clocale%3Aalternate.en_US%2Carticle%3Amodified_time.2021-05-16T21%3A51%3A28%252E000Z%2Cupdated_time.2021-05-16T21%3A51%3A28%252E000Z%2Carticle%3Apublished_time.2021-05-16T21%3A51%3A28%252E000Z;ses=eaa68090-48d2-4895-9e63-0604341d8a9b;mdl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:6c50:dbee:bef5:203d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["zoFO++w2/6v9llci9SAJiQ=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["kPmuOAIJ7cfFHRlyq2/tyA=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["gp9giuAdiqzslB+8bv0Whg=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["RBZeUgp13OMAb9fY1Ccyog=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["LQQ92PJpqWDd4WW6LWwl2A=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["ejeE3DcGnne2XMEXX3jW6A=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["uMqBrKJuyeYBjLCPG5v4eA=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["UfHmZbndmL31r/JQMAQpjw=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["ohP5rVo1gktzitaDi0cZMA=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["oEBjngAWdGsmpMbp0W+DQg=="],"pcode":["p-UeXruRVtZz7w6"]}],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 main-v2_61b786ae467e37270c1161244ee81e37.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 505 KB
110 KB 6ms
5ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/5431/i.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7d5e663d14a945bf88339ef783adf85c43a0dc4605b021b0c7643c1c966f6117

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 15:14:02 GMT
content-encoding: br
ad-auction-allowed: true
age: 33142
x-guploader-uploadid: AHxI1nOuLsT--w51lX9JgpvSXj4osvqZsQ0IkgBMADZAZJDMXbnQhB3b3RpZ1so3INoTd1xqEII
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112974
last-modified: Mon, 12 Aug 2024 15:13:52 GMT
server: UploadServer
etag: "083b58cbb038c9e9f14bc6c552e85138"
x-goog-generation: 1723475632160300
x-goog-hash: crc32c=K6NMfg==, md5=CDtYy7A4yenxS8bFUuhROA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 112974
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
15 KB 7ms
6ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by: Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/5431/i.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:42:05 GMT
content-encoding: gzip
ad-auction-allowed: true
age: 1629859
x-guploader-uploadid: AHxI1nOW6aLsJ2Oz1PyqnXbV4QqwdPo0iFoY9HjlKHAS0xato12y3-zICHxgq7Od-zE1_BQ3PI4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15748
last-modified: Mon, 22 Apr 2024 20:59:52 GMT
server: UploadServer
etag: "1eb885454ea6bef1c9747800702959de"
x-goog-generation: 1713819592631797
x-goog-hash: crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15748
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
275 B 759ms
251ms Fetch
application/json 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

15388886e17cd02ecc9b8c1f29f386792cdeea0f572071f45c37359748d26de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 510ms
151ms XHR
application/json 34.102.183.59
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.183.59 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 59.183.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 7b76d239f05204d1e888c22f82f7df88953b3f8ff4b518c69d8f33fd736deb64

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 00:26:25 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 400ms
150ms XHR
application/json 34.98.127.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.127.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.127.98.34.bc.googleusercontent.com
Software: /
Resource Hash: 9d7beaa548a30109a908bb6215cb802d2efe90f81a5ca09d6bb451ef52a55eef

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 00:26:25 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 460ms
150ms XHR
application/json 35.244.177.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.177.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.177.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 320de587a569204eddd02bceaf7081fb9f993c2f20195c7e4d314d6254fc7d77

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 00:26:25 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 3ms
2ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:41:59 GMT
content-encoding: br
ad-auction-allowed: true
age: 1629865
x-guploader-uploadid: AHxI1nOXu9cyfPp-kTwaaYMLegyRTVaqzz5OQja6XIMWzExewTfyRtqZ_H4tF5akdCPR-Zv_eYod5Ev9aw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Wed, 24 Jul 2024 15:05:55 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1713883044855037
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 164 KB
37 KB 4ms
3ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f591b2dd67ab481453b5cc07706b51c1ce242e0840a6a237563d261c99749546

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 15:13:48 GMT
content-encoding: br
ad-auction-allowed: true
age: 33156
x-guploader-uploadid: AHxI1nP9tXSV8TQWB1BB-CR9fMHd-qANZ9fvIan-x5-1asFF1tyvRG-fc7U5YFut9nOtExwWgqI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37693
last-modified: Mon, 12 Aug 2024 15:13:38 GMT
server: UploadServer
etag: "c2404bb5cc46f445920a4bb863742d91"
x-goog-generation: 1723475618615123
x-goog-hash: crc32c=mQf2Wg==, md5=wkBLtcxG9EWSCku4Y3QtkQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 37693
accept-ranges: bytes
content-type: text/javascript

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 496ms
251ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 51ms
51ms XHR
text/plain 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=313571973&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACgCIAB~&jid=335225643&gjid=1710056888&cid=1845032605.1723508785&tid=UA-24152976-22&_gid=1036806478.1723508785&_slc=1&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&z=2081645779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 57ms
56ms XHR
text/plain 2404:6800:4008:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-24152976-22&cid=1845032605.1723508785&jid=335225643&gjid=1710056888&_gid=1036806478.1723508785&_u=aGBAgEAjAAAAAGgCIAB~&z=1673494315

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c06::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
173 B 448ms
231ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
174 B 339ms
124ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=313571973&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Markets&ea=lseg.logo.seen&el=LSEG%20Logo%20seen&ev=0&_u=aGBAgEAjAAAAAGgCIAB~&jid=&gjid=&cid=1845032605.1723508785&tid=UA-24152976-22&_gid=1036806478.1723508785&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=1665429733

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 06:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63953
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
173 B 434ms
242ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=313571973&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=application.web.vitals&el=FCP&ev=2467&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=1845032605.1723508785&tid=UA-24152976-22&_gid=1036806478.1723508785&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=2084734109

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 06:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63953
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
173 B 401ms
236ms Fetch
application/json 52.12.47.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.12.47.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-12-47-65.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
11ms Image
image/gif 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=313571973&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dp=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&ul=ja-jp&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=caption&ea=license.caption.view&el=article&ev=0&_u=aGBAgEAjAAAAAGgCIAD~&jid=&gjid=&cid=1845032605.1723508785&tid=UA-24152976-22&_gid=1036806478.1723508785&cd2=Technology&cd11=CTECH-US-USA-PRODUCTS-COLONIAL-PIPELINE-RANSOMWARE&cd4=Article-News&cd32=Mon%20May%2017%202021%2006%3A50%3A17%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd10=image&cd9=%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&cd19=Page%20Load&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Raphael%20Satter&cd3=Technology&cd1=Technology&cd18=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack&cd37=KCN2CX0KT&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=KCN2CX0KS-OCATC&cd44=2&cd51=CTECH%2CUS%2CUSA%2CPRODUCTS%2CCOLONIAL%2CPIPELINE%2CRANSOMWARE&cd52=HACK%2CPPL%2CUS&cd53=%2C%2C&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=Mon%20May%2017%202021%2006%3A51%3A28%20GMT%2B0900%20(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&cd79=Raphael%20Satter&cd99=direct&cd100=none&cd102=0&cd127=Anonymous&cd128=none&cd65=Anonymous&cd66=Anonymous&z=2030622392

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 06:40:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63953
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
655 B 12ms
12ms Script
text/javascript 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Aug 2024 00:39:02 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 11ms
10ms Script
text/javascript 142.250.76.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.142 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 23:52:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 13 Aug 2024 00:52:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
90 KB 166ms
166ms Script
application/javascript 142.250.206.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.206.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c0e2edfde5b45fbdb2cb3356d46aaea0f5fd72d667bc6bcfac544677cff16f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H/1.1 200
OK a-07no
i.liadm.com/s/c/ Frame B9F9 0
0 704ms
185ms Document
text/html 44.193.56.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-07no?duid=f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt&euns=0&s=&us_privacy=1---&version=v2.14.3&cd=.reuters.com

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-07no.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.56.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-56-5.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 607
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Aug 2024 00:26:25 GMT
Request-Time: 14
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 740 B
676 B 55ms
54ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_leaderboard_atf,ss:%5B1.1,728.90,950.90,970.90,980.90,1140.90,728.100,750.100,1100.100,970.120,980.120,930.180,750.200,728.250,970.250%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0a112035a14053c622fcfafccf4c625c9a5787cea271c94036ba91880d69ee1c

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 418 B
546 B 122ms
122ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_native_1,ss:%5B1.1,200.200,300.200,250.250,300.250,320.250,336.280,400.280,1100.375,1.1%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 90ccacd93dfc21ed518ecd0bc5d9e542e27c8ac724ccd23f5c3f911e20a32eb8

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 723 B
666 B 51ms
51ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_native_2,ss:%5B1.1,2.2,200.200,300.200,250.250,300.250,320.250,336.280,400.280,1100.375,1.1%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b950fa31794c50a8edc49b09cba33fb287810bee5856e0643b02294aac0fd222

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 727 B
669 B 51ms
51ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_recirc_end_unit,ss:%5B1.1,1.1%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: c7ced2edb7bbf82c0f0b6b8bdd971219b9c968377c95e0907b55fde717862a78

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 737 B
673 B 43ms
43ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_right_rail_1,ss:%5B1.1,200.200,300.200,250.250,300.250,300.333,250.360,240.400,300.400,300.420,120.600,160.600,300.600%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 0f6fc20d3ed73d09afc60df25e05330a1ee08b3a4aa659be2d27437884a0a2b3

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 732 B
674 B 39ms
38ms XHR
application/json 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931336&slot=%7Bid:reuters_desktop_right_rail_2,ss:%5B1.1,200.200,300.200,250.250,300.250,300.333,250.360,240.400,300.400,300.420,120.600,160.600,300.600%5D,p:/4735792/reuters.com/technology/article,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=a8a43d91-a1a9-92e8-f84f-f283aefbb23c&url=https%253A%252F%252Fwww.reuters.com%252Farticle%252Fus-usa-products-colonial-pipeline-ransom%252Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%252F
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 7cbbb14bb886115e362e4251570b7b4c3aadf717e9a848fa8c6ced1b7365d652

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
116 B 151ms
150ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b2492d348a82641-NRT
vary: Origin

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
88 B 173ms
150ms Script
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=0da83bd5ef4657948e1ac021ad9f1a22&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b2492d48813f615-NRT

GET
H3 200 jquery-3.7.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 85 KB
30 KB 3ms
3ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 04 Aug 2024 20:35:29 GMT
content-encoding: br
ad-auction-allowed: true
age: 705056
x-guploader-uploadid: AHxI1nPS8ul9g-iU3O6NRoOtod671gtKOBFICDTDVEaQrZfDLnYeBJdgnmq2q7cGupVexvdYwnCEd3iP2g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31023
last-modified: Thu, 01 Aug 2024 20:45:26 GMT
server: UploadServer
etag: W/"2c872dbe60f4ba70fb85356113d8b35e"
vary: Accept-Encoding
x-goog-generation: 1722545126757282
x-goog-hash: crc32c=fsBEgw==, md5=LIctvmD0unD7hTVhE9izXg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 87533
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F27 0
0 97ms
55ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusPvqMjZBCq6Jd5OojmVOyv51r2--knu1D5Hjh01-sFG3LzW1BkP44FEGA4WepGJBoOq3p0_ocY2fYE4UJCnI3k-3ol0Jeh7R8Eq8JlJVtM8MwoS9kWWk4XMlmV25uXOzjqQa4IebRhTi2Uta_roE101prYRJQEnyddnfWrjs3de7umUDTqmHXhn0WW-uEX50uUBn5KNs356yQlliDIHCXmN7_hYf4BxcOxNkrXmw040OBl9kn-1y0K45BQXgZYwFi0AW0lNXbzG0rnYGp2dlVYt4uHqsBo2ryQCg8ipUVVdzz19pguen2-iG7F9kv57wFKStIraOT4iDiUYpEZTB-_Kduz6Ru&sai=AMfl-YQeOWgCRaxUh3q_DnHfARfFjel3ISIugOkn2yTECsFTXcmQ4i_bSAzV6omWkj_Lpw5wmsAaJmTtxFwfqR_VE4b4Uw3ud49ruT6XKfpkN2VWWouJOH9Fs_ne6ggafA&sig=Cg0ArKJSzCKZuv50h28BEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 00:26:25 GMT

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
106 B 122ms
120ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 8b2492d36e3dafc1-NRT

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
83 B 121ms
120ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 8b2492d36e45afc1-NRT

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
83 B 122ms
121ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 8b2492d36e48afc1-NRT

POST
H2 200 rtd Show response
id.hadron.ad.gt/api/v1/ 27 B
83 B 125ms
123ms Fetch
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/rtd
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS, GET
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
debug: rtd-nx-sv
access-control-allow-headers: *
content-length: 27
cf-ray: 8b2492d37e4cafc1-NRT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 319ms
319ms XHR
text/plain 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1808338432911766&correlator=46365837036324&eid=31084271%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C1x1%7C200x200%7C300x200%7C250x250%7C300x250%7C320x250%7C336x280%7C400x280%7C1100x375&fluid=height&ifi=2&didk=78326732&sfv=1-0-40&eri=33&sc=1&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&abxe=1&dt=1723508785240&lmt=1723508782&adxs=263&adys=1497&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=707x0&msz=707x0&fws=0&ohw=0&psts=AOrYGsmDSUNkn7NQt8czGoLNRvdTpxBEAGYIHP-DoRLpX5pQVEzRkPwCkFnsvqD8cBt2L-dhoxtFThsrwvoaO5ibw4C2_Q&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723508782753&idt=1406&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D36f6ba2d-5cdb-4160-9571-000334aef023%26fs_placementName%3Dreuters_desktop_native_1%26fs_ad_product%3DlazyLoad%26type%3Dnative%26div_id%3Dreuters_desktop_native_1&cust_params=fs_session_id%3D95c32c2a-3a93-4ce2-b3fb-0212cf32d189%26fs_pageview_id%3D47ee059b6251f8bc246dba40cd79f7ef%26fsitf%3DYYYYYYYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D2%26fs_clientservermask%3D00000000000000000000001%26fs_testgroup%3Doptimised%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Crts%26prmtvsdk%3Dweb%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=3441933748&frm=20&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e9662e41b41fdfc8140971e5014c020c294ce406d61594e38c5bd272ee0a6bc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12508
x-xss-protection: 0
google-lineitem-id: 6703581563
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138471995887
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 577ms
576ms XHR
text/plain 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1808338432911766&correlator=46365837036324&eid=31084271%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C200x200%7C300x200%7C250x250%7C300x250%7C300x333%7C250x360%7C240x400%7C300x400%7C300x420%7C120x600%7C160x600%7C300x600&ifi=3&didk=1594545083&sfv=1-0-40&eri=33&sc=1&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&abxe=1&dt=1723508785252&lmt=1723508782&adxs=1088&adys=1625&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=200x0&msz=200x0&fws=512&ohw=0&psts=AOrYGsmDSUNkn7NQt8czGoLNRvdTpxBEAGYIHP-DoRLpX5pQVEzRkPwCkFnsvqD8cBt2L-dhoxtFThsrwvoaO5ibw4C2_Q&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723508782753&idt=1406&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D96a096f1-a195-4263-9f61-1df59120d3f0%26fs_placementName%3Dreuters_desktop_right_rail_2%26fs_ad_product%3DlazyLoad%26type%3Dmpu2%26div_id%3Dreuters_desktop_right_rail_2%26id%3Dac938ae9-590a-11ef-8cc4-0e44812696eb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80&cust_params=fs_session_id%3D95c32c2a-3a93-4ce2-b3fb-0212cf32d189%26fs_pageview_id%3D47ee059b6251f8bc246dba40cd79f7ef%26fsitf%3DYYYYYYYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D2%26fs_clientservermask%3D00000000000000000000001%26fs_testgroup%3Doptimised%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Crts%26prmtvsdk%3Dweb%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=1537550920&frm=20&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d7015a3063cd25691ed52bfd8fe42203054c34b844f5f22ba4f04c3801c4f7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12567
x-xss-protection: 0
google-lineitem-id: 6087579048
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138420677785
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 827ms
827ms XHR
text/plain 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1808338432911766&correlator=46365837036324&eid=31084271%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C200x200%7C300x200%7C250x250%7C300x250%7C300x333%7C250x360%7C240x400%7C300x400%7C300x420%7C120x600%7C160x600%7C300x600&ifi=4&didk=1594544196&sfv=1-0-40&eri=33&sc=1&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&abxe=1&dt=1723508785259&lmt=1723508782&adxs=1088&adys=393&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=200x0&msz=200x0&fws=512&ohw=0&psts=AOrYGsmDSUNkn7NQt8czGoLNRvdTpxBEAGYIHP-DoRLpX5pQVEzRkPwCkFnsvqD8cBt2L-dhoxtFThsrwvoaO5ibw4C2_Q&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723508782753&idt=1406&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D2b087854-3404-4fdc-8c73-871cf92ae95c%26fs_placementName%3Dreuters_desktop_right_rail_1%26fs_ad_product%3DlazyLoad%26type%3Dmpu%26div_id%3Dreuters_desktop_right_rail_1%26id%3Dac93156b-590a-11ef-b397-0670410d2c29%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90&cust_params=fs_session_id%3D95c32c2a-3a93-4ce2-b3fb-0212cf32d189%26fs_pageview_id%3D47ee059b6251f8bc246dba40cd79f7ef%26fsitf%3DYYYYYYYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D2%26fs_clientservermask%3D00000000000000000000001%26fs_testgroup%3Doptimised%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Crts%26prmtvsdk%3Dweb%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=1537550921&frm=20&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

