www.reuters.com Open in urlscan Pro
65.9.66.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ=
Effective URL:
https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=N...
Submission: On September 22 via api (September 22nd 2022, 7:58:35 am UTC) from US — Scanned from DE

Summary HTTP 208 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 34 domains to perform 208 HTTP transactions. The main IP is 65.9.66.117, located in United States and belongs to AMAZON-02, US. The main domain is www.reuters.com. The Cisco Umbrella rank of the primary domain is 13127.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 19th 2021. Valid for: a year.

This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	65.9.66.117 65.9.66.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:805::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:274	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.194.217 199.232.194.217	54113 (FASTLY) (FASTLY)
2	209.234.224.18 209.234.224.18	395162 (MOD-PTC) (MOD-PTC)
12	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80c::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:586::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
32	104.18.23.230 104.18.23.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:18b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 37	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
1	104.103.105.174 104.103.105.174	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.145 143.204.207.145	16509 (AMAZON-02) (AMAZON-02)
1 3	142.0.173.23 142.0.173.23	7160 (NETDYNAMICS) (NETDYNAMICS)
1	35.201.71.192 35.201.71.192	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	184.51.8.202 184.51.8.202	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.155.253.53 35.155.253.53	16509 (AMAZON-02) (AMAZON-02)
6 12	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1 1	52.211.219.3 52.211.219.3	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
4	65.9.66.109 65.9.66.109	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.15 65.9.66.15	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.223.1.76 52.223.1.76	16509 (AMAZON-02) (AMAZON-02)
11	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
7	18.217.55.23 18.217.55.23	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	146.20.128.59 146.20.128.59	27357 (RACKSPACE) (RACKSPACE)
7	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
208	44

1 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.chainalysis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.66.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-117.fra56.r.cloudfront.net

www.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::200e (Ireland)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.234.224.18 (United States)

ASN395162 (MOD-PTC, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:586::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.18.23.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.105.174 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-105-174.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:bb11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

api-reuters-reuters-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-145.fra53.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.173.23 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

s2124157686.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.8.202 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-8-202.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.155.253.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-253-53.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.134 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.219.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-219-3.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-109.fra56.r.cloudfront.net

static.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-15.fra56.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.1.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: a8fd921d2017b5f79.awsglobalaccelerator.com

collector.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.217.55.23 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-55-23.us-east-2.compute.amazonaws.com

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 146.20.128.59 (United States)

ASN27357 (RACKSPACE, US)

ssp.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3546 cds.connatix.com — Cisco Umbrella Rank: 3689 capi.connatix.com — Cisco Umbrella Rank: 3850 ins.connatix.com — Cisco Umbrella Rank: 4966 lit.connatix.com — Cisco Umbrella Rank: 8070 capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 4771 vid.connatix.com — Cisco Umbrella Rank: 4459 img.connatix.com — Cisco Umbrella Rank: 4257	3 MB
32	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 5488	269 KB
16	doubleclick.net 6 redirects ad.doubleclick.net — Cisco Umbrella Rank: 178 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180	192 KB
12	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 410	248 KB
12	reuters.com www.reuters.com — Cisco Umbrella Rank: 13127	1 MB
10	qualtrics.com zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com — Cisco Umbrella Rank: 41092 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1000	89 KB
10	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142 pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	88 KB
6	lkqd.net ssp.lkqd.net — Cisco Umbrella Rank: 24368	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	820 B
5	tru.am tru.am — Cisco Umbrella Rank: 4931 beacon.tru.am — Cisco Umbrella Rank: 6459	23 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 424	747 KB
4	moatads.com z.moatads.com — Cisco Umbrella Rank: 403 px.moatads.com — Cisco Umbrella Rank: 467	105 KB
4	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 16674 collector.sophi.io — Cisco Umbrella Rank: 23614	53 KB
4	reutersmedia.net static.reutersmedia.net — Cisco Umbrella Rank: 43799	97 KB
4	segment.io api.segment.io — Cisco Umbrella Rank: 1011	693 B
3	eloqua.com 1 redirects s2124157686.t.eloqua.com — Cisco Umbrella Rank: 37971	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 616 static.adsafeprotected.com — Cisco Umbrella Rank: 575	668 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	707 B
2	arcpublishing.com api-reuters-reuters-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 37101	642 B
2	pub.network a.pub.network — Cisco Umbrella Rank: 5080 d.pub.network — Cisco Umbrella Rank: 5770	62 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1280 c.go-mpulse.net — Cisco Umbrella Rank: 599	51 KB
2	wsod.com ad.wsod.com — Cisco Umbrella Rank: 7012	3 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6352	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2338	39 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 5563	3 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1475	78 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	69 KB
1	scroll.com static.scroll.com — Cisco Umbrella Rank: 5555	7 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	44 KB
1	chainalysis.com info.chainalysis.com — Cisco Umbrella Rank: 927032	1 KB
208	34