396c7d57ce74cd8dd7ca90c076f7aec41a2a688075bffeb852e733339d94e6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12570
x-xss-protection: 0
google-lineitem-id: 6087579048
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138402384553
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 1081ms
1081ms XHR
text/plain 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1808338432911766&correlator=46365837036324&eid=31084271%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202408080101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=4735792%2Creuters.com%2Ctechnology%2Carticle&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C728x90%7C950x90%7C970x90%7C980x90%7C1140x90%7C728x100%7C750x100%7C1100x100%7C970x120%7C980x120%7C930x180%7C750x200%7C728x250%7C970x250&ifi=5&didk=1503827643&sfv=1-0-40&eri=33&sc=1&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&abxe=1&dt=1723508785265&lmt=1723508782&adxs=436&adys=138&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&vis=1&psz=728x0&msz=728x0&fws=512&ohw=0&psts=AOrYGsmDSUNkn7NQt8czGoLNRvdTpxBEAGYIHP-DoRLpX5pQVEzRkPwCkFnsvqD8cBt2L-dhoxtFThsrwvoaO5ibw4C2_Q&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723508782753&idt=1406&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Deaab4a34-e050-4093-9d39-249af3e7c2ba%26fs_placementName%3Dreuters_desktop_leaderboard_atf%26fs_ad_product%3DlazyLoad%26type%3Dleaderboard%26div_id%3Dreuters_desktop_leaderboard_atf%26id%3Dac927976-590a-11ef-8cc4-0e44812696eb%26vw%3D40%2C50%2C60%2C70%2C80%2C90%26grm%3D40%2C50%2C60%2C70%2C80%2C90&cust_params=fs_session_id%3D95c32c2a-3a93-4ce2-b3fb-0212cf32d189%26fs_pageview_id%3D47ee059b6251f8bc246dba40cd79f7ef%26fsitf%3DYYYYYYYYYY-YY-YY------------------------%26fs_liveintent%3DY%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D2%26fs_clientservermask%3D00000000000000000000001%26fs_testgroup%3Doptimised%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3Dlow%26ias-kw%3DIAS_1507056_PG%252CIAS_9494_KW%252CIAS_1507547_PG%252CIAS_1508982_PG%252CIAS_7906_KW%252CIAS_1509467_PG%252CIAS_3007526_PG%252CIAS_1500693_PG%252CIAS_14885_KW%252CIAS_1508456_PG%252CIAS_1508454_PG%252CIAS_1509845_PG%252CIAS_1508452_PG%252CIAS_1508709_PG%252CIAS_8463_KW%252CIAS_1509464_PG%252CIAS_1507080_PG%252CIAS_1509336_PG%252CIAS_1508690_PG%252CIAS_1508451_PG%252CIAS_18895_1753_KW%252CIAS_1509513_PG%252CIAS_1508455_PG%252CIAS_1509999_PG%252CIAS_13887_KW%26permutive%3D105244%252C122932%252C122942%252C178682%252C178683%252C178684%252C178685%252C178686%252C178687%252C178688%252C178690%252C178691%252C178692%252C178693%252C183145%252C184126%252C184128%252C47119%252C72785%252C75216%252C75355%252C76210%252C78885%252C81382%252C88891%252Crts%26prmtvsdk%3Dweb%26template%3Darticle%26asset%3Dimage%26articleID%3DKCN2CX0KT%26p_count%3D9%26topic%3Dcysc%26pixel_distance%3D111&adks=4221809708&frm=20&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

08de20f0a920a3b37b51c210b0b70b0b101775cf2cfa79cce7d94f369f87398e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18130
x-xss-protection: 0
google-lineitem-id: 6705308864
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138477769157
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 4092 0
0 6ms
2ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
ad-auction-allowed: true
age: 207049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Sat, 10 Aug 2024 14:55:36 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Thu, 08 Aug 2024 18:00:03 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1723140002917464
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: AHxI1nM6fhvP3uWXMPdRD7yv-JmDIWSGWacSSIDCIhP9vuZjtELBPyMVV-kmtXI9SokdBYuhcbz0AVEEQQ

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 42 KB
9 KB 118ms
101ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=674&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAmAZgFYAGADkOvOIE4AWTYALxCgFpznLMAdwCmAIxypgwgPqoAJlD6l8mAE7CcIADZw0GAgDZKlAB75ixtcJjDV61VGwBDLVtQIA5tLiqtUABbAwAAOOACkpACCYcQAYjGxgkkAdOq6tjjJSCAAtglOqmhIWsIJcDjc5U7cwaogcnC43NlaGKguNajBwm4IwtyqTgiaeXE5IOoDQyOCBf0i4pIa3HKoOE7B3QXc7txOMFKqOU7A-twgMM3abR3BXT3u-f5OSADWO3IAqgDKANIAwgA5Yj-AAalF+ABUEpgAG5rSTSbIgV6oYRQMKEABCMWIWmCuIi0WIxECIXCxHIURiDHilLiSUEqWE6VUmWyo1pBSKJRpcXKlXWNTqDSaLRuWk63V6-UGw1yfNi40mcpmc24CwkUgqq3Wm2E212+0Ox1O50u4oQ7Uld2lj24zzeHx+AOBYIh0PpdOIMX+uNUhOpJMJhAAItgQCi0RjsbjVnJA8TiPhSHQ6NRqJRyNR+IwDKRmPRCSDcfCE8GokQyFRaPQmMnKPhMeHYQUcABtcq2aStDweYRyWQIAC6sBcOGEEajMlAIB7BX7Y60E8womCUAEwhCUHbw8wwWAeAjOWCbiGSBkMC0Tg8jlhzygQA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 7efb4c6344bae034223af4312f487cbefbd16fd476f72bbc2a74bb0a33c02329

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
x-envoy-decorator-operation: legacy-api-tier1.legacy-api.svc.cluster.local:80/*
last-modified: Tue, 13 Aug 2024 00:26:25 GMT
via: 1.1 google
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 7
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H3 200 ads_ Show response
fundingchoicesmessages.google.com/f/AGSKWxXKEJNzceBWCW1Gjo2ZWnVknBGw2Dm6LxwzYByNOv1q_f_6NC5qQV8U2qdmClOdDrZkEywQ7KXZQddqASGBb1B1XNAOHyLS7dl4MEwisuJUOR0NG2y7YR6y93B8GC9Z-0cTc8bLKf-oCNV7lRvon-4OUMd_R... 54 B
109 B 48ms
47ms Script
application/javascript 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXKEJNzceBWCW1Gjo2ZWnVknBGw2Dm6LxwzYByNOv1q_f_6NC5qQV8U2qdmClOdDrZkEywQ7KXZQddqASGBb1B1XNAOHyLS7dl4MEwisuJUOR0NG2y7YR6y93B8GC9Z-0cTc8bLKf-oCNV7lRvon-4OUMd_RHE3TvV2p6WbgEYAyeENDUz5S_CJ5gkU/_/totemcash1./blockblock/blockblock.jquery.js.ad-cloud./adsdaqbanner_/js/ads_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.oklVZN3hHw8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxiShJaWXZOPqB2XGzV-j1Kw5bUvA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

2c8a3c4e21e1950cbba33c671e495f16ad33b682f89529cc2234907eb16e5cc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-onJSb0ebWpDHmTDS_a7g-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-onJSb0ebWpDHmTDS_a7g-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDg2Xni1lU1gRcPsu4xKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgYWhoZ6BubxBQYAolU_4w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 55ms
55ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

51262f2904ce7b2fb32c24f7cc8d2e1ce195a67242b68638792c0faadc196a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52606
x-xss-protection: 0
server: cafe
etag: 13217502166936375703
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 00:26:25 GMT

POST
H3 204 AGSKWxWLw_zC61Su7039FCCHlCDz7bb183-JoxgdVhgZP2_FGB-re1jIjbVNLbLwHTm1aWuQ5o-qKmbtIQFdm_rRmXTihMTCz-8evo-NHvVh_Q29VlSO12A8poDJ5Y48xBuOWePj6UxZXg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
47ms XHR
text/html 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLw_zC61Su7039FCCHlCDz7bb183-JoxgdVhgZP2_FGB-re1jIjbVNLbLwHTm1aWuQ5o-qKmbtIQFdm_rRmXTihMTCz-8evo-NHvVh_Q29VlSO12A8poDJ5Y48xBuOWePj6UxZXg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1LSm_pgkYKgAI8NnX_pObw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1LSm_pgkYKgAI8NnX_pObw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw0pBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-OFV1vZBFZMb3_PqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDCwMDfUMzOMLDACcSzSF"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLw_zC61Su7039FCCHlCDz7bb183-JoxgdVhgZP2_FGB-re1jIjbVNLbLwHTm1aWuQ5o-qKmbtIQFdm_rRmXTihMTCz-8evo-NHvVh_Q29VlSO12A8poDJ5Y48xBuOWePj6UxZXg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0dYsFDyZuJuJ37iGSwbQdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0dYsFDyZuJuJ37iGSwbQdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw1ZBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-OFV1vZBD5smfyZUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAv-k0_Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLw_zC61Su7039FCCHlCDz7bb183-JoxgdVhgZP2_FGB-re1jIjbVNLbLwHTm1aWuQ5o-qKmbtIQFdm_rRmXTihMTCz-8evo-NHvVh_Q29VlSO12A8poDJ5Y48xBuOWePj6UxZXg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-idiWnZ0WsoEsfGoD1hlTMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-idiWnZ0WsoEsfGoD1hlTMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmJw05BicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-OFV1vZBGbM6_vPqOSSlF8Yn5yfV5KaV6KbmFKsC2IXZSaVluQXobBTy0AqcvLT0zPz0uONDIxMDCwMDfUMzOMLDACeADSP"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLw_zC61Su7039FCCHlCDz7bb183-JoxgdVhgZP2_FGB-re1jIjbVNLbLwHTm1aWuQ5o-qKmbtIQFdm_rRmXTihMTCz-8evo-NHvVh_Q29VlSO12A8poDJ5Y48xBuOWePj6UxZXg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KWva-cAOh5XIM8zHXSOxNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KWva-cAOh5XIM8zHXSOxNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw15BicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-OFV1vZBCbs_PqfUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGFgYGuoZmMcXGAAAxZ01Eg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWtiY8iKnypcc_vEyIVjmfT6mqdLDRcHZTb01B_3vgotLEpX2SKsCn8Jtb6LK5umjuoMkpoPacnceMCk7mVZv61K0PDM1vJniLP4yprIVHp9vT6ZX5uz-IOTtZB7njiodr3jl7ywA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 61ms
61ms Script
application/javascript 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWtiY8iKnypcc_vEyIVjmfT6mqdLDRcHZTb01B_3vgotLEpX2SKsCn8Jtb6LK5umjuoMkpoPacnceMCk7mVZv61K0PDM1vJniLP4yprIVHp9vT6ZX5uz-IOTtZB7njiodr3jl7ywA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNTA4Nzg1LDUwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiamEiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucmV1dGVycy5jb20vYXJ0aWNsZS91cy11c2EtcHJvZHVjdHMtY29sb25pYWwtcGlwZWxpbmUtcmFuc29tL21vcmUtcmFuc29td2FyZS13ZWJzaXRlcy1kaXNhcHBlYXItaW4tYWZ0ZXJtYXRoLW9mLWNvbG9uaWFsLXBpcGVsaW5lLWhhY2staWRVU0tDTjJDWDBLVC8iLG51bGwsW1s4LCJva2xWWk4zaEh3OCJdLFs5LCJqYSJdLFsyMiwidHJ1ZSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODQyNjldLG51bGwsMTRdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

197c418653e53e1a93e54e29b5b9335fc8970c10a297e3441088b54be8017407

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bW3rFLGhuWOxyyVHuH0Qew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-bW3rFLGhuWOxyyVHuH0Qew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDg2Xni1lU1gwp3GNiYljaT8wvjk_LySosyk0pL8orTktNTi1KKy1KJ4IwMjEwMLQ0M9A_P4AgMAkVo_pw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 44ms
42ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame 8954 0
0 35ms
14ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 89
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8b2492d5a8222626-NRT
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:25 GMT
expires: Tue, 13 Aug 2024 04:26:25 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA71 0
0 7ms
6ms Document
text/html 23.32.224.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-224-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=136663
content-encoding: gzip
content-length: 5516
content-type: text/html
date: Tue, 13 Aug 2024 00:26:25 GMT
expires: Wed, 14 Aug 2024 14:24:08 GMT
last-modified: Mon, 05 Aug 2024 09:22:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame EE65 0
0 43ms
4ms Document
text/html 23.195.85.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_b4dda2432a31055ef348c071bcf6d6eb.br.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.85.83 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-85-83.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:25 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 contextual Show response
contextual-analytics.wunderkind.co/api/ 167 B
332 B 252ms
217ms XHR
application/json 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Ftechnology%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&website_id=5431
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: c812d6502bd73930d3d5cdb5244d339a2a70b6303d32b362873d2f973d5b1056

Request headers

Accept: */*
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:25 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167
content-type: application/json

GET
H3 200 creatives-base-styles.a53944a2.min.css
assets.bounceexchange.com/tag/css/ 37 KB
6 KB 6ms
5ms Stylesheet
text/css 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/tag/css/creatives-base-styles.a53944a2.min.css
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:41:51 GMT
content-encoding: gzip
ad-auction-allowed: true
age: 1629874
x-guploader-uploadid: AHxI1nM4U34jlJhbyIwoRw110TFdkZhcocqRjtCx0SKcVioz0rjg-vnuEFzw2I5c8wU337HQqtN0aqwm9g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6053
last-modified: Tue, 13 Dec 2022 17:12:22 GMT
server: UploadServer
etag: "54f61bdcbfb6f81427c8a6803f48b02f"
vary: Accept-Encoding
x-goog-generation: 1670951542233151
x-goog-hash: crc32c=lLRhfg==, md5=VPYb3L+2+BQnyKaAP0iwLw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 6053
accept-ranges: bytes
content-type: text/css

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
99 B 118ms
102ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoANARm8oGYAQmwAyITLAAebSQA4AbAH15AFgCUbAIIAHbaQQB1BACMA0lBoN+Adkb95bdqYASAFTwiaAYTakQAawQ2AHEEAGN-Ag1qZi8ACyQCAFsgum5qW2YWFjYAZRQAMxQkEEt6Gzt5ADJQCBgkBALkBqQcGvAoaApMABNxNG10BFgkUhw4yEhtMBpyzVm6BdoAd1XGBthIZDBGMOSl4sgQMP0l+ABaeBRz7USe2DDIMHO90gJMEBRSG5BtBD9MAhzqhMGB9tR6HQkgQGsCUKDkstikDliY6ghnn0wChdAhiudxOdClskEkUJA4ucCAUXgQ3h8vj8-gCgXEUBECT0AKq5UxeABy1C8nGYplcS3adWgDTBpE2IHekhw3HkzGYks6Mrp8veAE9lTF1bVOmF4JBksBip9jPowDhKNZhNRqPBkIo3mgMD1FOIaNQBPNnUVSIg-Q6ACIamB7Aj+EAIe2Ov19Hph-iB6jcGyyayyPPMeiyFTMACc8n4Klk9DDQr9oFTzoD3Gs1H49GYOarKnoKhLHe8foKwEgac0zdb7c71drzpQBFHrBn1FI2lHfomUxmEPTSyWq2W62GJJ2eySByQRxOqUhtAuVxudweT1p9M+320v3+4iBILBZ4hUIwj+8J-kisKosY6KYuAOJ-PihLEsgZIUlSNKvO8b5Ml+gLnGyHIgNyvICkKIpirujZLigW7+umi4+M6wDaMAo58EuDY0Rm7EDs6SBrhR-pLmEw4sS2bYdrm070dQEBcem5ysVJaBhLxjbpqq3HUP+HF0X6pDCapY6iZOEkaWEKBJIMIBoKCa5Js63CyNQsgltYi4cQ6TrUMAzEGTpzp6SOBnjmJU4RmFS4+e5SbWOGEZVK6qAYNg0DGIkyyIK08SJCk8UZUMyXANsCqYAamTZOqCX5TAejkgUMJJDgYgSJIuXIFV0A9AgoBhAgkC6n8OCdWA-jmtoVSmmA5opEg0BsmAeyYIVF4ID0ODqhgBDQHssDYEgup7J1OAAFIAApVBtW0EDtkB7QdCD8MdJ38udCCbdtu26pg5kJkdOLwi9m0NGgxXKvwAPSggwPvF9KQ4K4sa6gQ4NhFA+rw-4iPg9oBCTV8d3KsW5xqsw3DgxQRyQLAh1tow1QXfSwOU4dWYlow1jI+8RyAtg+OaLkVTQod6oQeiBE4D2-Ck8aRyrcFxldj2fayFUnXdQgYtZrmub5oWxZlhWVZVIMGCgAgywa1UiAAI6wFgPVi+qJzxtgRwpLjFnKkZ4lVvQzbjX4WCQDiIBLRA7w4EHaBg6rxwJj0VQUiASDeoMF66ook0wkMihYigNorTgwaIAnRAEDg5w9uqYIjD1OAQVUVU4AlQA
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
96 B 118ms
103ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdKhMrhKoUwMYD2AW3ohUuGD3QR6yQgFoZIWcFR8AJsh645-dHwB2MEOiUxgEdDD0RZqEHsKD6Avqxt2HA+COvwIAI0IYDjlVGEIQYDMRWUtZEAAzDlQBEFxsWT542R19Q2NgU3NLa2wQHgBrGNUAVQBlAGkAYQA5KkaADQAGeoAVegAyUEhYBEQeGVxBKBFDP0lCTGIAdgAhaioZTgB9XTBIVS3LdbJKKip4o0IpM+WAEUHwaDgkfj5yuECALwhMUgBOABsD2GzzGdlyPCMOHwRBO9HojHgLDYSW4-CEtBEYgk1xoHB42D0fF2AE8nC5rLZ7IIvK5fAEghAQmEIlFUDE9HFEpwUmkMlkcgYjCYzBYrLJShUqnUmq0Ot0+rRgU9Rq93hAtpM+DsRJBMBd0FdlSMXnw3nBNSSzL9gIbjaC1Ravj8qAAWUgADn66OAYwEwEwnW9gl9uB48UwAEZg-6UIQA9GfYgwJFAzHfTJfYRcKhLGAo7JC-1WLoQKpGiB-SAYGB7AA1Khp5yqH5B+mBDgwVSYACs7ujsA7XajSyopB7nQ9Sw9fb7f0n-RbsB4EGHkdI0+nHo9nR7HtdnUBpFdM-tCDX-SuAEdkBA9CuLxI4Hp8DABEzcJWE6Px5Ppz2e0jL0nzvT8CigThAn0TBPzAUhFyeFdMFUfo0hgVADlAUQSS2bMXEeLZQnCOYIG7A0jVwT4+EwWQ+yDBw0CQ+l+keF9ME2VAgA
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 article_view
events.bouncex.net/track.gif/ 42 B
206 B 118ms
103ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgLkmeBeAsgexHApAJgAYRgA7AZ0wFsB3UPImuAI3IjDnIMIBMJzgAB0FxQ3CKW7AAZhxBVgYABbdM07gGFMMTKQjAY3AAoQRMCQ0JLgUANYAyUJFiIAriBiolYMIK4BmAEECADFQmgiAOhxXOXJIqGpQp2h4UI4oJVJtTABzAE9Qqmw4AFoSCmo6HFKmVnZOUr4BYVEQUolSmTkFZVK1UsSdPQNSwVM4c1Iy6zsOngBVAGUAaQ0AOXwNAA1CFYAVUMdwVMQIBVy4Lx8-XCDQ8KiYuISk-BDBdXecSncoTlC52Aly43zgsTgIFBIWekPITTg0mArhgYEidUEdxCPDuABEiAB2Y7OeAIQSuZg8RRXIj4ACMpUIAFZSnSAGz7el3QJMunc-AADkihBFAC1iacEDxOFAQKZILpUPsaJhuMUcNwKpRaPRVCISGBsKDCEIRGIiIbuNYAG6WZqmtpwHFEaQgN6EZSWOoEDRSbhQfLMOFwKDudiFIg-NqZSHcAQQZ2EXTcJauUhUiO+ogSKTZT0gbiCTAcUiQAxSWRwpSYOzcaTaHQ0CS5bjKfhq3TKADkxtmtlUX0IC0iS0iddck1bWqL4H91EEZAjhC0w30hiIJjMFkiEpcCGRymwqAASkJrJOiEtFHJd6TbHB8iqQDxyKhcEyAEIEfAACUCGhWb8fW-IwjAAGSArZv2WICmVxW9EBgMhclcYErjgUhSmWBCECQ8gwGKHhUFpBlmVZDkuSCXl+SFEVCHFQirkIew6jYDgE1QJkABZ-DpexrX4dgOLpAl8H8JlCAFAkBW47iAE5JPsaUBP+YT-Gk6SBQFZkBS4wg5LZfwuJk+wF0uAS4CbIi+PIOAAEcJ1IVSiPwexYAgDCfHOTgwGAKhBFQESxIkqSZKZfA5Lc8xPKECBbShCBFV83J-CUuAVKuHh7DbZ8AH0F3AfJcvw7A0Ny+1mHgIikRgWzsoAL0wVBSm45jfhAf5UDqRxLlLVBXFskAgA
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBD6 0
0 48ms
47ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtiE1IJ6n0lSc0Ha2pV8haIM8V95z_mCoW9ZHkKbK8Pg0gQvWcL7TjQKra3RoMNFwhszPW8fuqH9BD5ET7wvojM9q2Fr6Odfq6_yDifoC6nq1PUvy8yA3NyLUn9AMIGhhZt0B-W5S0TC-_FXXDm2mM70hcPg3gGv6H-D9OF9uvAmfdodW7Nj1jPoB6-j25YtvtLol-i9DONEK8HCOzCeMAKba4G7wESiUpVOMeW_9vzfucWJD9w8Su2cl7pkuvhVUhuTWOykxQsnArlnjfZ6TOCGddD7BbJ7dUCvYDKFdZWR-0C02BXwhrQqQ57OYpeOUloK7rOKMtL6mh-DY636iLX21vlRINDuADYZ7sqVUzAVBQ5sTU3Sh2Bqss5RL_6hYUp7FI2g&sai=AMfl-YTi_auzP7XEuLcOrBLgDBYl0Nvd8PeBDgyHtXG6nFG4_eEZazhRcyvyJBrLGAa62x618iceAcY3heVQ99VfsjnQlBv6ryWNn47p3ran33E3BKxK7pGF68M5rwtOFA&sig=Cg0ArKJSzDPLB7ozTv3TEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ Frame DBD6 298 KB
0 53ms
32ms Script
application/javascript 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd1589f452fb979ca876d514c0560ce0504047e6845b3fb70316104e3cde439

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:23 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 31
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 05 Aug 2024 13:58:20 GMT
server: cloudflare
etag: W/"4a9e8-61ef011dd6fc8"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 8b2492c76bea6872-NRT
expires: Tue, 13 Aug 2024 00:28:23 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DBD6 204 KB
0 4ms
3ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64724
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 01:15:19 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 3CEA 61 KB
15 KB 22ms
13ms Script
application/javascript 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931336&campId=300x250&pubId=4711333878&chanId=22029718962&placementId=6703581563&pubCreative=138471995887&pubOrder=3240396856&cb=1128488074&custom=native&custom2=reuters_desktop_native_1&custom3=111&custom4=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3dc15994f39414331bfc222547ff324b3cc2639cd51c8b7170c87ff7ed73ffed

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

OPTIONS
H3 200 demand-source
d.pub.network/ Frame 0
0 45ms
40ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: https://www.reuters.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via: 1.1 google

OPTIONS
H3 200 demand-source
d.pub.network/ Frame 0
0 44ms
39ms Preflight 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,HEAD,OPTIONS
access-control-allow-origin: https://www.reuters.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=31536000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers Accept-Encoding, User-Agent
via: 1.1 google

POST
H2 200 demand-source Show response
d.pub.network/ 54 B
223 B 49ms
43ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

bf2246b1328a07619d290629df22beeea03b7bef584693d83142752b06975c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel
protected-by.clarium.io/ Frame DBD6 68 B
243 B 119ms
119ms Image
image/png 44.233.229.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMyNDAzOTY4NTY6MzAweDI1MA==&v=5&s=v31i54i20ed&id=eyJkZnAiOnsiYWQiOjQ3MTEzMzM4NzgsImMiOjEzODQ3MTk5NTg4NywibCI6NjcwMzU4MTU2MywibyI6MzI0MDM5Njg1NiwiQSI6Ii80NzM1NzkyL3JldXRlcnMuY29tL3RlY2hub2xvZ3kvYXJ0aWNsZSIsInkiOjAsImNvIjowLCJzIjoicmV1dGVyc19kZXNrdG9wX25hdGl2ZV8xIn19&cb=6876246&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXlOREF6T1RZNE5UWTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozMjQwMzk2ODU2LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
content-type: image/png

POST
H2 200 demand-source Show response
d.pub.network/ 54 B
223 B 50ms
42ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

bf2246b1328a07619d290629df22beeea03b7bef584693d83142752b06975c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 204 collect Show response
analytics.google.com/g/ 0
45 B 48ms
45ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723508782818&gcd=13l3l3l3l2&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1845032605.1723508785&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&sid=1723508784&sct=1&seg=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&_s=2&tfd=5296
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DBD6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 946b8dbff012ea91b7cf50da777050b43eeeda46c096627e75c73dc6418b00ee

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBD6 0
0 47ms
41ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUg7MVIQ1ZcjgJzhtUa3eRtRHz0OHH8WGsl6bEUDphU0c-2e2lnnw2yVYnE8pzvcV8iL5cB7MSwGWGR71R4kvHsf018tIg6KI99dOIxmJ80hi1NnXfkrOcVWLagrBymM8tjUjdI0w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 51ms
50ms XHR
text/html 142.250.196.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUg7MVIQ1ZcjgJzhtUa3eRtRHz0OHH8WGsl6bEUDphU0c-2e2lnnw2yVYnE8pzvcV8iL5cB7MSwGWGR71R4kvHsf018tIg6KI99dOIxmJ80hi1NnXfkrOcVWLagrBymM8tjUjdI0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.196.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s36-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lxYrmWTwySdD3XxZ53tT6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-lxYrmWTwySdD3XxZ53tT6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII1JBicEqfwRoAxO5aF1n9gXhJxEXWA4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIiHY-OFV1vZBF70HupiVnJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBhaGhnoG5vEFBgCk2DSa"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 882.json Show response
id5-sync.com/g/v2/ 632 B
1 KB 249ms
248ms Fetch
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/882.json

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

639f4f2d6cd48d85b08c97edd58b8afbdeb1f90323773e2ab58ee73de81e03d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://www.reuters.com
content-type: application/json
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 main.19.8.527.js Show response
static.adsafeprotected.com/ Frame 3CEA 228 KB
69 KB 116ms
116ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.527.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id: cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2024 12:02:14 GMT
server: AmazonS3
etag: W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: AcniXlSAtOWY3PlyDgwKjuuWxBgNV0T6vUC9WU7_l9QlDYXwknoHUQ==

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 251ms
250ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 040b6fae73b7a785f931a4217f395e83f62d0f744a9cb5f1f099b37b28dbbb6b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ Frame DBD6 514 B
410 B 169ms
168ms Fetch
application/json 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=2611&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f108b0ecd35568abbc437ece258f248576b83539ed4584b69a621936e83f9ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 8b2492d75a866872-NRT
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBD6 0
0 52ms
51ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw405SCkNYtocraWiJlmj0M588B5ssiae1Nv9vOT4qeJnSYHK-3J3RWWlJU9Q7wkme36s6iAHpXSnORnJekbkZgMV7v9WAWvorUpl3-KTOq0VmAEhr8PQ97ITQZcZur95ejaotxsn5nosuMUO553qa9X5iqtr6QtRnrGDMLzqkwRE-avaBMnLC6XdIMePdYThskiDcoj12m7-i4wYSHbQbEOhp2sPv39hN3xW4piG4JmnDh1G5aAXc0JTjJuQ1DkrDAvItlyYMHaHa-KxHQTpxzc-jUOzTxDGtBjYAgDkvkmbBtnm-0NQP59O5xELtXL_C123nH1qZlpogc2F3vnTK83a907OiQjZaWQJYyQD7A6Oy6r1633W00WG9scD_z9cwlgCgGDYp&sai=AMfl-YRkZyEdba3_wr4-1KK1XIr4YDYShmx2bZ5KZ10LC9P6_IEAdjybGsDA2BXCxHVC6Kn3Hr9ZlZ3yWVAc3_4NBJCXYHR3NQ4miSWx6qLIF06X2ZCXxPNbo5-h5sZ9OA&sig=Cg0ArKJSzJ8AVluvAMnbEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D8B 0
0 52ms
52ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuHc4bkRQDjzeY6kvxlCQ8QqEv7yM3qwuteSx_McDR7gui0dHAANvUzviinsNjC4-Hzc-MnUspweoHWhcbAgiSc2snOZbLUPPI6OMAI2rATH6_pN2j_elKNLKCue5AQGPoac5j-_5zI8BqvCDX7lo7mfCEcS2uECP0bw1dSYzkLUaMFVX8aHDW5yg9XEfujzbuaEItzP9GjazO2seAhZDwpeIr6CWnv49Eas48QsAJJnEWp3drfBg59Pfhelt09mIHWJdWIWuiUSbl8GIb2tmGbFYKZNNv4nRXbBXF42SB_8sweYm5yFc01pqj94OuDgLn_ZIOhzB4-nDIJypjQh-tArXmLM5GxDufOXgOrYLrlcOTl8Qe1Tqx33YoSiLD7MpDK2CZHTmOHK-tZUgj1XBVUNpf4dg&sai=AMfl-YRM3elL3e7EnfpaC38w_uRzzf0sIMlesDoFr3nDqrFxshOEGDXDO1iBnxHiZx2ZaUt1EO639HkHSMb-YmPinvM3r0Q6-6sI3V5FSS-01wUKT2PSivYgY0otcW3zvw&sig=Cg0ArKJSzEzlMCRsh4gzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9D8B 157 KB
51 KB 56ms
56ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3578014945201864

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f880063747f464b799a39b1459e41fac5bb310af41c3c1e4c222ac7ace0e40bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52591
x-xss-protection: 0
server: cafe
etag: 10894811961927267918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9D8B 204 KB
0 4ms
3ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64724
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 01:15:19 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame D86A 61 KB
15 KB 13ms
13ms Script
application/javascript 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931336&campId=300x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138420677785&pubOrder=3045656367&cb=139253616&custom=mpu2&custom2=reuters_desktop_right_rail_2&custom3=111&custom4=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 46285a67ebb5f30a2fbf654f3cd75e7a8217613b044226386c7770802ac35b49

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

POST
H3 200 demand-source Show response
d.pub.network/ 54 B
90 B 41ms
40ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

5897a494ebec82bb9c6d4da5418a0adbb90b2ec7c1603a90e6871e090e47e8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel
protected-by.clarium.io/ Frame 9D8B 68 B
243 B 121ms
120ms Image
image/png 44.233.229.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMwNDU2NTYzNjc6MzAweDYwMA==&v=5&s=v31i54i20me&id=eyJkZnAiOnsiYWQiOjE5OTI5NzkyLCJjIjoxMzg0MjA2Nzc3ODUsImwiOjYwODc1NzkwNDgsIm8iOjMwNDU2NTYzNjcsIkEiOiIvNDczNTc5Mi9yZXV0ZXJzLmNvbS90ZWNobm9sb2d5L2FydGljbGUiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfZGVza3RvcF9yaWdodF9yYWlsXzIifX0%3D&cb=6789250&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXdORFUyTlRZek5qYzZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjozMDQ1NjU2MzY3LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
content-type: image/png

POST
H3 200 demand-source Show response
d.pub.network/ 54 B
90 B 43ms
42ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

5897a494ebec82bb9c6d4da5418a0adbb90b2ec7c1603a90e6871e090e47e8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 9D8B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c194ba4327129c4161d6fe122a8de2d49b844284b48f24ecd76862867428c200

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9D8B 0
0 41ms
41ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.19.8.527.js Show response
static.adsafeprotected.com/ Frame D86A 228 KB
0 1ms
1ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.527.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id: cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2024 12:02:14 GMT
server: AmazonS3
etag: W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: AcniXlSAtOWY3PlyDgwKjuuWxBgNV0T6vUC9WU7_l9QlDYXwknoHUQ==

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/ Frame 9D8B 422 KB
142 KB 65ms
64ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

31afb1e1ccfa509c37a96a8d41352179157f7206d9e073d0ac82346e8ac8628d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145416
x-xss-protection: 0
server: cafe
etag: 14873314939097880126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
232 B 171ms
156ms XHR
application/json 2600:1901:0:56e0::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=152237088&GCS2=MTcyLjE3LjAuMiwxMC4yLjk2LjI0MixmZGJmOjFkMzc6YmJlMDo6Mzg6OmYyLGZkYmY6MWQzNzpiYmUwOjozODo6ZjI=&pe=false&wsid=5431&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A5431%2C%22loadID%22%3A%227vLVlvyCc1P4wCb%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A2%2C%22IDStageStart%22%3A2%2C%22netComplete%22%3A188%2C%22obsReqpage%22%3A405%2C%22obsReqview%22%3A477%2C%22obsReqdata%22%3A514%2C%22IDStagePrefire%22%3A514%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A9%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%221378788805840963485%22%2C%22visitid%22%3A%221723508785454908%22%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ea426f6bc022f43b8a59c2f99a81896114c0ef516f9d8033edf4a8491bb76e9

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 1C77 1 KB
0 26ms
26ms Image
image/webp 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 132047
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
content-length: 1164
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8b2492d02bd46872-NRT
expires: Thu, 12 Sep 2024 10:26:24 GMT

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ Frame 1C77 169 B
0 12ms
12ms Stylesheet
text/css 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4772
cf-polished: origSize=199
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 8b2492d01bce6872-NRT
expires: Tue, 13 Aug 2024 04:26:24 GMT

GET
H2 200 smartads.epl
www.dianomi.com/ Frame E147 0
0 199ms
199ms Document
text/html 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=50359&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50359-ZrqoMTvmGqZVMQYZ8b_8XQAAABk0&isWaterfall=true&contextfeedFrameId=2611-152&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8b2492d87d207366-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:26 GMT
expires: now
link: </img/a/pss/4145/2.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ Frame 1C77 77 B
183 B 178ms
177ms Image
image/gif 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.2611.Reuters%20Article&geo_ccod=jp

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 8b2492d87b666872-NRT
content-length: 77
x-xss-protection: 1; mode=block
expires: Mon, 12 Aug 2024 00:26:26 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 42ms
41ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame DB22 91 KB
23 KB 112ms
112ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205535
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6jIt70_6eQhK1PGlqFwBccoUPmZ4nOjZueuLEhNmqYMLsxWbMSaLwg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
197 B 11ms
11ms Image
image/gif 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931336&campId=300x250&pubId=4711333878&chanId=22029718962&placementId=6703581563&pubCreative=138471995887&pubOrder=3240396856&cb=1128488074&custom=native&custom2=reuters_desktop_native_1&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:a7dcc554-ee3d-419d-8d8d-ab357e20e20b,c:lfURnK,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-8dkqs,rg:jp,pt:1-5-15,wc:60.60.1600.1200,ac:526.1423.300.250,am:i,cc:526.1423.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:260,mot:0,app:0,maw:0,tdt:s,fm:ulhNdNh+11%7C1211%7C1311%7C14111%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m*.-%7C1m1%7C1m21%7C1n1,idMap:1m*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:281,oid:ace4902d-590a-11ef-99fb-6a030b44aebf,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 88A3 0
0 50ms
49ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAptnkBc8cWuUCx52KyQl-ikzXon2LTCkliUay4547onEQ9GIb0JCd0DjYL2OFy2D86oQDmcwsgFE5lG7htfa-jl1mFHSfbS9ANVaEbbt1vdyOO32QYNAQZdIBDJT8IwcPAjP_oYSlb3hSe8PG4i4hE02q_1YzP24fQwa1eWy3noRRvEXq-boweomLeh8FTJQ2J0OxokiYyl2QAArIWpLWG3BHfN2hcURwlMHalNNWy6kHJ0lMm6_YegWr89yWPrkTsev2d4UPbDWUznw38A8EX6PS4GydmjeNMwp7v9n52ogo0rniX1wArHIG2dDi17pm3h8rziH_cKOiXsWYG8cJ2OyA4hQhrPeepY0NW1sGNdNjkPWzmW3aR1s8cV-EUYH5nWSBQskxzFfUrWDoGRY1dJ1AR9I&sai=AMfl-YSB6wNDM-7EO3E7Tlavr719A_sdxveZ4fYt2QDJaM-Bz_hYlcFfptx0oSMFFKrsvQ2nzvX0qITvELYov88uuve0TbZTGHEFplKlWx8QA8KjNuDsN_4_maiOA0USgQ&sig=Cg0ArKJSzDDfg4FzlXfrEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 88A3 157 KB
0 56ms
56ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3578014945201864

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f880063747f464b799a39b1459e41fac5bb310af41c3c1e4c222ac7ace0e40bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52591
x-xss-protection: 0
server: cafe
etag: 10894811961927267918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 88A3 204 KB
0 4ms
3ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64724
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 01:15:19 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 7CB5 61 KB
15 KB 10ms
10ms Script
application/javascript 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931336&campId=160x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138402384553&pubOrder=3045656367&cb=563844402&custom=mpu&custom2=reuters_desktop_right_rail_1&custom3=111&custom4=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: bd27c2566f10319ed5784c4c272c7115e6d5b434a24d6c215effa59d0aac19dc

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

POST
H3 200 demand-source Show response
d.pub.network/ 54 B
90 B 43ms
42ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

3eed5ce7cd39675fa2d97cf9deb078ab5453fc2456c26898c6ce537603873da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel
protected-by.clarium.io/ Frame 88A3 68 B
243 B 120ms
120ms Image
image/png 44.233.229.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzMwNDU2NTYzNjc6MTYweDYwMA==&v=5&s=v31i54i20v0&id=eyJkZnAiOnsiYWQiOjE5OTI5NzkyLCJjIjoxMzg0MDIzODQ1NTMsImwiOjYwODc1NzkwNDgsIm8iOjMwNDU2NTYzNjcsIkEiOiIvNDczNTc5Mi9yZXV0ZXJzLmNvbS90ZWNobm9sb2d5L2FydGljbGUiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfZGVza3RvcF9yaWdodF9yYWlsXzEifX0%3D&cb=3616401&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TXdORFUyTlRZek5qYzZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjozMDQ1NjU2MzY3LCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
content-type: image/png

POST
H3 200 demand-source Show response
d.pub.network/ 54 B
90 B 40ms
38ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