	Domain	Requested by
32	www.dianomi.com	www.reuters.com www.dianomi.com
17	vid.connatix.com	cd.connatix.com cds.connatix.com
12	img.connatix.com	www.reuters.com
12	ad.doubleclick.net	6 redirects www.dianomi.com
12	cdn.cookielaw.org	www.reuters.com cdn.cookielaw.org
12	www.reuters.com	info.chainalysis.com www.reuters.com
11	ins.connatix.com	cd.connatix.com
9	siteintercept.qualtrics.com	zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com siteintercept.qualtrics.com
7	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
6	ssp.lkqd.net	cd.connatix.com
6	pagead2.googlesyndication.com	tpc.googlesyndication.com
6	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.reuters.com
5	www.facebook.com	www.reuters.com
5	cds.connatix.com	www.reuters.com cd.connatix.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com
4	static.reutersmedia.net	www.dianomi.com
4	api.segment.io	cdn.segment.com
4	tru.am	www.reuters.com tru.am
3	px.moatads.com	www.dianomi.com
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	s2124157686.t.eloqua.com	1 redirects www.reuters.com
2	collector.sophi.io	cdn.sophi.io
2	cdn.sophi.io	www.reuters.com cdn.sophi.io
2	connect.facebook.net	tru.am connect.facebook.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	api-reuters-reuters-prod.cdn.arcpublishing.com	www.reuters.com
2	ad.wsod.com	www.reuters.com ad.wsod.com
1	zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com	info.chainalysis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	lit.connatix.com	cd.connatix.com
1	z.moatads.com	ad.doubleclick.net
1	www.google.de	www.reuters.com
1	www.google.com	www.reuters.com
1	capi.connatix.com	cd.connatix.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.adsafeprotected.com	www.dianomi.com
1	pixel.adsafeprotected.com	1 redirects
1	c.go-mpulse.net	s.go-mpulse.net
1	beacon.tru.am	tru.am
1	d.pub.network	a.pub.network
1	www.datadoghq-browser-agent.com	info.chainalysis.com
1	img.en25.com	www.reuters.com
1	cdn.segment.com	www.reuters.com
1	cd.connatix.com	1 redirects
1	a.pub.network	www.reuters.com
1	s.go-mpulse.net	www.reuters.com
1	www.googletagmanager.com	www.reuters.com
1	static.scroll.com	www.reuters.com
1	www.googleoptimize.com	www.reuters.com
1	info.chainalysis.com
208	51

This site contains links to these domains. Also see Links.

Domain
graphics.reuters.com
www.reutersagency.com
www.thomsonreuters.com
newslink.reuters.com
www.twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
legal.thomsonreuters.com
tax.thomsonreuters.com
www.refinitiv.com
trdigital.iad1.qualtrics.com
tcf.cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
info.chainalysis.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
www.reuters.com COMODO RSA Organization Validation Secure Server CA	`2021-10-19` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.scroll.com R3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
www.wsod.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-29` - `2023-01-12`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
*.t.eloqua.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-29` - `2023-04-11`	a year	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2022-03-19` - `2023-04-20`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-01` - `2022-09-29`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
static.reuters.com Amazon	`2022-08-29` - `2023-09-27`	a year	crt.sh
cdn.sophi.io Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.sophi.io Amazon	`2022-05-11` - `2023-06-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-27` - `2023-07-18`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Frame ID: 262138E4C92C8C91F0D4134F14378F66
Requests: 102 HTTP requests in this frame