3eed5ce7cd39675fa2d97cf9deb078ab5453fc2456c26898c6ce537603873da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 7EF6 91 KB
0 17ms
17ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205535
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6jIt70_6eQhK1PGlqFwBccoUPmZ4nOjZueuLEhNmqYMLsxWbMSaLwg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
197 B 15ms
15ms Image
image/gif 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931336&campId=300x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138420677785&pubOrder=3045656367&cb=139253616&custom=mpu2&custom2=reuters_desktop_right_rail_2&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:3a84b228-75b3-06be-426a-a15ae3dc3ca9,c:lfURpq,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-gn6mg,rg:jp,pt:1-5-15,wc:60.60.1600.1200,ac:1098.1685.300.600,am:i,cc:1098.1685.300.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:254,mot:0,app:0,maw:0,tdt:s,fm:ulhNdPd+11%7C1211%7C1311%7C14111%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n*.-%7C1n1%7C1o1,idMap:1n*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:265,oid:ad02a068-590a-11ef-86d1-e29d03a6e954,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 630ms
174ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=a7dcc554-ee3d-419d-8d8d-ab357e20e20b&tv=%7Bc:lfURpC,pingTime:-2,time:397,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:129,beZ:130,mfA:389,cmA:390,inA:390,inZ:395,prA:395,prZ:404,si:410,poA:411,poZ:428,cmZ:428,mfZ:428,loA:433,loZ:435,ltA:526,ltZ:526,mdA:130,mdZ:365%7D%7D,sca:%7Blts:2024-08-13%2009.26.26,dfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:281%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:398,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:280,wc:60.60.1600.1200,ac:526.1423.300.250,am:i,cc:526.1423.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B135~0%5D,as:%5B135~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNdNh+11%7C1211%7C1311%7C14111%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m*.-%7C1m1%7C1m21%7C1n1,idMap:1m*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:282,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_1,google_ads_iframe_/4735792/reuters.com/technology/article_1__container__,reuters_desktop_native_1,main-content,fusion-app%5D,sinceFw:115,readyFired:true%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt26.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 88A3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7039242d5a3c95ba4e5c5c47d94ef3f1f1ec867199ef44985506b9387fde15a5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/ Frame 88A3 422 KB
0 65ms
64ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

31afb1e1ccfa509c37a96a8d41352179157f7206d9e073d0ac82346e8ac8628d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145416
x-xss-protection: 0
server: cafe
etag: 14873314939097880126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 00:26:25 GMT

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 171ms
155ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520JP&cookieID=&deviceID=&BXWID=5431&warpspeed=2%5EHIykD&loadID=7vLVlvyCc1P4wCb&version=1.5.9
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88A3 0
0 43ms
43ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9D8B 0
0 64ms
64ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGZZXl_B2DOwk2MRhyVQzh4Vt8rehlCmq9OAVl2fNxZ8WHH_3fF-SCBVgP0OtKUNEo4L0tXiOvN6LqDpLBmfoCTDRmDYGbwwVfmh1MUI-qDP6mPDZee_G0gKGkftDMnEhLWhW9vf1unCMfAtwFfB39QwEJCfSg-B31Hg4fCUru5S4nCE9zMwQyNNX91ffW0gkNcDDtBcYHpCuS336vBpjPB5oVvQUt5D6GGVox1b5dJPZYo2gbS0PYyT6ESCPy8wYtIws3w1dKnl9t_URQb5PctQJd-Q202ZMxoHhd2M6CsNyhmZj7mLLiaDZNg02jTrVeBuWAlyWiQP1IOqEjOE3S16ELq3w2SKdhtvNeFFRATk3coIQ2OC_jJAqiEfXLXoY0kC9zjce-W7k&sai=AMfl-YScT7Dz54c6-9sXroAgufBJ507ekDiA5lnVBQsV-KYwB6QfOQj-b1N3tTHXMQf1b96Y_FSfAL-iokJxOZ3lxURZzWGPAjHsrQG6mqCFnP1P_jzOxKQ41koDwnGVSA&sig=Cg0ArKJSzE0-JpVHK4WhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 00:26:26 GMT

GET
H2 200 smartads.epl
www.dianomi.com/ Frame EE49 0
0 304ms
303ms Document
text/html 104.18.31.150
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=50352&cf=545.2611.Reuters%20Article&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&unitId=dianomi-50352-ZrqoMTvmGqZVMQYZ8b_8XQAAABk1&isWaterfall=true&contextfeedFrameId=2611-152&gdpr_consent=null&gdpr=null&canServeAds=true&canCookie=true&partner_tcf_status=2.0&partnerTcfStatus=2.0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.150 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-ray: 8b2492da2eba7366-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 13 Aug 2024 00:26:26 GMT
expires: now
link: </img/a/pss/4385/4.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 731ms
350ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=3a84b228-75b3-06be-426a-a15ae3dc3ca9&tv=%7Bc:lfURqR,pingTime:-2,time:354,type:a,im:%7BpBlk:274,sf:0,pLoad:331,pom:1,prf:%7BbeA:37,beZ:39,mfA:291,cmA:292,inA:292,inZ:293,prA:293,prZ:299,si:302,poA:303,bl:311,poZ:311,cmZ:311,mfZ:311,loA:363,loZ:364,ecZ:374,ltA:390,ltZ:390,mdA:39,mdZ:153%7D%7D,sca:%7Blts:2024-08-13%2009.26.26,dfp:%7Bdf:4,sz:300.600,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:600,t:265%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:265,wc:60.60.1600.1200,ac:1098.1685.300.600,am:i,cc:1098.1685.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNdPd+11%7C1211%7C1311%7C14111%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n*.-%7C1n1%7C1o1,idMap:1n*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:266,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_5,google_ads_iframe_/4735792/reuters.com/technology/article_5__container__,reuters_desktop_right_rail_2,fusion-app%5D,sis:337,sinceFw:87,readyFired:true%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt87.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 main.19.8.527.js Show response
static.adsafeprotected.com/ Frame 7CB5 228 KB
0 1ms
1ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.527.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id: cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2024 12:02:14 GMT
server: AmazonS3
etag: W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: AcniXlSAtOWY3PlyDgwKjuuWxBgNV0T6vUC9WU7_l9QlDYXwknoHUQ==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 88A3 0
0 50ms
48ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1VTlBVrcuo7SgIilPpPb4dGDCjy2QCBgTZmKIsemlXzZabT_6pgUTkg-Y5fxOU4VP46LR_U2roa4QDjXce7mLvFdBtwuLRb3oeiTGdoGQHKQrMfzdbGNJ1XFPd0N8cNCd2XxQ7W7EoW9VvbWl4xCea_1n0JuT81nha4pZzRUpfN17bDHYZsuUcNrahckDe9yu01_pXbWwbg9voA6BosxpF4lzYylFhduC66rmsPG8Y7eMhfcjlZHHV7jlwZZQSRJ3TEHXR2QwX1w9b8J62whyt4IUisbP5ZLKni__BAm4_SPLP8Yvch0LOwKC9in2IYon2_u5fmyXXl2thTM6avq1DePPrlqVtS1OWa8KF0O7MsEhDw6WSEwDqZ64V_1IN_orVkBYgIS8jfY&sai=AMfl-YTr27TnQADwyAesorKxMvGv9_QtvznUWpq-kVttJBMVo0vUn0Coqgfp_18M61wxwmct6pecGvFlPDwO42IEtIJcW6GfUdTCZLRXXyUPrd93NvNjo7yzlH0_cQqOpg&sig=Cg0ArKJSzM4UH3uA3occEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 00:26:26 GMT

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/ Frame 4FB3 0
0 60ms
11ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age: 4082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4141
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Aug 2024 23:18:24 GMT
etag: 3784890935487277381
expires: Mon, 26 Aug 2024 23:18:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A3FF 0
0 144ms
122ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418292&abgtt=6&lmt=1723508786&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=32_18~27_14~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508785954&bpp=2&bdt=115&idt=284&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&nras=1&correlator=8499082086406&frm=23&ife=4&pv=2&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=600&ifk=580892243&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31085990%2C95331690%2C95334529%2C95334829%2C95337870%2C95339225%2C95336267%2C21065725%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3620757290989394&tmod=486028010&uas=0&nvt=1&fsapi=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.ko0ehk487kek&btvi=1&fsb=1&dtd=398

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9D8B 17 KB
13 KB 58ms
57ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

fc3e179cd7e614059d97157a023f16dfe26ae4813d9b70b3e9884f18acaa05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame E0EE 0
0 339ms
328ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=7989338871&adk=3240826221&adf=776189486&pi=t.ma~as.7989338871&w=300&abgtt=6&fwrn=3&lmt=1723508786&format=300x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508785954&bpp=1&bdt=115&idt=320&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&prev_fmts=0x0&nras=1&correlator=8499082086406&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1038&ady=1625&biw=1600&bih=1200&isw=300&ish=600&ifk=580892243&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31085990%2C95331690%2C95334529%2C95334829%2C95337870%2C95339225%2C95336267%2C21065725%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3620757290989394&tmod=486028010&uas=0&nvt=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CEbr%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.8sdndcf92cn&btvi=2&fsb=1&dtd=415

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14925
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame 074C 91 KB
0 17ms
17ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205535
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6jIt70_6eQhK1PGlqFwBccoUPmZ4nOjZueuLEhNmqYMLsxWbMSaLwg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
197 B 15ms
15ms Image
image/gif 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931336&campId=160x600&pubId=19929792&chanId=22029718962&placementId=6087579048&pubCreative=138402384553&pubOrder=3045656367&cb=563844402&custom=mpu&custom2=reuters_desktop_right_rail_1&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:4121853c-1792-3dd5-e83c-3801467eceb0,c:lfURsL,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-cs65w,rg:jp,pt:1-5-15,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:96,mot:0,app:0,maw:0,tdt:s,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1,idMap:1o*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:107,oid:ad2c964d-590a-11ef-90a3-0a7a2c5a4ddf,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7945 0
0 92ms
91ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&adk=1812271804&adf=2751418291&abgtt=6&lmt=1723508786&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x675_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=29~32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aicel=33&aifxl=32_7~27_8~30_19&aiixl=29_5~32_9~27_3~30_6&aslmct=0.7&asamct=0.7&aiict=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508786224&bpp=1&bdt=111&idt=38&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&nras=1&correlator=8499082086406&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=160&ish=600&ifk=1942806251&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95331688%2C95332924%2C95334527%2C95334830%2C95337870%2C95340227%2C95338263%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2504788918286052&tmod=486028010&uas=0&nvt=1&fsapi=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=1.d5etwuc3tggc&fsb=1&dtd=190

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 88A3 17 KB
13 KB 130ms
130ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f12283f26b02dfc94f0b1d907c89e1897ec8885418cf8e099c7594da85e62cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12983
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame BA71 0
0 380ms
379ms Document
text/html 172.217.25.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-3578014945201864&output=html&h=600&slotname=2991599383&adk=1135573665&adf=776189487&pi=t.ma~as.2991599383&w=160&abgtt=6&fwrn=3&lmt=1723508786&format=160x600&url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723508786224&bpp=1&bdt=111&idt=58&shv=r20240807&mjsv=m202408070101&ptt=9&saldr=aa&cookie=ID%3D5b6a06dab5923eda%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA&gpic=UID%3D00000ebde361d111%3AT%3D1723508784%3ART%3D1723508784%3AS%3DALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA&eo_id_str=ID%3D7bcc14be436052d3%3AT%3D1723508784%3ART%3D1723508784%3AS%3DAA-AfjYDAyDaka_sk6WxSwpakHeS&prev_fmts=0x0&nras=1&correlator=8499082086406&frm=23&ife=4&pv=1&nhd=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=393&biw=1600&bih=1200&isw=160&ish=600&ifk=1942806251&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44798934%2C95331688%2C95332924%2C95334527%2C95334830%2C95337870%2C95340227%2C95338263%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2504788918286052&tmod=486028010&uas=0&nvt=1&fc=1664&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=2.gmkzbqswdq2s&fsb=1&dtd=201

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.25.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 15082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF34 0
0 54ms
52ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_G8Owz29GV54IIWx9MFmwrJ0y4NPWchICs0FnCGk3_v6Bk4e3deZzRDrdkZgxQWdwnN4ue-3LLYcaP6OavzKOEcCdHnXVd-mZjZSLKDOMRLkGABB9TK0JUiq8Iy5mw_ms53bAwzQpUTwbsPGVrMacE_gHpcJKD4bNgbNbpNdIusQ6ISQR9Fxa3Fcioz2O7m1kTFZO7LhmM_fluDojXJJBoTykYnhWxT0jZB-ApL-VoqboBeyRPF3OCIiEfvU30g0PRFit02IlZVjXprQx0ThlLBHYUuTGhAfnV1R7FTsRwRCkdKQpbQGmZFzIjNXnAMSltIvjeBxtnQchGXV4rxfxpdhdiv07XI2n6MAIKpEoTx7kLpvS3n8w4gctHK8qheNW5WlGWZ7AC58&sai=AMfl-YTsg4KgdY4LeydptwoyVOCe0hWMJ1ByrEZTm1htqpXdySX50dZ0q0on5zIZf6xtb_80g1yMNTu8h1KZM5eE9ocCophzQpQPtWQZ6rP-sDz1cpeYxQk-T0rwwXjrSg&sig=Cg0ArKJSzMUth6rZCrE8EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240807/r20110914/client/ Frame DF34 3 KB
2 KB 94ms
25ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240807/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 15:21:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Aug 2024 15:21:13 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DF34 204 KB
0 4ms
3ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64724
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=Shift_JIS
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Aug 2024 01:15:19 GMT

GET
H2 200 3506851937932044470
tpc.googlesyndication.com/simgad/ Frame DF34 74 KB
74 KB 94ms
25ms Image
image/jpeg 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3506851937932044470

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d9ee25a442bee6ce509978e6a77c3889c255f7c9b1ca9e4b92883a2cb0b1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 09 Aug 2024 03:53:22 GMT
x-content-type-options: nosniff
age: 333184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75544
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:14:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Aug 2025 03:53:22 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 6D66 61 KB
15 KB 12ms
12ms Script
application/javascript 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931336&campId=970x250&pubId=19970472&chanId=22029718962&placementId=6705308864&pubCreative=138477769157&pubOrder=3536745757&cb=1667708849&custom=leaderboard&custom2=reuters_desktop_leaderboard_atf&custom3=111&custom4=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 9ccbd038ce579b1c4210c87cb28c63700385d7a4ea4887bdb69500be85a4a9d8

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 3506851937932044470
tpc.googlesyndication.com/simgad/ Frame DF34 74 KB
0 73ms
73ms Image
image/jpeg 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3506851937932044470

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d9ee25a442bee6ce509978e6a77c3889c255f7c9b1ca9e4b92883a2cb0b1ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 09 Aug 2024 03:53:22 GMT
x-content-type-options: nosniff
age: 333184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75544
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:14:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Aug 2025 03:53:22 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame DF34 68 B
243 B 120ms
119ms Image
image/png 44.233.229.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_MmhNMFpObmUtOVQxTW9PenliTGdmT0dMcWcwLzM1MzY3NDU3NTc6OTcweDI1MA==&v=5&s=v31i54i219m&id=eyJkZnAiOnsiYWQiOjE5OTcwNDcyLCJjIjoxMzg0Nzc3NjkxNTcsImwiOjY3MDUzMDg4NjQsIm8iOjM1MzY3NDU3NTcsIkEiOiIvNDczNTc5Mi9yZXV0ZXJzLmNvbS90ZWNobm9sb2d5L2FydGljbGUiLCJ5IjowLCJjbyI6MCwicyI6InJldXRlcnNfZGVza3RvcF9sZWFkZXJib2FyZF9hdGYifX0%3D&cb=1349786&h=www.reuters.com&d=eyJ3aCI6Ik1taE5NRnBPYm1VdE9WUXhUVzlQZW5saVRHZG1UMGRNY1djd0x6TTFNelkzTkRVM05UYzZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjozNTM2NzQ1NzU3LCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.233.229.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-233-229-211.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
content-type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 308ms
174ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURuO,pingTime:0,time:234,type:pf,sca:%7Blts:2024-08-13%2009.26.26%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:160,h:600,t:107%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:234,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B137~100%5D,as:%5B137~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D8B 17 KB
7 KB 75ms
53ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 00:26:26 GMT

GET
DATA 200
OK truncated
/ Frame DF34 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53e344e1f38ff3f4d4af525c8d897fe7f3dfad58c368ed63572139927edbf1d6

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF34 0
0 42ms
41ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 58ms
42ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 256ms
173ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURvz,pingTime:-2,time:281,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:128,beZ:129,mfA:223,cmA:224,inA:224,inZ:225,prA:225,prZ:233,si:235,poA:235,poZ:244,cmZ:244,mfZ:244,loA:364,loZ:366,ecZ:372,ltA:408,ltZ:408,mdA:130,mdZ:130%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:160,h:600,t:107%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:281,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B184~100%5D,as:%5B184~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1,idMap:1o*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_4,google_ads_iframe_/4735792/reuters.com/technology/article_4__container__,reuters_desktop_right_rail_1,fusion-app%5D,sis:245,sinceFw:172,readyFired:true%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 88A3 17 KB
0 33ms
32ms Script
text/javascript 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Aug 2024 00:26:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF34 0
0 75ms
75ms Fetch
image/gif 142.250.76.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC6h-yTcqDFYfttS1W9xIsFA4Qag77nv8BPwyjOxRQlrllr9CzbUIk-2rNLYeQLT9kSYxDAWn7pJ7hgFGKg5HIJpqGd5_bnCVn6ed6bDgdzpf50WQD2ls35-eWHkNI6tAWZJEY_aBsJ9jfh4ZXIpkJuUvTii76O44dQkD4_HBp_2rkg2aq1G9VzJRH3CNI8vXqe6Uv5UVuzZyd_cqFPwNLt-snDEJLsGSMcSZ435LNwnr3uXdcbmI3UUsxlQkUeQNMm5mTs0dSb-2f51TILZay-MCWv6JSSmAhT7PjJiQcREAVeUu7SYoh_U5aiObM0VImFG698CeO6uYG0QMCpjwFjFxDQmmjxSLTR99WgL60TCjd2Q625C4cU2QAs24jgVLVplA4QcvXddHn6A&sai=AMfl-YTbV1uW8WQUcbTfMzS3Smx8MLzQtQCKYoDdrXgDQNFAbONnzxceoObR88qm65cI3_T_Jx3rNs7bpUI_oE9RsfbCkJhdKPMySn0FkuwvuwKwiDgmnLqZs-E1nvafVA&sig=Cg0ArKJSzO0h_d0yzDIPEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.130 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix07s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Aug 2024 00:26:26 GMT

GET
H2 200 main.19.8.527.js Show response
static.adsafeprotected.com/ Frame 6D66 228 KB
0 1ms
1ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.527.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:52 GMT
x-amz-version-id: cFdmuRXLAW8vrAULCehOq6nvI6iGGu_G
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205534
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 05 Aug 2024 12:02:14 GMT
server: AmazonS3
etag: W/"7aa0ddd46d5c1aa1eddcaa5bf71210b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: AcniXlSAtOWY3PlyDgwKjuuWxBgNV0T6vUC9WU7_l9QlDYXwknoHUQ==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 202ms
173ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=a7dcc554-ee3d-419d-8d8d-ab357e20e20b&tv=%7Bc:lfURwt,pingTime:-10,time:822,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723508786624%7C%7C8f48b9ce80d0651d161ae14f9bbdad1f%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7Cc44a86ed5038a844f4773f860afcd7e5%7C%7Cdaefa99a4a81b8d21a362807f4327178%7C%7Ce4467537be0c9da602fbcbea1ff32af4%7C%7C793d4483a73429a9a84e55770c1b13bd%7C%7Cf015c608e6a3ec1da9df34cdcf5bcc9d%7C%7C1715618633,env:%7Bar:self.0%7D%7D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.4.js Show response
static.adsafeprotected.com/ Frame C242 91 KB
0 17ms
17ms Script
application/javascript 2600:9000:20c5:6e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.4.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c5:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 10 Aug 2024 15:20:51 GMT
x-amz-version-id: bOtNsqPibVajaDyuqqyqCrhSRcjcC6sa
content-encoding: gzip
via: 1.1 60bf8c31583fc8615410cf45d263fddc.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 205535
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 May 2024 16:44:02 GMT
server: AmazonS3
etag: W/"8fa66f8b94450bd040e7b5a7550c52de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 6jIt70_6eQhK1PGlqFwBccoUPmZ4nOjZueuLEhNmqYMLsxWbMSaLwg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
197 B 14ms
14ms Image
image/gif 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931336&campId=970x250&pubId=19970472&chanId=22029718962&placementId=6705308864&pubCreative=138477769157&pubOrder=3536745757&cb=1667708849&custom=leaderboard&custom2=reuters_desktop_leaderboard_atf&custom3=111&custom4=&adsafe_url=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.reuters.com%2F&adsafe_type=f&adsafe_jsinfo=,id:c087b9a7-25b4-9e85-cecd-94968cd272ef,c:lfURwW,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-bb4fbc89f-q4vf4,rg:jp,pt:1-5-15,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:33,mot:0,app:0,maw:0,tdt:s,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,pl:CV8L.CV8L.CV8L.CV8L.CV8L,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:43,oid:ad6113da-590a-11ef-9e4e-8a23a5986867,v:19.8.527,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ff:1,ov:0
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 344ms
344ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURwW,pingTime:-8,time:43,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:43,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B9~100%5D,as:%5B9~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C600 0
0 70ms
12ms Document
text/html 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 61929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Aug 2024 07:14:17 GMT
expires: Tue, 12 Aug 2025 07:14:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 1DD8 0
0 88ms
43ms Document
text/html 172.217.161.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uXvNXI1cWrfzk1HUCYacRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uXvNXI1cWrfzk1HUCYacRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:26 GMT
expires: Tue, 13 Aug 2024 00:26:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C55 0
0 56ms
56ms Document
text/html 2404:6800:400a:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:80b::2001 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 61929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Aug 2024 07:14:17 GMT
expires: Tue, 12 Aug 2025 07:14:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame ED6E 0
0 78ms
78ms Document
text/html 172.217.161.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uXvNXI1cWrfzk1HUCYacRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uXvNXI1cWrfzk1HUCYacRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Aug 2024 00:26:26 GMT
expires: Tue, 13 Aug 2024 00:26:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 304ms
304ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURxJ,pingTime:0,time:92,type:pf,sca:%7Blts:2024-08-13%2009.26.26%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:92,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B58~100%5D,as:%5B58~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 295ms
295ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURxT,pingTime:-2,time:102,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:108,beZ:110,mfA:141,cmA:142,inA:142,inZ:144,prA:144,prZ:149,si:151,poA:152,poZ:161,cmZ:161,mfZ:161,loA:203,loZ:204,ecZ:208,ltA:210,ltZ:210,mdA:110,mdZ:110%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:102,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~100%5D,as:%5B68~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,siq:43,slid:%5Bgoogle_ads_iframe_/4735792/reuters.com/technology/article_0,google_ads_iframe_/4735792/reuters.com/technology/article_0__container__,reuters_desktop_leaderboard_atf,fusion-app%5D,sis:99,sinceFw:59,readyFired:true%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt40.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 281ms
277ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=3a84b228-75b3-06be-426a-a15ae3dc3ca9&tv=%7Bc:lfURy7,time:804,type:e,im:%7BpWait:94%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:804,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:265,wc:60.60.1600.1200,ac:1098.1685.300.600,am:i,cc:1098.1685.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B549~0%5D,as:%5B549~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNdPd+11%7C1211%7C1311%7C14111%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n*.-%7C1n1%7C1o.-%7C1o1%7C1p.-,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:266,sis:337%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt46.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 266ms
265ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURyl,time:453,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:453,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B356~100%5D,as:%5B356~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1%7C1p.-,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107,sis:245%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 265ms
264ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURyo,time:133,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:133,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B99~100%5D,as:%5B99~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43,sis:99%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 176ms
171ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURAb,pingTime:-10,time:567,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723508786624%7C%7C8f48b9ce80d0651d161ae14f9bbdad1f%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7Cc44a86ed5038a844f4773f860afcd7e5%7C%7Cdaefa99a4a81b8d21a362807f4327178%7C%7Ce4467537be0c9da602fbcbea1ff32af4%7C%7C793d4483a73429a9a84e55770c1b13bd%7C%7Cf015c608e6a3ec1da9df34cdcf5bcc9d%7C%7C1715618633,sca:%7Bspg:a7dcc554-ee3d-419d-8d8d-ab357e20e20b%7D%7D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt65.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 172ms
168ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=3a84b228-75b3-06be-426a-a15ae3dc3ca9&tv=%7Bc:lfURAA,pingTime:-10,time:957,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723508786624%7C%7C8f48b9ce80d0651d161ae14f9bbdad1f%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7Cc44a86ed5038a844f4773f860afcd7e5%7C%7Cdaefa99a4a81b8d21a362807f4327178%7C%7Ce4467537be0c9da602fbcbea1ff32af4%7C%7C793d4483a73429a9a84e55770c1b13bd%7C%7Cf015c608e6a3ec1da9df34cdcf5bcc9d%7C%7C1715618633,sca:%7Bspg:a7dcc554-ee3d-419d-8d8d-ab357e20e20b%7D%7D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:26 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 59ms
45ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:27 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 jsdiagnostic
pixel.adsafeprotected.com/ 43 B
197 B 13ms
12ms Image
image/gif 35.78.24.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/jsdiagnostic?code:pet_profile&anid:931336&sessionId:a8a43d91-a1a9-92e8-f84f-f283aefbb23c&err:responsetime%3A44%26probability%3A10
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.78.24.19 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-78-24-19.ap-northeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
cache-control: no-cache
server: Apache-Coyote/1.1
content-length: 43
content-type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88A3 42 B
65 B 44ms
44ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkPOJsfUDV5sTuI1z97XTjF2neELVVwj6vfiz0fUTfFimGfrz8c0Nm65nLkHrcsfJE30NWlG_mujB4zy-yXQMhRh_GuYtbTOvVG_5edkpc-zXUjMHp5ZgJyKX_bD6Y52KNQIQd4-6bYilc-Y1m3EPSiA0kX-FvmCk&sig=Cg0ArKJSzG2ZsTJ2Q8u6EAE&id=lidar2&mcvt=1000&p=393,1107,993,1267&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1537550921&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1944158600&rst=1723508786113&rpt=194&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 43ms
41ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:27 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
168ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURKY,pingTime:1,time:1236,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:160,h:600,t:107%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1236,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1139~100%5D,as:%5B1139~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:202,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1%7C1p.-,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107,sis:245%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
170ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURKZ,pingTime:1,time:1237,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:160,h:600,t:107%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1237,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1140~100%5D,as:%5B1140~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:202,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1%7C1p.-,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107,sis:245,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
server: nginx
x-server-name: dt49.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 174ms
174ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfURL0,pingTime:1,time:1238,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:160,h:600,t:107%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1238,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1141~100%5D,as:%5B1141~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:202,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1%7C1p.-,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107,sis:245,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
server: nginx
x-server-name: dt39.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 88A3 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 9D8B 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DF34 42 B
65 B 45ms
44ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLdCWiDu6O7Oozj4KykUMscNfSezOeHTd1y_z29rKCz4uNHIE82nRG9NVw5zU7zh8WDXO6Mgvzx4JgevGcUF4Li4jFsVOf-Kvn1c1idOW4Wkj_OnnPv68PzP2CFMKBsc5cMutaxSQABL6eds59Hmj7gNUeHtxIa7A&sig=Cg0ArKJSzEOderZAIDmFEAE&id=lidar2&mcvt=1000&p=12,315,262,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240807&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4221809708&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1944158600&rst=1723508786440&rpt=166&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
168ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURNT,pingTime:1,time:1094,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1094,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1060~100%5D,as:%5B1060~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:292,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43,sis:99%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 171ms
170ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURNU,pingTime:1,time:1095,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1095,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1061~100%5D,as:%5B1061~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:292,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43,sis:99,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 173ms
172ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURNU,pingTime:1,time:1095,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1095,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1062~100%5D,as:%5B1062~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:292,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43,sis:99,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:27 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 43ms
42ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:28 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
158 B 271ms
269ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=9c1ce68f-7551-4e2e-9ddb-f2beacbd91bf
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/a55a84b3-9632-4869-b625-3d8ef43ed18d-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: adfe45c562e0b5f7fac49f1c82a687ba73d0a4f60386ead5c056cfab1e4763e0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 13 Aug 2024 00:26:28 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 169ms
169ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfURVQ,pingTime:-10,time:1587,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi40djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi40dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTU0MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.4v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200222002220222202,asp:1723508786624%7C%7C8f48b9ce80d0651d161ae14f9bbdad1f%7C%7C3d96f8e03a42123e5523adf5c57607ad%7C%7Cc44a86ed5038a844f4773f860afcd7e5%7C%7Cdaefa99a4a81b8d21a362807f4327178%7C%7Ce4467537be0c9da602fbcbea1ff32af4%7C%7C793d4483a73429a9a84e55770c1b13bd%7C%7Cf015c608e6a3ec1da9df34cdcf5bcc9d%7C%7C1715618633,sca:%7Bspg:a7dcc554-ee3d-419d-8d8d-ab357e20e20b%7D%7D
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:28 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 41ms
40ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:28 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

POST
H3 200 demand-source Show response
d.pub.network/ 54 B
91 B 42ms
41ms Fetch
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://d.pub.network/demand-source

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.152.160.34.bc.googleusercontent.com

Software

Resource Hash

590ddd979672874c0de027162db26955851d0f643e9ca72f27a82c9734a0c5dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:29 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 eligible
events.bouncex.net/track.gif/ 42 B
98 B 103ms
101ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/eligible?wklz=IYEw+grgdglgLgZwLwBYDsBSATAYQKwAM2OAbAMwBkAFsApDCEgdbfeAwKZRzwCeYVCACMmFBAHsIAJwDGHJKAQUQAcwBcMBAGVhCGVJhCOUpMvWaAClI4A3GJIQ4ICOOIC2x06rUzgMqhwAKlqm1gA24qA4wG4ADsAwKlAIAGpYohAAjkgAjGIcKh7cYAzIFL5xCUkMuQAcWLUAnGjMwCpccEgAVkpu4iDyzADuHEII8Bw1eChkeXbjPIw5aFhkhLVotdPTjQS1yrYwcjU5ZJubtbUEeLUoBI3kKFsU8e12HEMn+ZkQXMeMlBkYRgHR4HhcMViuRWaz2aF20xI5WBHWAsRgNmM43EUCQcDalAGdjkSBAFDgVBgUnA8SkcH4LnEUjaHDAIE0wCEYQ4jAAZsAwggOOSAF7iJAAWmmBCAA
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:30 GMT
x-envoy-decorator-operation: event-collector.event-collector.svc.cluster.local:80/*
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

OPTIONS
H2 200 magnite
ssp.wknd.ai/ Frame 0
0 179ms
169ms Preflight 34.117.4.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wknd.ai/magnite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.4.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,authorization
access-control-allow-methods: OPTIONS,POST,GET
access-control-allow-origin: https://www.reuters.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 13 Aug 2024 00:26:30 GMT
server: istio-envoy
via: 1.1 google

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
41 KB 13ms
5ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_61b786ae467e37270c1161244ee81e37.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

5e86b02d8388be8e4ca8a1538044129612d460fbb187e1abf5bfc216b19d0196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 00:26:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jul 2024 14:14:53 GMT
server: nginx
etag: W/"668fe8dd-1ff04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Aug 2024 00:26:30 GMT

GET
H3 200 cygnus Show response
as-sec.casalemedia.com/ 53 B
683 B 224ms
204ms XHR
text/javascript 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=7&cb=1723508790655&s=861236&r=%7B%22id%22%3A%221723508790%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221%22%2C%22banner%22%3A%7B%22w%22%3A720%2C%22h%22%3A480%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%2C%7B%22id%22%3A%223%22%2C%22banner%22%3A%7B%22w%22%3A900%2C%22h%22%3A600%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%2C%22domain%22%3A%22www.reuters.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22www.reuters.com%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%2C%22placement%22%3A%5B%22overlay%22%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22ip%22%3A%2231.204.145.167%22%2C%22js%22%3A1%2C%22language%22%3A%22JA%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5431%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225431%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd23f22679540207e39aba80ea3a0178ba5a81995839787246559cd269c9f47a

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3OyXT45658iadFj5RZ5udI1Ch7EgOz62PRFyJmlqccypBjmoZG5aOIHHfb4bGiQyfi4KqkMuFVQ1s%2BYlnvEY4XGabqwv%2BO9uzv%2BnBfegvqZBYvAnTmYM4pvyXOQYBmIgGFXIAiExtB0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b2492f5ba0e34e1-NRT
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 cygnus Show response
as-sec.casalemedia.com/ 40 B
628 B 257ms
238ms XHR
text/javascript 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?v=8.8&cb=1723508790656&s=861236&r=%7B%22id%22%3A%221723508790%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A3%2C%22maxduration%22%3A150%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A5%2C%22plcmt%22%3A3%2C%22playbackmethod%22%3A%5B2%5D%2C%22maxbitrate%22%3A16000%2C%22minbitrate%22%3A40%2C%22skip%22%3A1%2C%22w%22%3A880%2C%22h%22%3A495%7D%2C%22ext%22%3A%7B%22gpid%22%3A%22overlay%22%7D%7D%5D%2C%22site%22%3A%7B%22mobile%22%3A0%2C%22page%22%3A%22https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F%3Fdeployment%3Doverlay%26device%3Ddesktop%26segments%3D%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%2C%22domain%22%3A%22www.reuters.com%22%2C%22privacypolicy%22%3A1%2C%22publisher%22%3A%7B%22domain%22%3A%22www.reuters.com%22%2C%22name%22%3A%22Freestar%20%7C%20Reuters%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22segment%22%3A%5B%5D%2C%22placement%22%3A%5B%22overlay%22%5D%7D%7D%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36%22%2C%22ip%22%3A%2231.204.145.167%22%2C%22js%22%3A1%2C%22language%22%3A%22JA%22%7D%2C%22source%22%3A%7B%22pchain%22%3A%22869cff86d1c453c1%3A5431%22%2C%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22wunderkind.co%22%2C%22sid%22%3A%225431%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%5D%2C%22ext%22%3A%7B%22consent%22%3A%22%22%2C%22consented_providers_settings%22%3A%7B%22consented_providers%22%3A%5B%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&fn=jsonp
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6bb6240ef6faa435a44312fa3fa540cccfb058dec058108c33620d98faa7a2e

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2BCCO6jBSCa7fUMHeHPq4Ixx5IEJwfD43kMrDaeIPiVKjwHNpIVYt0W4T8CN3O3j4AaadIFRCQbb%2Fz%2FOOvMUGppPRZnbRH7NrAFPoyCWkcYmDWA0TQiy6lFEdNG2TYrCwBlp69UQlb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8b2492f5ba1034e1-NRT
alt-svc: h3=":443"; ma=86400
content-length: 40
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
220 B 32ms
6ms XHR
text/plain 207.65.34.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

OPTIONS
H2 200 magnite
ssp.wknd.ai/ Frame 0
0 179ms
170ms Preflight 34.117.4.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wknd.ai/magnite
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.4.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,authorization
access-control-allow-methods: OPTIONS,POST,GET
access-control-allow-origin: https://www.reuters.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 13 Aug 2024 00:26:30 GMT
server: istio-envoy
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 33ms
7ms XHR
text/plain 207.65.34.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 204 magnite Show response
ssp.wknd.ai/ 0
13 B 189ms
182ms XHR
text/plain 34.117.4.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wknd.ai/magnite
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.7.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.4.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.reuters.com
date: Tue, 13 Aug 2024 00:26:30 GMT
via: 1.1 google
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
server: istio-envoy
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST magnite
ssp.wknd.ai/ 0
0

POST
H3 204 collect Show response
analytics.google.com/g/ 0
17 B 51ms
50ms Fetch
text/plain 172.217.25.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-WBSR7WLTGD&gtm=45je4880v9105432122za200&_p=1723508782818&gcs=G1--&gcd=13l3l3l3l6&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1845032605.1723508785&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEI&sid=1723508784&sct=1&seg=1&dl=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&dt=More%20ransomware%20websites%20disappear%20in%20aftermath%20of%20Colonial%20Pipeline%20hack%20%7C%20Reuters&_s=3&tfd=10296
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.25.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s13-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 170ms
169ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=4121853c-1792-3dd5-e83c-3801467eceb0&tv=%7Bc:lfUSNt,pingTime:5,time:5235,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:160,h:600,t:107%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5235,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:107,wc:60.60.1600.1200,ac:1168.453.160.600,am:i,cc:1168.453.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5138~100%5D,as:%5B5138~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:178,fm:ulhNdV6+11%7C1211%7C1311%7C141111%7C141112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o*.-%7C1o1%7C1p.-,idMap:1o*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:107,sis:245%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:31 GMT
server: nginx
x-server-name: dt71.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 168ms
168ms Image
image/gif 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931336&asId=c087b9a7-25b4-9e85-cecd-94968cd272ef&tv=%7Bc:lfUSQo,pingTime:5,time:5093,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:43%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5093,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:42,wc:60.60.1600.1200,ac:375.64.970.250,am:i,cc:375.64.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5059~100%5D,as:%5B5059~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:171,fm:ulhNe0j+11%7C1211%7C1311%7C141111%7C141112%7C14112%7C1511%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k1%7C1k2%7C1k3%7C1k4%7C1k5%7C1k6%7C1k7%7C1k8%7C1k9%7C1ka%7C1kb%7C1kc%7C1kd%7C1ke%7C1kf%7C1kg%7C1kh%7C1ki%7C1kj%7C1l%7C1m1%7C1m21%7C1m3%7C1n1%7C1n2%7C1n3%7C1n4%7C1n5%7C1o1%7C1o2%7C1o3%7C1o4%7C1p*.-%7C1p1,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,siq:43,sis:99%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d24f:51bd:c6ef:9578 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Aug 2024 00:26:31 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 200 c Show response
c.pub.network/v2/ 36 B
53 B 43ms
42ms Fetch
text/plain 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.pub.network/v2/c
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0