Frame: https://cds.connatix.com/p/184105/connatix.player.dc.js
Frame ID: A8B08BA116832964AC84A13C25F5014C
Requests: 49 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
Frame ID: CB4CA56BBED22BC3DE18698EA4A10189
Requests: 12 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
Frame ID: 22D6C19AAF6365A7EFFF6D3939FB0D1B
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5D250115CCF4FD86BFFB27E62D47E89B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A0EA495EAE75995DFDFD4959A319C460
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6C3045F7AC94AB353ED834A4CD3C3F48
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7DD7722DD7956226C14C4907EDD13FC0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: DEEB059298A2547F1C7610C64C3E0A6E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: 42AAE581B3CA9B9508FA9B87D0933E32
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html
Frame ID: D1A137A4DEC83AB1E440F4DCA39D7C1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Major crypto trader Wintermute hit by $160 million hack, CEO says | ReutersOpen in new tabVideosOpen in new tabPicturesOpen in new tabGalleryOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabOpen in new tabBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt... Page URL
https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2... Page URL

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

208
Requests

95 %
HTTPS

43 %
IPv6

34
Domains

51
Subdomains

44
IPs

6
Countries

6369 kB
Transfer

15656 kB
Size

21
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://graphics.reuters.com/
Title: GraphicsOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/about-us/
Title: About ReutersOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/careers.html
Title: CareersOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/?utm_source=website&utm_medium=reuters&utm_campaign=site-referral&utm_content=us&utm_term=0
Title: Reuters News AgencyOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/about-us/brand-attribution-guidelines/
Title: Brand Attribution GuidelinesOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/leadership-team/
Title: Reuters LeadershipOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://newslink.reuters.com/join/subscribe
Title: NewslettersOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ReutersVideo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10256858/

Search URL Search Domain Scan URL

URL: https://legal.thomsonreuters.com/en/products/westlaw
Title: WestlawOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/en/onesource
Title: OnesourceOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/en/checkpoint
Title: CheckpointOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/refinitiv-workspace
Title: Refinitiv WorkspaceOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/financial-data
Title: Refinitiv Data CatalogueOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/world-check-kyc-screening
Title: Refinitiv World-CheckOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/services/advertising-solutions/
Title: Advertise With UsOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html#cookies
Title: CookiesOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: PrivacyOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/digital-accessibility-policy.html
Title: Digital AccessibilityOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://trdigital.iad1.qualtrics.com/jfe/form/SV_8kte8gArGyCGVhz
Title: Site FeedbackOpen in new tab, opens new tab

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/copyright.html
Title: All rights reserved

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new Tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ= Page URL
https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/184105/connatix.player.dc.js

Request Chain 34

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=2124157686&ms=691 HTTP 302
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=2124157686&ms=691&elqCookie=1

Request Chain 56

https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CJqfkOr2p_oCFUCe_Qcd1r8CfQ;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 72

https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CIubler2p_oCFUOZ_QcdYYMKGw;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 73

https://pixel.adsafeprotected.com/rfw/st/1133784/65726462/skeleton.gif HTTP 302
https://static.adsafeprotected.com/skeleton.gif

Request Chain 74

https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_pre=COOakOr2p_oCFTTDuwgdpH0O5Q;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 75

https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_pre=CPiYler2p_oCFYPwuwgdBYIJ0w;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 76

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B28090910.344991753;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B28090910.344991753;dc_pre=CPOgler2p_oCFZVF5QodoDYKvA;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 77

https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B28384395.343985369;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B28384395.343985369;dc_pre=CNypler2p_oCFTTLuwgdd-MK0g;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

208 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ=
info.chainalysis.com/ 600 B
1 KB 261ms
207ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-M4rJPhfWY4Mu4ccEtPiLGvi5jcEzfzV8+9QHvbIwDS8=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 74e97eda6cb49b63-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-M4rJPhfWY4Mu4ccEtPiLGvi5jcEzfzV8+9QHvbIwDS8=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Thu, 22 Sep 2022 07:58:27 GMT
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: fa568fd4862458c6

GET
H2 200 Primary Request / Show response
www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/ 335 KB
48 KB 838ms
761ms Document
text/html 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e