Request headers

Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Aug 2024 00:26:32 GMT
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240807&jk=2504788918286052&bg=!zc6lzoHNAAZjy5caQ8s7ADQBe5WfOI1LD_7X6ANqFBaDMheORULpJRKny_jGCapCFz-7-IXi-KFBBfcfwDYnMUigPhHLAgAAAPtSAAAAA2gBB34ANg6JIiqcVj-6KkyPkkYylCqCvQ_p412U9n58J18a-d03T7dObdYCJ_Hs0vUUjeoYuhMnqSzltJkCwzDeuXvxt-ehNVdDBHHDx1IOBC_zik4ZF3JeMqZG2Ge1VF7E4pgXkJN1yaAzmDRjdWLWCreKoJvydWQYT_4aLHiAx9kFBx3ayYBfQIskS1Wtmtk2uMWTw-PkfJjjZw3YtqwROvf8zQu69HqruutvYkqNSnScAW-0F5Be96vjJTLYjsfFL01R5qPSKW8zjw_M6oIx9jjT83vpEm4R8sgVQmunX0JtpDEvabaWARoJ0vLdrsSGXszyLS9vaLvfpoXJZ0yhR3D7DOnzFlN6Zmx9Q7cK2rbcvfL34cAWLo_1nAgn9eFWju-vV8egFP59MkriFAN93XeCQHLavYxkmuTJgNb9_hoMgGCxuuiwBJnXSKSgAi8cV-y4PiCi-LA8z_unAZtXE253C_Q_VxcnGG4XwyP3juarmzOXs6HoIyTDbEHSbUjQJ6YW_RtsOfY-UD-HhSNk-jmS4BXwS1k7iT4ISBpq4KnRNSzy5h0wDzA0ancfU_zk6JDG56Q6QO8SYiRts3dNKEoqI527caViesSiKmmyoJNA0axoPnQ12I6mdbYqMYrkU4LqPl_H-XmXJg4z3UsZOuh-AmjD-m5POj4QaEryHES_AYLH_k6qx8dIDmeRiTGUz6Xmo-FSiWhdaiES18xVh0DKy1M3VMhHxw0O8DlhqpiAqA0tRl0xHO_47bgMEM7rjHhtOQqKtYxfr1RhneNR-5ZrtdD4-w7y8rzTGNuSp6mzXSIi3pn8HkVgTjE8QnxMG--xcspQSKS2Pirrkucryc_UBHd2utEhzXdczE3yn9CmtPD5hj98LNLzTkfkj1rdKXycw_XdzRWDE360u85-VbnUkkJ4a_JhYOsJIoyMCWErIXaYNoqhYyki84s0HsWHk61c8h93Vtpmt7DbF1AlmDfro85Tpb9z7Vf-4AHuYDDb-JM-UcbA3Od0csP4azyT

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240807&jk=3620757290989394&bg=!BwSlBEvNAAZjy5caQ8s7ADQBe5WfOHZuhQ04xzu1NT5u7GjruYFaxyFMDDKxgXY8Lc5Sr7_wgzeAJWEj1sURpfIno5ATAgAAAOhSAAAABWgBB34ANp0TXZK9dhxcJQBisWESKYK6UwAtzQj8_SVg46EOFHiGELqpeYGnwTvxFBrvFLTAa8yYXov6WpkCv8PROveCM8hBNticbVk36HZgJCQNpZXGu0r1rDmIqPNDU7f9tC0_ZRTqB7oimS3nnUA8lIcFGVO-1XUTJxLnMzbpEWi07W0Oe3J1unlF83AUoTRMSY4-o5_un67pCCvdHhQdfBBZ_PxLgg_TiJhfq9tEDGe04LXzGe53M3CIXOCjrabJa-JomV7ThTnxsem0O8GXB6EQw6ig2a7WTBmNLz8PdjW1SH12qTXhrtSv9RMdJGIJ47VkYOpPNVh2OoNS89S_sn2kov54M-zdHP82HCbIsepoJWPJax0ehAoWG135JiJPOZVuZCDUeHS59FiYNsNosyyDF2scXEV6v7qwGlHmtlFH8XUXGnvGCa_f3z7nAdiBd4z3fJVBkqUgYNSSJIwMBotMC5eWkrCAVcZx6fOxwIUN3UDiR_aO5RMdI70OOxAYeQ3yssBPUmyubunlRBACrGtpJwaeTH962AXGPfAGI0unXYh0jcuVjMpRPyZHaUCqVxo5sOn_NmAuTmz3OfH6hy48D_S8v97Jpw0AgT77MEAKv-EwHHqLEpZzlCH-Xv57sfX_IeQOusrvMP8I8CBOU09ySi8u2hDiS-ToR8HdJjgFQUZgWAK01gwv-5g_QB3JMA2AMgbiR4CAPatL_JerHNfUz-clwbHFZ1qnAQ0rlQQzb89eEiFSWwv-L5jkSm9JKmbaZVvhwpontzpy-K0Kqe9j8K8QC8nrSgSxsWZPgaQryf3KwRiEnKmNXlIZoxC-b2CbcY93Lj6tl26qbPWTyilElMjfMNpYZFbzrzmAxSxSZJ9PoU1OvGDooIFAeJwz-0nZ1BrMWNdFS-ixwxtTf06PVm_ogSWZus6CAlBujaPqUwPpXINzRh5x57_a_S9AbljwAXOLvAtXDinEW-q89VZ-8P66IYMRzcCRMUKIuTGVe9VxliS6MBEnZGE

Domain: ssp.wknd.ai
URL: https://ssp.wknd.ai/magnite

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

179 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reuters.com/article/us-usa-products-colonial-pipeline-ransom/more-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT	1970-01-21 08:21:08	Name: _ga_WBSR7WLTGD Value: GS1.1.1723508784.1.1.1723508786.58.0.0
.liadm.com/j	1970-01-21 08:21:08	Name: lidid Value: e7611fc4-ae34-4b52-afc5-38c1a9124571
i.liadm.com/s	1970-01-20 23:28:20	Name: _li_ss Value: CjMKBQgKENAYCgUIBhDQGAoFCAwQ2hgKBgiiARDQGAoFCAsQ0BgKBgiLARDQGAoFCH4Q0Bg
.reuters.com/	1970-01-20 22:55:13	Name: RT Value: "z=1&dm=reuters.com&si=9ecvodyvlqf&ss=lzromnzr&sl=0&tt=0"
www.reuters.com/	1970-01-21 07:30:44	Name: usprivacy Value: 1---
.reuters.com/	1970-01-20 22:55:13	Name: cleared-onetrust-cookies Value: Thu, 17 Feb 2022 19:17:07 GMT
.pub.network/	1970-01-21 08:21:08	Name: _fsuid Value: 827e2a03-7df6-4ffb-8a4b-f4a62d4753ec
www.reuters.com/	1969-12-31 23:59:59	Name: reuters-geo Value: {"country":"-", "region":"-"}
.reuters.com/	1970-01-21 07:30:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Aug+13+2024+09%3A26%3A23+GMT%2B0900+(%E6%97%A5%E6%9C%AC%E6%A8%99%E6%BA%96%E6%99%82)&version=202407.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=3df0d246-0669-4e41-8966-f97b831b1500&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.reuters.com%2Farticle%2Fus-usa-products-colonial-pipeline-ransom%2Fmore-ransomware-websites-disappear-in-aftermath-of-colonial-pipeline-hack-idUSKCN2CX0KT%2F&groups=1%3A1%2C3%3A1%2CSSPD_BG%3A1%2C4%3A1%2C2%3A1
.t.co/	1970-01-21 08:21:08	Name: muc_ads Value: 7b0bd9f2-d448-4884-8e35-278237d735d3
.reuters.com/	1970-01-21 00:54:44	Name: _fbp Value: fb.1.1723508783749.169453839658229990
.twitter.com/	1970-01-21 08:21:08	Name: personalization_id Value: "v1_yeQQ3UVcPSS3U3/9VxGSCg=="
.reuters.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .reuters.com
.reuters.com/	1970-01-21 08:21:08	Name: _lc2_fpi Value: f511229f0ef8--01j54j1yms7qykjf1pxq62gjjt
.reuters.com/	1970-01-21 08:21:08	Name: _lc2_fpi_meta Value: {%22w%22:1723508783769}
.reuters.com/	1970-01-21 07:30:44	Name: datadome Value: U2x0gU88LB_M4e_DNf3r4_liCodFpYbEYFfpww70F3VGEB7~rS8hdRAjke6i4UrPQO4AAF4_x3tQkcPfgiYwcJyKzdu5CJ2PVf3M9K33Z166apw5QijvdLvvjrRX9WZv
.reuters.com/	1970-01-21 00:54:44	Name: _gcl_au Value: 1.1.883357341.1723508784
.eloqua.com/	1970-01-21 08:15:23	Name: ELOQUA Value: GUID=D50CEB397E5D4EB492F99B1849A46F91
.eloqua.com/	1970-01-21 08:15:23	Name: ELQSTATUS Value: OK
.doubleclick.net/	1970-01-20 23:28:20	Name: ar_debug Value: 1
.reuters.com/	1970-01-21 08:13:56	Name: _awl Value: 2.1723508783.5-9f2368870bc8339f335df9e227f2e04e-6763652d617369612d6561737431-0
.reuters.com/	1970-01-20 23:25:27	Name: cookie Value: 0970e784-01d2-4460-8118-c7b86a488a0b
.reuters.com/	1970-01-20 23:25:27	Name: cookie_cst Value: zix7LPQsHA%3D%3D
www.reuters.com/	1970-01-20 22:45:12	Name: _lr_retry_request Value: true
www.reuters.com/	1970-01-20 23:28:20	Name: _lr_env_src_ats Value: false
.adsrvr.org/	1970-01-21 07:30:44	Name: TDID Value: fa8e486f-3886-4605-8a81-f3110e75ccec
.doubleclick.net/	1970-01-21 08:21:08	Name: IDE Value: AHWqTUmjEBjai9k3yEuk6h0MQYx6ZXgIC0jELQqLdJYWrO2Uz4z5i09Gf8gJypU4_OA
.doubleclick.net/	1970-01-21 03:04:20	Name: receive-cookie-deprecation Value: 1
.33across.com/	1970-01-21 07:30:44	Name: check Value: true
.reuters.com/	1970-01-21 07:30:44	Name: ajs_anonymous_id Value: 14e82af4-f7fa-4ba4-a2a1-6ff98a59df30
.reuters.com/	1970-01-21 08:07:17	Name: cto_bundle Value: xT2E8l9LQ3BqMjY2U09ybXhVUUt0Wkt6bXM2a0FCUXE1MXZXZmFxQlJ5Z2FKVkpGWFdKUlY3WWRFMXRMNjZyRDh0U3F6Mm51YVJVWWQlMkZiUkRHRVB3OGNsUkRldjlxakJJWU1mTGlVNUI1Tm10OWNEaGFwOWZ5aiUyRmFJQlFWMlFpb0F1eUo
.reuters.com/	1970-01-21 08:07:17	Name: cto_bidid Value: yQj-NV9GNHdnNG9aekoySWdSWFY5M3d4cHYzV3VwdVg2UUdjS3dTUExTTFNxcXJzNkRrNUZsZlVnJTJCeDY0NTh6M2NRSnljeUpqYnlwUHFvTlUyNU5HZ25IRzNRJTNEJTNE
.reuters.com/	1970-01-21 08:21:08	Name: _ga Value: GA1.2.1845032605.1723508785
.reuters.com/	1970-01-20 22:46:35	Name: _gid Value: GA1.2.1036806478.1723508785
.reuters.com/	1970-01-21 03:10:06	Name: permutive-id Value: 58b26fa4-e020-4cfd-ab98-7c13f1053f52
.scorecardresearch.com/	1970-01-21 08:06:44	Name: UID Value: 1C2bd5c0a356bb45f3cc6cb1723508784
.scorecardresearch.com/	1970-01-21 08:06:44	Name: XID Value: 1C2bd5c0a356bb45f3cc6cb1723508784
.yahoo.com/	1970-01-21 07:31:06	Name: A3 Value: d=AQABBDCoumYCEK7SvOXOJ-eMBUGm_ri4UssFEgEBAQH5u2bEZmChyyMA_eMAAA&S=AQAAAhZe6_pCyNFuyNlVbiCYTqc
.reuters.com/	1970-01-21 08:06:44	Name: __gads Value: ID=5b6a06dab5923eda:T=1723508784:RT=1723508784:S=ALNI_MazLIFn4ZIlxNywVLcWCk9zOQTMBA
.reuters.com/	1970-01-21 08:06:44	Name: __gpi Value: UID=00000ebde361d111:T=1723508784:RT=1723508784:S=ALNI_Mb1dc6q6zItBPJiq8RP3WSrH7DYWA
.reuters.com/	1970-01-21 03:04:20	Name: __eoi Value: ID=7bcc14be436052d3:T=1723508784:RT=1723508784:S=AA-AfjYDAyDaka_sk6WxSwpakHeS
.liadm.com/	1970-01-21 08:21:08	Name: lidid Value: 5c414e34-a947-4600-951f-b0ae0d3508f7
.adnxs.com/	1970-01-21 08:21:08	Name: receive-cookie-deprecation Value: 1
.a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co/	1970-01-21 00:57:37	Name: pxid Value: 4dba7a69-6585-4fc0-ac55-9e3751ac972b
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.reuters.com/	1970-01-21 07:30:44	Name: _au_1d Value: AU1D-0100-001723508785-5G44DTF4-D7HH
.tapad.com/	1970-01-21 00:11:32	Name: TapAd_TS Value: 1723508784971
.tapad.com/	1970-01-21 00:11:32	Name: TapAd_DID Value: fc315c29-2f77-4417-802c-45cb2f126061
.pubmatic.com/	1970-01-21 07:30:44	Name: KADUSERCOOKIE Value: E4D6B1E5-ED43-4A25-AB21-B9D7EC940AC8
.adnxs.com/	1970-01-21 00:54:44	Name: XANDR_PANID Value: 6wrYzRQBqYSUkoX1eVyExVoXKTmvn_-QXK6YObIBhT3UNMpbI7wTX8Ewy2-eTPiuIw385cTeuPqR6BQPcwv7GxigYfjHEvcunu_85TPJ1Mc.
.adnxs.com/	1970-01-21 00:54:44	Name: uuid2 Value: 7215925250408129285
.reuters.com/	1970-01-20 22:45:08	Name: _gat Value: 1
.tapad.com/	1970-01-21 00:11:32	Name: TapAd_3WAY_SYNCS Value: 1!5424
.demdex.net/	1970-01-21 03:04:20	Name: demdex Value: 68391133770279347971934597068881128318
.doubleclick.net/	1970-01-21 03:04:20	Name: APC Value: AfxxVi5AE9fXImCikr2rtyGzSFvDclGdH_DqquL3PxiAnR1x84l6_A
.dpm.demdex.net/	1970-01-21 03:04:20	Name: dpm Value: 68391133770279347971934597068881128318
.rubiconproject.com/	1970-01-21 07:30:44	Name: khaos Value: LZROMPU2-25-D4TX
.rubiconproject.com/	1970-01-21 07:30:44	Name: khaos_p Value: LZROMPU2-25-D4TX
.quantserve.com/	1970-01-21 08:15:23	Name: mc Value: 66baa831-4b881-694aa-67485
.reuters.com/	1970-01-21 08:09:37	Name: __qca Value: P0-1177105574-1723508784871
.dianomi.com/	1970-01-21 03:04:20	Name: session2 Value: B=&BUID=&L=1&N=1&NT=&R=&RUID=
.ad.gt/	1970-01-21 07:30:44	Name: au_id Value: AU1D-0100-001723508785-5G44DTF4-D7HH
.dianomi.com/	1970-01-21 03:04:20	Name: session Value: c2028dbeaa28629c6748464c05466568
.bounceexchange.com/	1970-01-20 22:45:10	Name: bounceClientVisit5431c Value: %7B%22vid%22%3A1723508785454908%2C%22did%22%3A%221378788805840963485%22%7D
.reuters.com/	1970-01-20 22:45:10	Name: bounceClientVisit5431v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0ATgKYCuCVFKZAxgPYC2RAhhQgJbMwVIjRQBaUVzEQKrACY1mCcWzCsAdny5hpfCFTB91VMRS7qUHIu1bVT5y+2I8TxKgCMUfeuLl8UXBD6PGJGYlwAZvQU7FwIcGKsEWKqGlo6EHoGRiZwXMwA1qFyAKoAygDSAMIAcrhVABoADBUAKkQgADQgFDAgXSD+APoA5qxDKFQoXhowEdqT3cMjEBNTM+pzC1QAvkA
.pubmatic.com/	1970-01-21 00:54:44	Name: DPSync4 Value: 1724716800%3A201_245_226%7C1723593600%3A248
.contextweb.com/	1970-01-21 07:23:32	Name: V Value: GiwERFnzLYe0
.contextweb.com/	1970-01-21 07:23:32	Name: VP Value: part_GiwERFnzLYe0
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 3602a25bc796d289
.uncn.jp/	1970-01-21 07:30:44	Name: t Value: v_a6e9ab22-b34c-4763-b310-712304640958
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_1201 Value: 23170-v_a6e9ab22-b34c-4763-b310-712304640958&KRTB&23180-v_a6e9ab22-b34c-4763-b310-712304640958&KRTB&23547-v_a6e9ab22-b34c-4763-b310-712304640958
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_377 Value: 6810-fa8e486f-3886-4605-8a81-f3110e75ccec&KRTB&22918-fa8e486f-3886-4605-8a81-f3110e75ccec&KRTB&22926-fa8e486f-3886-4605-8a81-f3110e75ccec&KRTB&23031-fa8e486f-3886-4605-8a81-f3110e75ccec
.ladsp.com/	1970-01-20 22:45:12	Name: cr Value: 1
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_80 Value: 22987-CAESEJs7t4NEPuWO4qexycEjVPE&KRTB&23025-CAESEJs7t4NEPuWO4qexycEjVPE&KRTB&23386-CAESEJs7t4NEPuWO4qexycEjVPE
.ladsp.com/	1970-01-21 08:21:08	Name: smn_uid Value: NSZia-_9RSl9FOBzO-2SSyDORltRZbo
.ladsp.com/	1970-01-21 08:21:08	Name: lum Value: CNSEhMmUMhIFCAoQ4BI
.socdm.com/	1970-01-21 08:21:08	Name: SOSYNC Value: anNvbjp7InB1Ym1hdGljIjoxNzIzNTA4Nzg1fQ
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_629 Value: 11487-AZMxYECsCQM3ks8AIM5GW1Flus8AAAGRSSECVA
.ctnsnet.com/	1970-01-21 07:30:44	Name: cid_7712285abb7841498e45f29cf392bbf4 Value: 1
.ctnsnet.com/	1970-01-21 07:30:44	Name: cid_ac2c5560ca7c4fa0b40839c420a1fc43 Value: 1
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_656 Value: 12671-ZrqoMcCo8HkAAP00VI8AAAAA&KRTB&23509-ZrqoMcCo8HkAAP00VI8AAAAA&KRTB&23514-ZrqoMcCo8HkAAP00VI8AAAAA&KRTB&23568-ZrqoMcCo8HkAAP00VI8AAAAA
.reuters.com/	1970-01-21 07:30:44	Name: FCNEC Value: %5B%5B%22AKsRol-Okx5mUNn5XLgtRPvCpiUfirEqBQrBP9gBVkSxlpFnid5tJvAlEz5tX6o_sgFOESyodnpfD3yucQvpkp52EWuUXCpec2Dl2Kb6Zbk08XSl7jF0MvPXeUzp-dtMzsd-CzjzEl4AIWdimW32YtE7CYJnajDqlA%3D%3D%22%5D%5D
.semasio.net/	1970-01-21 07:30:44	Name: SEUNCY Value: CF7AB04790B082B6
.ad-m.asia/	1970-01-21 08:21:08	Name: uid Value: H3K3d1zsLO
.pubmatic.com/	1970-01-20 23:05:18	Name: KRTBCOOKIE_1159 Value: 23138-ac2c5560ca7c4fa0b40839c420a1fc43&KRTB&23328-ac2c5560ca7c4fa0b40839c420a1fc43&KRTB&23427-ac2c5560ca7c4fa0b40839c420a1fc43&KRTB&23445-ac2c5560ca7c4fa0b40839c420a1fc43
.quantserve.com/	1970-01-21 00:54:44	Name: sp Value: CggIiQ0SAxCVDQ==
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_153 Value: 19420-tYaGMeKI12GuhIZou4HJZrqEhTGuhtNku4XgPGqv&KRTB&22979-tYaGMeKI12GuhIZou4HJZrqEhTGuhtNku4XgPGqv&KRTB&23462-tYaGMeKI12GuhIZou4HJZrqEhTGuhtNku4XgPGqv
.admatrix.jp/	1970-01-21 08:21:08	Name: uid Value: c5ee8265-2d99-4b6c-93b2-471869d44c05
.simpli.fi/	1970-01-21 07:32:11	Name: suid Value: EEA29E9C2B38426EBA7E0F2BAB20D3EF
.pippio.com/	1970-01-21 07:30:44	Name: didts Value: 1723508785
.pippio.com/	1970-01-21 00:11:32	Name: nnls Value:
.pippio.com/	1970-01-21 00:11:32	Name: pxrc Value: CAA=
.reuters.com/	1970-01-20 23:28:20	Name: _li_ss Value: CjMKBQgKENAYCgUIBhDQGAoFCAwQ2hgKBgiiARDQGAoFCAsQ0BgKBgiLARDQGAoFCH4Q0Bg
.reuters.com/	1970-01-20 23:28:20	Name: _li_ss_meta Value: {%22w%22:1723508785916%2C%22e%22:1726100785916}
.crwdcntrl.net/	1970-01-21 05:13:55	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 05:13:55	Name: _cc_id Value: bd6365b5b257034ffccb9d2ebf0e312
.turn.com/	1970-01-21 03:04:20	Name: uid Value: 8120671397078667437
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_22 Value: 14911-8120671397078667437&KRTB&23150-8120671397078667437&KRTB&23527-8120671397078667437
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_904 Value: 23554-6PJQcT7sAVmiYHWUMai6Zg&KRTB&23557-6PJQcT7sAVmiYHWUMai6Zg&KRTB&23586-6PJQcT7sAVmiYHWUMai6Zg
.analytics.yahoo.com/	1970-01-21 07:30:44	Name: IDSYNC Value: 18z8~2k3c
.addthis.com/	1970-01-21 08:15:23	Name: na_id Value: 2024081324262594200891869647
.addthis.com/	1970-01-21 08:15:23	Name: na_tc Value: Y
.addthis.com/	1970-01-21 08:15:23	Name: uid Value: 66baa8316ae419a6
.addthis.com/	1970-01-21 08:15:23	Name: ouid Value: 66baa8310001e5f842cdfac276d08b8c96617a60ec665946627e
.pippio.com/	1970-01-21 07:30:44	Name: did Value: W2KNsOKgSf5f4HXp
.bidswitch.net/	1970-01-21 07:30:44	Name: c Value: 1723508786
.bidswitch.net/	1970-01-21 07:30:44	Name: tuuid_lu Value: 1723508786
.bidswitch.net/	1970-01-21 07:30:44	Name: tuuid Value: 15a5e11d-50a4-42cf-9688-8fc91e9be170
.w55c.net/	1970-01-21 08:15:23	Name: wfivefivec Value: Xci6Q6tB1SDFmO5
.id5-sync.com/	1970-01-21 00:54:44	Name: id5 Value: 89c5a0d1-2ee5-70fc-86f2-7cc1de42942e#1723508784821#2
.adform.net/	1970-01-20 23:29:47	Name: C Value: 1
.dlx.addthis.com/	1970-01-20 23:28:20	Name: na_sc_x Value: 1
.w55c.net/	1970-01-20 23:28:20	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_107 Value: 1471-uid:Xci6Q6tB1SDFmO5&KRTB&23421-uid:Xci6Q6tB1SDFmO5
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_391 Value: 22924-1171214370128562878&KRTB&23231-1171214370128562878&KRTB&23263-1171214370128562878&KRTB&23481-1171214370128562878
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_27 Value: 16735-uid:7e0566ba-a832-4900-b08a-6fca6d859dea
.dotomi.com/	1970-01-20 22:45:08	Name: DotomiTest Value: 30d867ad2b6d1fd8
.admixer.net/	1970-01-21 00:54:44	Name: am-uid Value: 810f7645f9a2484ca7beffb0b4310f9b
.rezync.com/	1970-01-21 08:06:44	Name: zync-uuid Value: cf914e22-65a1-40ee-8ade-8e4356df2125:1723508786.1933794
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_32 Value: 11175-AQAKlNQvY1WWkQJjkwydAQEBAQEBAQCQSCAFPwEBAJBIIAU_&KRTB&22715-AQAKlNQvY1WWkQJjkwydAQEBAQEBAQCQSCAFPwEBAJBIIAU_&KRTB&23519-AQAKlNQvY1WWkQJjkwydAQEBAQEBAQCQSCAFPwEBAJBIIAU_
.mathtag.com/	1970-01-21 08:11:03	Name: uuid Value: afbd66ba-a832-4400-91d1-0cb9ccdb811e
sync.srv.stackadapt.com/	1970-01-21 07:30:44	Name: sa-user-id Value: s%3A0-e63d1ffa-2d66-5cbb-7de0-fedff7c75e06.aeMB9WVNZJaugg0Xey73bll85uOvOongfZa7Q3wQRo0
.srv.stackadapt.com/	1970-01-21 07:30:44	Name: sa-user-id Value: s%3A0-e63d1ffa-2d66-5cbb-7de0-fedff7c75e06.aeMB9WVNZJaugg0Xey73bll85uOvOongfZa7Q3wQRo0
sync.srv.stackadapt.com/	1970-01-21 07:30:44	Name: sa-user-id-v2 Value: s%3A5j0f-i1mXLt94P7f98deBh_Mkac.sx0%2FCIOOjnPfB6RdkLygXbHyvXiTm3fyhMrMsXxK7D8
.srv.stackadapt.com/	1970-01-21 07:30:44	Name: sa-user-id-v2 Value: s%3A5j0f-i1mXLt94P7f98deBh_Mkac.sx0%2FCIOOjnPfB6RdkLygXbHyvXiTm3fyhMrMsXxK7D8
sync.srv.stackadapt.com/	1970-01-21 07:30:44	Name: sa-user-id-v3 Value: s%3AAQAKIL8C1RMZStzVfkGKTl87vkx3AP868Yef8RmwzzMedP36EGcYBCCy0Oq1BjABOgTwU00QQgQHnhDE.zxeAAvp5i16TBDppLFn7K%2FkABa6l2HfdNaKZp5aYMWw
.srv.stackadapt.com/	1970-01-21 07:30:44	Name: sa-user-id-v3 Value: s%3AAQAKIL8C1RMZStzVfkGKTl87vkx3AP868Yef8RmwzzMedP36EGcYBCCy0Oq1BjABOgTwU00QQgQHnhDE.zxeAAvp5i16TBDppLFn7K%2FkABa6l2HfdNaKZp5aYMWw
.adx.opera.com/	1970-01-21 07:30:44	Name: UID Value: OPU03d4fa48811f43b3bc862ffa5b98d483
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_860 Value: 16335-5j0f-i1mXLt94P7f98deBh_Mkac&KRTB&23334-5j0f-i1mXLt94P7f98deBh_Mkac&KRTB&23417-5j0f-i1mXLt94P7f98deBh_Mkac&KRTB&23426-5j0f-i1mXLt94P7f98deBh_Mkac
.pubmatic.com/	1970-01-20 23:05:18	Name: KRTBCOOKIE_1323 Value: 23480-OPU03d4fa48811f43b3bc862ffa5b98d483&KRTB&23485-OPU03d4fa48811f43b3bc862ffa5b98d483&KRTB&23524-OPU03d4fa48811f43b3bc862ffa5b98d483&KRTB&23575-OPU03d4fa48811f43b3bc862ffa5b98d483
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_18 Value: 22947-2018527448714712242
.creativecdn.com/	1970-01-21 07:30:44	Name: g Value: 3wgBW3yxj9IAv7geKYAI_1723508786301
.creativecdn.com/	1970-01-21 07:30:44	Name: ts Value: 1723508786
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_w3EyxGAIAwFwIvtxOHlH7thIBRi5bqHfa9Yp6DNTG4TpKObcu6_VjHfh8H2IFhsZKTfKJEo_QAiPaJnOgAAAA
.rfihub.com/	1970-01-21 08:06:44	Name: rud Value: H4sIAAAAAAAA_-MSNjIwtDSwNDC2tDQyNLKwNDE0NhfiM9QNLDdOdQwxNEo2jHICAHZxhNIlAAAA
.rfihub.com/	1970-01-21 08:06:44	Name: eud Value: H4sIAAAAAAAA_5skbJ6cZmlokmpkpGtmmmioa2KQmqprkZgCJFJNjE3NUtKMDI1MrQzNjYxNDSzMLcz0DC2Njc0tTWYJ8yIETQwtFqHyLQEjPIP3WgAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjIwtDSwNDC2tDQyNLKwNDE0NhfiM9QNLDdOdQwxNEo2jHICAHZxhNIlAAAA
.adsrvr.org/	1970-01-21 07:30:44	Name: TDCPM Value: CAESFAoFdGFwYWQSCwis0o6Qk86dPRAFEhcKCHB1Ym1hdGljEgsI4OrUlZPOnT0QBRIZCgpsaXZlaW50ZW50EgsItKXnl5POnT0QBRIWCgdydWJpY29uEgsInKDinZPOnT0QBRgBIAIoAjILCJKc6sSpzp09EAU4AVoKbGl2ZWludGVudGAC
.ymmobi.com/	1970-01-21 07:23:32	Name: ym_user_cookie Value: ym_user_6dc7e190-b0e4-4fad-b3bc-3596fb9c8373
.pubmatic.com/	1970-01-21 00:54:44	Name: KRTBCOOKIE_466 Value: 16530-15a5e11d-50a4-42cf-9688-8fc91e9be170
.bidr.io/	1970-01-21 08:13:42	Name: bito Value: AAacWE7NdVAAABTKmnlh8g
.bidr.io/	1970-01-21 08:13:42	Name: bitoIsSecure Value: ok
.csync.loopme.me/	1970-01-21 00:57:37	Name: viewer_token Value: 16040a79-8641-47bc-84d2-77f48735284a
live.rezync.com/	1970-01-21 08:06:44	Name: sd-session-id Value: .eJwNi0kKwzAMAP-ic1IsyZv8mWBiBUwbt8TppSF_ry8DAzMXLB899ty0nZDO46sTrK86rEO6oNffrk9IQAbFiGERQopikQPcE3Ttvb7bUsto1k3QKtHsXcbZGtU55jKglp0v2zhdwkDsTAzRP1CYg1i4_7N9JaU.ZrqoMg.KNb3bbsBdKvy4mPtyKIEL-Faows
.pubmatic.com/	1970-01-20 23:28:20	Name: KRTBCOOKIE_632 Value: 23041-EFLyri2lBN_KiC6B8usg4-VeS-HsENcHtdRMS2E4ghs&KRTB&23047-EFLyri2lBN_KiC6B8usg4-VeS-HsENcHtdRMS2E4ghs&KRTB&23234-EFLyri2lBN_KiC6B8usg4-VeS-HsENcHtdRMS2E4ghs&KRTB&23361-EFLyri2lBN_KiC6B8usg4-VeS-HsENcHtdRMS2E4ghs
.pubmatic.com/	1970-01-20 23:28:20	Name: PugT Value: 1723450907
.rubiconproject.com/	1970-01-21 00:54:44	Name: receive-cookie-deprecation Value: 1
.rlcdn.com/	1970-01-21 07:30:44	Name: rlas3 Value: k8KZB5T6l4Z3XeGtPXCIbLBDF1x3efb6KHs4VR8f5jA=
.linkedin.com/	1970-01-21 07:30:44	Name: bcookie Value: "v=2&e0386629-b398-49e2-86a2-02f8e1b8237f"
.linkedin.com/	1970-01-20 22:46:35	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=3047:u=1:x=1:i=1723508786:t=1723595186:v=2:sig=AQFUQJBBXTnHE8-iv5jih2FpJ10hyK9w"
.criteo.com/	1970-01-21 08:06:44	Name: receive-cookie-deprecation Value: 1
.adform.net/	1970-01-21 00:11:32	Name: uid Value: 8101437896340158381
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.rlcdn.com/	1970-01-21 00:11:32	Name: pxrc Value: CLLQ6rUGEgYIuuoBEAASDwi46wEQ////////////AQ==
.primis.tech/	1970-01-20 23:21:08	Name: csuuid Value: 66baa832e88b6
.temu.com/	1970-01-20 22:45:10	Name: __cf_bm Value: llaK_sd39RRkaoGld2Kqk9ltHFN6.AY8e7N2wwBcdEc-1723508787-1.0.1.1-aOV5geqDjE7HOLX.gs7BLYObIazp4LTf0PnatIJ_NnlAEMJ3wIZplooDVjOn8rgl9Z2EkgRYN.LkL.rTOf8W2A
.tribalfusion.com/	1970-01-21 00:54:44	Name: ANON_ID Value: a5nt6ZasjyDjmTFM6EKNQesuZbQjKGY7FLcY33YZdwGfZdSsZblUeoH4blfVc7rBaLu7KhnZcm17LnZdogvWpQtQfVat4DKGev9
.intentiq.com/	1970-01-21 08:21:08	Name: intentIQ Value: gZKlcynCkb
.intentiq.com/	1970-01-21 08:21:08	Name: IQver Value: 1.9
pool.admedo.com/	1970-01-21 07:30:44	Name: tuuid Value: 2989214d-19c4-4fa5-b52e-03cb2edfebff
pool.admedo.com/	1970-01-21 07:30:44	Name: c Value: 1723508787
pool.admedo.com/	1970-01-21 07:30:44	Name: tuuid_lu Value: 1723508787
.amazon-adsystem.com/	1970-01-21 08:21:08	Name: ad-privacy Value: 0
.intentiq.com/	1970-01-21 08:21:08	Name: intentIQCDate Value: 1723508787345
.intentiq.com/	1970-01-21 08:21:08	Name: IQPData Value: 533500327#1723508787342#0#1723508787342
.intentiq.com/	1970-01-21 08:21:08	Name: CSDT Value: UEQ6MTUxMDZfMCZVTEhuRUNJ
.intentiq.com/	1970-01-21 08:21:08	Name: ASDT Value: 0
.sharethrough.com/	1970-01-20 23:28:20	Name: stx_user_id Value: 31be1a3f-aa1b-4891-8c9e-9e2a7ed749dd
.ssp.wknd.ai/	1969-12-31 23:59:59	Name: rubiconUID Value: LZROMPU2-25-D4TX
.amazon-adsystem.com/	1970-01-21 04:17:47	Name: ad-id Value: A7h0GldjoEJRoMgY4Dqittk
.rubiconproject.com/	1970-01-21 07:30:44	Name: audit_p Value: 1\|/pSoA31FeGNL78ZzwOtFmoiTvSjC8GJ1gC9L57k/ywQNIXVBPorKWiriM+0GyYPW4bdMT/Ed5qLyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnXYlWnC1is2Iqz4LZB1VKyAztoBK9I788nTKieBvuj/kYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.rubiconproject.com/	1970-01-21 07:30:44	Name: audit Value: 1\|/pSoA31FeGNL78ZzwOtFmoiTvSjC8GJ1gC9L57k/ywQNIXVBPorKWiriM+0GyYPW4bdMT/Ed5qLyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnXYlWnC1is2Iqz4LZB1VKyAztoBK9I788nTKieBvuj/kYPDxny9O7hNPVHjylZIeXNAPlTu0R9RN
.pubmatic.com/	1970-01-21 00:54:44	Name: SyncRTB4 Value: 1724112000%3A223_15_2%7C1724803200%3A35%7C1724716800%3A202_22_264_71_46_7_217_266_8_5_3_254_233_96_209_107_214_179_13_21_54_56_234_220_76%7C1724371200%3A63%7C1728691200%3A69
.pubmatic.com/	1970-01-21 00:54:44	Name: chkChromeAb67Sec Value: 3
.ads.pubmatic.com/	1970-01-20 22:46:35	Name: pubsyncexp Value: 1723530388637
.pubmatic.com/	1970-01-20 23:28:20	Name: SPugT Value: 1723473526
.pubmatic.com/	1970-01-21 00:54:44	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 07:30:44	Name: receive-cookie-deprecation Value: 1
.dianomi.com/	1970-01-21 00:54:44	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGYiOnsidWlkIjoiODEwMTQzNzg5NjM0MDE1ODM4MSIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjI2OjI4LjAzNjk4NDc4NVoifSwiYWRmb3JtIjp7InVpZCI6IjgxMDE0Mzc4OTYzNDAxNTgzODEiLCJleHBpcmVzIjoiMjAyNC0wOC0yN1QwMDoyNjoyOC41MTAzNTc4ODVaIn0sImZyZWV3aGVlbHNzcCI6eyJ1aWQiOiJhZWFjZTIzZTZhODk0YmFlYzc1MzcxMGM0NDk5MDk2IiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDA6MjY6MjcuMzAxODIyNzg5WiJ9LCJncmlkIjp7InVpZCI6IjE1YTVlMTFkLTUwYTQtNDJjZi05Njg4LThmYzkxZTliZTE3MCIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjI2OjI3LjE0MDYxNDMyNloifSwib3BlbngiOnsidWlkIjoiYjg1YmFmNzYtODVjOC00Y2Q3LTkwYWEtNzFmMjk1MzM5ZTBjIiwiZXhwaXJlcyI6IjIwMjQtMDgtMjdUMDA6MjY6MjcuODUwMTM3MjkxWiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJFNEQ2QjFFNS1FRDQzLTRBMjUtQUIyMS1COUQ3RUM5NDBBQzgiLCJleHBpcmVzIjoiMjAyNC0wOC0yN1QwMDoyNjozMS4yNTY2MDAxMTdaIn0sInJ1Ymljb24iOnsidWlkIjoiTFpST01QVTItMjUtRDRUWCIsImV4cGlyZXMiOiIyMDI0LTA4LTI3VDAwOjI2OjI3LjA0Njg3MzE4N1oifX0sImJkYXkiOiIyMDI0LTA4LTEzVDAwOjI2OjI2LjQyNzQxMDgzM1oifQ==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=060ixdlju6a65efg99jagd8a8ci8cgc7dihuok0wi0e0ymoq66weqk4e4iu4iqi2k&gdpr=0 Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'; report-uri https://reuters.report-uri.com/r/t/csp/enforce; report-to report-uri
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10844217.fls.doubleclick.net
a.ad.gt
a.pub.network
a3b3013b19003de85eaa64d7ada4a67c.safeframe.googlesyndication.com
a55a84b3-9632-4869-b625-3d8ef43ed18d.prmutv.co
ad-delivery.net
ad.doubleclick.net
ads.pubmatic.com
analytics.google.com
analytics.twitter.com
api-js.datadome.co
api-reuters-reuters-prod.cdn.arcpublishing.com
api.bounceexchange.com
api.btloader.com
api.permutive.com
api.rlcdn.com
api.segment.io
as-sec.casalemedia.com
assets.bounceexchange.com
b-code.liadm.com
beacon.tru.am
bh.contextweb.com
btloader.com
c.go-mpulse.net
c.pub.network
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.edkt.io
cdn.hadronid.net
cdn.permutive.com
cdn.segment.com
cm.g.doubleclick.net
connect.facebook.net
contextual-analytics.wunderkind.co
d.pub.network
data.cdnbasket.net
dpm.demdex.net
dt.adsafeprotected.com
e.cdnwidget.com
eus.rubiconproject.com
events.bouncex.net
freestar-io.videoplayerhub.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.liadm.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
ids.cdnwidget.com
idx.liadm.com
image2.pubmatic.com
img.en25.com
js-sec.indexww.com
js.datadome.co
lb.eu-1-id5-sync.com
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
mug.criteo.com
optimise.net
p.ad.gt
pa.openx.net
page.cdnbasket.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
protected-by.clarium.io
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.go-mpulse.net
s.yimg.com
s2124157686.t.eloqua.com
sb.scorecardresearch.com
scaredsnakes.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
ssp.wknd.ai
ssum-sec.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.reutersmedia.net
stats.g.doubleclick.net
t.co
tag.bounceexchange.com
token.rubiconproject.com
tpc.googlesyndication.com
tru.am
ups.analytics.yahoo.com
view.cdnbasket.net
www.datadoghq-browser-agent.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.reuters.com
pagead2.googlesyndication.com
ssp.wknd.ai
103.43.90.53
104.18.20.206
104.18.20.97
104.18.24.111
104.18.31.150
104.18.38.76
104.244.42.195
117.18.232.195
13.33.174.21
13.35.27.29
130.211.23.194
141.95.98.65
142.250.196.142
142.250.206.194
142.250.206.200
142.250.76.130
142.250.76.134
142.250.76.142
142.251.222.3
142.251.42.162
151.101.108.157
162.19.138.119
172.217.161.68
172.217.25.162
172.217.25.166
172.217.25.174
172.64.151.101
172.67.74.245
18.143.106.89
182.161.74.11
192.29.13.138
2001:4860:4802:34::181
207.65.34.76
207.65.34.80
23.195.85.83
23.32.224.239
23.34.99.108
2404:6800:4004:801::2001
2404:6800:4004:822::200e
2404:6800:4008:c06::9d
2404:6800:400a:80b::2001
2404:6800:400a:80e::2008
2406:2000:a4:807::1
2406:2600:4::1
2406:2600:4::b
2600:140b:1c00:38::1732:76be
2600:140b:a00:698::11a6
2600:140b:a800:6b8::11a6
2600:1901:0:56e0::
2600:1f18:1aca:4281:d24f:51bd:c6ef:9578
2600:1f18:730:b130:4caf:931f:84c4:3d79
2600:9000:2066:3000:6:44e3:f8c0:93a1
2600:9000:20c5:6e00:8:48e:53c0:93a1
2600:9000:221a:ce00:8:8845:1500:93a1
2600:9000:221b:6000:18:1fcd:354:4b41
2600:9000:26f2:4800:f:e061:be80:93a1
2600:9000:26f2:d000:15:5a3e:9d40:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:4bd8
2606:4700:10::ac43:17ea
2606:4700:20::681a:832
2606:4700:20::ac43:4513
2606:4700::6811:7611
2606:4700::6812:1c7f
2606:4700::6812:572a
2620:116:800e:21:6c50:dbee:bef5:203d
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:200::714
3.33.220.150
34.102.183.59
34.102.193.48
34.107.165.188
34.107.254.252
34.111.113.62
34.111.152.239
34.111.8.32
34.117.4.53
34.120.111.33
34.120.253.250
34.160.152.31
34.36.214.49
34.98.127.78
34.98.72.95
35.241.9.51
35.244.177.184
35.244.193.51
35.78.24.19
44.193.56.5
44.233.229.211
52.12.47.65
52.199.153.13
52.206.104.174
52.207.144.134
52.43.27.85
52.7.252.0
54.150.112.144
54.179.182.207
65.9.39.3
69.173.158.64
74.214.196.131
99.84.55.19
040b6fae73b7a785f931a4217f395e83f62d0f744a9cb5f1f099b37b28dbbb6b
0577799468639d33beb4baca148931b28e676bff3a67b393cfff93dd82f35c0a
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05cd6b59b9bd19aab8ea512f132c22843b1f75c3d7c99dc159fbd2c39fcd9f79
07fd832eec514aac44b1f2b8cc6540ed6f8259e41c96fa5c05324317f2842cb9
081964cb42fb3168a6ccacae28e19cef8ca6d1aab6e7e4c4445f6da1442e3da7
08de20f0a920a3b37b51c210b0b70b0b101775cf2cfa79cce7d94f369f87398e
0a112035a14053c622fcfafccf4c625c9a5787cea271c94036ba91880d69ee1c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6e63ae093faf48a462577bd9ce6e7961f417cbe5d0f85d03326d76c0ab16a0
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ea426f6bc022f43b8a59c2f99a81896114c0ef516f9d8033edf4a8491bb76e9
0ec43be2e9ae42ed9ced8e118df8c5a58d8b6d5a30c2c0c2c94afca82bf4e0a0
0f108b0ecd35568abbc437ece258f248576b83539ed4584b69a621936e83f9ec
0f6fc20d3ed73d09afc60df25e05330a1ee08b3a4aa659be2d27437884a0a2b3
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
15388886e17cd02ecc9b8c1f29f386792cdeea0f572071f45c37359748d26de4
15beb082b421426321619cdf5c91e22faaa57f6a4c0d3338de923dfdfd63ef35
197c418653e53e1a93e54e29b5b9335fc8970c10a297e3441088b54be8017407
19aab8d6e42cc4d6e44909cfffe27ffda20bc671425389fe5d3cdd6dcd83c2e1
1b420d5f4d5b45fae15afb30c074f34ea0d08fc0824eba6e5d71e4422c49d9d4
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d02097681394ad6eef93d032c5f044141e6b89131fbbe0a0ee88d39f5713fa8
25c9b8e7cb9dae0db5af2ec376f985da44b241ef4a8c6c7130231030f7a4ea45
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
271bdec2cdd30742b94baeb064fc1d66e8f3fffbf3d7252ffaff60b3cecbe031
27d9ee25a442bee6ce509978e6a77c3889c255f7c9b1ca9e4b92883a2cb0b1ae
286a9eb90b3236f3c77e9cd147b524d542d53ba83973de175c45be3eb1147805
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2910b72d6e95e29d0cdbb93ebef03e69a25885d511a2ddc5dfc327c890561bec
291ac3898f3f28bd32810a5ef0f380363afee480e535632f0254da751f775c63
29c511fefca64e798e43f8d5460e9a164333d9c3b3f2505e363c4c645e2bfd08
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c8a3c4e21e1950cbba33c671e495f16ad33b682f89529cc2234907eb16e5cc5
2fc364844767afcfcadb2bd75ae41d008d1ac70351d355f03d3d4814c09bc09d
2fceb9ef8db2a2793edb4cad84716b12c3eac8d25e543598b53dd5f6b44cef5e
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
31afb1e1ccfa509c37a96a8d41352179157f7206d9e073d0ac82346e8ac8628d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
320de587a569204eddd02bceaf7081fb9f993c2f20195c7e4d314d6254fc7d77
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
34eca4293b3f87a1abd31c2c4c1623a12d42384698d1805e39a8a198b698c723
37fa714e469dacbc174f44741436eb7b7325daf3aa670f921526db70f2e6bf90
396c7d57ce74cd8dd7ca90c076f7aec41a2a688075bffeb852e733339d94e6c2
3999ddde00a86aa8cac52ba54aa3cbf69ccd2ff81a1ecbf5d179eeee6ac835c1
3dc15994f39414331bfc222547ff324b3cc2639cd51c8b7170c87ff7ed73ffed
3eed5ce7cd39675fa2d97cf9deb078ab5453fc2456c26898c6ce537603873da3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
442afc1b7860673941a069b2b8935009cdaea8745d47cf42713f3faa0165cc81
46285a67ebb5f30a2fbf654f3cd75e7a8217613b044226386c7770802ac35b49
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d424af8e6254a3ee915b6efdec3f0ed3fcbdedc67c83025148c9758701cd2d4
51262f2904ce7b2fb32c24f7cc8d2e1ce195a67242b68638792c0faadc196a05
51c8dc48fb49d5df075bf32d6655815cce9440a80bef0458f72a5bb85fa96d4f
53e344e1f38ff3f4d4af525c8d897fe7f3dfad58c368ed63572139927edbf1d6
57ff788a3286d485d204e146f963eaae248e3e90745be195942de776ab8424b0
5897a494ebec82bb9c6d4da5418a0adbb90b2ec7c1603a90e6871e090e47e8d4
590ddd979672874c0de027162db26955851d0f643e9ca72f27a82c9734a0c5dc
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5e86b02d8388be8e4ca8a1538044129612d460fbb187e1abf5bfc216b19d0196
60683094c3e55c42f072fb9394c040403ebb8fa2b198a6a920dc10960cab00a0
6094d38d7fe9480541d52a653499ff659b068815ca85351a654839a020bad839
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
62bf7cc75fd49bab4a4c572158661fd9ccfb265256f98cb985d38e8a25e06b67
639f4f2d6cd48d85b08c97edd58b8afbdeb1f90323773e2ab58ee73de81e03d6
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
6ae718f7ecf0409e554c04c716a473acc8778c51e276d928bafdf5164c5cddd2
6aff8294af9ed8a0de81943befa1bf28a20befd348f4df64bd30a201d37b8504
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2c4f74a7cea042049296ab1407474567c1e985e74eb97c7ae2549022674f38
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d6068180a5c710c68c8ee0e290cb9b37b3450492d3f9e3ae46083deb152fbcf
7039242d5a3c95ba4e5c5c47d94ef3f1f1ec867199ef44985506b9387fde15a5
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
725bfd9ff0be5216d6ecf44932f13df036ed1f7bac5aee4b8bd29f8b74e8c522
7522414b9a7d076f4978fd6d895b083a6c9131b477d315b481431caac9c5bb97
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
77bc90e5c022cd53ed2d03490bb105cb27c0097272d336ee9d05c41e0b2eab50
7807f4740735457f48be40a489cd920d92e6174873447f28313da1c3ce30d277
784743726290dd380a31c6169744d1ae18d21d8f42227b606d22109870f9f808
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7b76d239f05204d1e888c22f82f7df88953b3f8ff4b518c69d8f33fd736deb64
7bd1589f452fb979ca876d514c0560ce0504047e6845b3fb70316104e3cde439
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7cbbb14bb886115e362e4251570b7b4c3aadf717e9a848fa8c6ced1b7365d652
7d5e663d14a945bf88339ef783adf85c43a0dc4605b021b0c7643c1c966f6117
7d71f8ec99ba1079fa5786d59dcf0f757134fcccdb591a130e3fcec1dc21f23d
7efb4c6344bae034223af4312f487cbefbd16fd476f72bbc2a74bb0a33c02329
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
865a986ee85e47c5e5d7903692a6aad1334cf934a5dbbebf203c55897cf54189
86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
892331505e4a765c86728fa0a8e183eb60267192537f8bfed4afa1e836589b90
8bce13fdc604cb862198eb7f204e2121f6a40333810a4154215ff45c07857cc7
8df14e12641582027690285d2ed7398de091a3335383d547468969fc42683b14
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90932472b6e39c392dee868ffb46cef80a253047e904b41803554c957dc02f62
90ccacd93dfc21ed518ecd0bc5d9e542e27c8ac724ccd23f5c3f911e20a32eb8
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93bb2153c6409ef1737e371fb5926acb1a496558fff5278788f651470ba04797
946b8dbff012ea91b7cf50da777050b43eeeda46c096627e75c73dc6418b00ee
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
995540fade9df8f6ba38f4de4fdbecd63be2d92d43e17181408729c75ae8dfb1
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9ccbd038ce579b1c4210c87cb28c63700385d7a4ea4887bdb69500be85a4a9d8
9d7beaa548a30109a908bb6215cb802d2efe90f81a5ca09d6bb451ef52a55eef
9e6b8c097ed798b561e51796fc897c5d6a60f9049e49ad7f40d0ce858644447c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3614319da4644172f68e7a82236a24f257e9d9cb903519c68aa9611d4de39ea
a66ccfd805c4656fe04123a86f728267cda99d4c30367d5d4e880c5e5fda305c
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab414e3fd2457835c0c9be15805841599bc3aff63e1b3f853292de53a4119729
ac42cf20760d5b0f71be7a0391c76020002aa1dcfc75bae782360bf2761db29f
ac6eaae89e3bb38cc362917c72836b2bf2484901208a5c608577e9afd3f90055
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adfe45c562e0b5f7fac49f1c82a687ba73d0a4f60386ead5c056cfab1e4763e0
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f
aeac24730f4080c22a0250b34eb8b26ee822e09035b3f6e84ebd8a63eb099f91
af4a5f71487d00019962fbc228d3cebd9ca9aa12df160c4614da0308899a4e29
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0cec1148d29c292b051ef4b8a5f07b423aa9ad71626d5aa4145776dddd05ea6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22f8b1f99c2ee5032f2bba7fbe15d5ba7b8626288a2ed9667aa711a617946b7
b33eb92d91ab56940b23fbe85241ed60ee72464255a9b50dd949c472e48be928
b504b32cdcea5e389725b80ed023c44131253f75085868220e15cf3256a1a713
b64b6c97167fae4792290ee7bc7bceabd7e2ab42c867291bb950a387c7e779ab
b79cb842251ba7d6879d73856c3558364e138fbe79200821ff894197f83f6067
b7d95daaf9dd4a2a49ad95e52ce1f131b5cb4c7092c6420ce0fcd444149aa81f
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
b950fa31794c50a8edc49b09cba33fb287810bee5856e0643b02294aac0fd222
bd23f22679540207e39aba80ea3a0178ba5a81995839787246559cd269c9f47a
bd27c2566f10319ed5784c4c272c7115e6d5b434a24d6c215effa59d0aac19dc
bdf1aead5ad82438cbd2105c1884c7889f0b3d8fd6870f40c1066b5f821ff180
bf2246b1328a07619d290629df22beeea03b7bef584693d83142752b06975c4a
c05c72888cec43de82693815e7bee34b9eca49df535a82b91fa7e97072f2b028
c0e2edfde5b45fbdb2cb3356d46aaea0f5fd72d667bc6bcfac544677cff16f36
c16cc4ad1d41faba72592a20cd8f50ef779cf16e05c115034fa7c2fade845b46
c194ba4327129c4161d6fe122a8de2d49b844284b48f24ecd76862867428c200
c24bd2b08320d1ccb2c5271d79a8f0c0544c5f234298de9a6010edb2dab938a2
c509862f8eeee6bff0dadf913f679fe1d7b9a0e1706c4d5927cc494a0ee54b99
c6bb6240ef6faa435a44312fa3fa540cccfb058dec058108c33620d98faa7a2e
c7ced2edb7bbf82c0f0b6b8bdd971219b9c968377c95e0907b55fde717862a78
c812d6502bd73930d3d5cdb5244d339a2a70b6303d32b362873d2f973d5b1056
c96380759d5e2d30f44ff04b932b72079b16e6b5df6b8add56b56d61c1d6364f
c965a51152f2754a59c31d2f61e93bb43376ebbd8d963bc1e90806a1c2b6a80d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09ba9d469727e2f09cf9c9c12073ab1c22b4797680bd5f19207d1f470ce43c7
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d7015a3063cd25691ed52bfd8fe42203054c34b844f5f22ba4f04c3801c4f7d7
d727e7b0f335884d4a6a3afddb3e25110789f205ecba3d0397a70c4455f711cb
d82a76ef13fb52b0f71a3ca123b4fb6e33076ad42300ee59b0dfa8fa343c22e0
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d96735e3b0d7f2db5e495ff22ea25190bdf9f799649655c4c5e58045df2f972d
dbdf2a38caf189ac22e81145825d2fcc067aceadcc641dd93cb0b5c08bb4c2d6
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
dcd3508ddea2fb0e5b18608d9a8210a7ae4af09e0b93561e6eb4e48a7af50bdc
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1f093f89ab82413207b9fd5f4cb4de8b0defffe3a5dc0250b699c70fa0d3a77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9662e41b41fdfc8140971e5014c020c294ce406d61594e38c5bd272ee0a6bc9
ea57209d83b887799897a609dcaa1e3833559ee5604083b5a877b8d09886b62f
ec25581a23ee67e0795e7f8042c6f7cc62119e72ec5048110c8c55bff4880d10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f12283f26b02dfc94f0b1d907c89e1897ec8885418cf8e099c7594da85e62cec
f1c8051bb7e652b262a63f1eee66303294ec06c18c905c40a047383a20edda5c
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f466e8eb144636ff511dfab8f04a6a1df6ae357b69d979da098a206f656321fc
f591b2dd67ab481453b5cc07706b51c1ce242e0840a6a237563d261c99749546
f5d8584f16a63535e8db8b30766c71f08cbe97522ff74d862b75b65c6666d082
f77bbd8e2c78a97a819e5d88732de7c4e7e94e9e4b658d2952f96237233e1deb
f880063747f464b799a39b1459e41fac5bb310af41c3c1e4c222ac7ace0e40bb
f894417f370f24187401367ddb12d8939bd19fc725e8e324ec44de0fe767ba28
fc3e179cd7e614059d97157a023f16dfe26ae4813d9b70b3e9884f18acaa05f2
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

www.reuters.com Open in urlscan Pro 2600:9000:26f2:d000:15:5a3e:9d40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

367 Requests

95 %HTTPS

33 %IPv6

69 Domains

109 Subdomains

98 IPs

9 Countries

4079 kBTransfer

17741 kBSize

179 Cookies

30 Outgoing links

Page URL History

Redirected requests

367 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.reuters.com Open in urlscan Pro
2600:9000:26f2:d000:15:5a3e:9d40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

367
Requests

95 %
HTTPS

33 %
IPv6

69
Domains

109
Subdomains

98
IPs

9
Countries

4079 kB
Transfer

17741 kB
Size

179
Cookies

367 HTTP transactions
5 data transactions