Requested by

Host: info.chainalysis.com
URL: https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

675badbb4ef9f08c574adb9a6ef9932903c18660b5b840fa18ebf76f4ed275d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://info.chainalysis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-true-ttl: -1
cache-control: private, max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 07:58:27 GMT
etag: W/"52aa2-n4kKJtR7X/TjK89cGSO/9XkAT6o"
expires: Thu, 22 Sep 2022 07:59:27 GMT
last-modified: Thu, 22 Sep 2022 07:58:27 GMT
server: openresty
server-timing: cdn-cache; desc=REVALIDATE edge; dur=335 origin; dur=371
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-akamai-transformed: 9 46293 0 pmb=mRUM,2
x-amz-cf-id: jrS9ttppPzIfPXdDllDdYEVh95e5SOrVoKyjl7llMjRPAtP8nJtxaw==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront

GET
H2 200 index.js Show response
www.reuters.com/pf/resources/dist/reuters/js/ 216 KB
59 KB 42ms
41ms Script
application/javascript 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

610a98ccb6c74fb2dc3649ac5d45d0c0eced6ed922a7c7aa1b44aaf378f8d1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-amz-request-id: 4NDR8EWV2K0FPKNW
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 59956
x-amz-id-2: 3FeGGFx0Y33qmYY90HYIrZFhZfASH/99u8FojwotKkVL6I8ZXvQu2k1bYcNhW9XmBepi0KuZRkixn8de3A9eQA==
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 17:34:50 GMT
server: openresty
etag: W/"dbdd1b44f0dad1319e12ff3eb9e1f722"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: n1cyG6R3jXuL3L1oHjJX06UHErCkTGkxKsaU1-71iVvtAKFKa2tcDQ==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 115 KB
44 KB 156ms
59ms Script
application/javascript 2a00:1450:400d:805::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KLP8L2H

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb712f0dd00716c16c09aa375a06db43fe808c8a150a4589e36fa74f4bfde715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44109
x-xss-protection: 0
expires: Thu, 22 Sep 2022 07:58:28 GMT

GET
H2 200 p.min.js Show response
www.reuters.com/arc/subs/ 99 KB
24 KB 42ms
42ms Script
application/javascript 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/arc/subs/p.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eefe7f7a5381463b0f8317fe171995b69d68e15f04c8fb7172844ee38eb93387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 47, 47
x-amz-version-id: gZ6GQy6U9lE1SDa329loU2vOcn1j93e3
content-encoding: gzip
etag: "a6b597642d2a84d5cb107194532673be"
x-amz-request-id: 669TYXRYSHMYD365
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 23820
x-amz-id-2: HhDBwpykqk6WwQIC1x/AbyaB2/r8CMEXKtzT2J0KW51dCr2gIh8y9JsS1p3+YQYSAE5KCsWs4I0=
last-modified: Fri, 26 Aug 2022 17:09:00 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 07:58:28 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, private, max-age=47
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: K2wlOhlLu6cM3YzOBJ78XZIwfyoG8A0MRcJVlOkQ0eGLyWIA2_of9A==
expires: Thu, 22 Sep 2022 07:59:15 GMT

GET
H2 200 react.js Show response
www.reuters.com/pf/dist/engine/ 383 KB
111 KB 38ms
37ms Script
application/javascript 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/engine/react.js?d=111

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

259272074feb37a675f884f617a88c249e9fa448608c8674015baf830c9d6369

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 4NDZVE8H4652ADJ0
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 113115
x-amz-id-2: HWO0nqORQHQTE833Qii7AVSEOVEIjlx2C29NyAESHsNZ1QohdAsuoBGd0QFUGG70wB73sncMbhk=
last-modified: Thu, 15 Sep 2022 17:34:52 GMT
server: openresty
etag: W/"3a7cf993314735d76ae5339d71fc1949"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: H-tAu47dWHKG3TZxYDvkkWYIvoTRbIHRUARzRj73Syw4S9zwFbvsnQ==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 default.js Show response
www.reuters.com/pf/dist/components/combinations/ 3 MB
739 KB 58ms
57ms Script
application/javascript 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/default.js?d=111

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

1c7884468bc03d2b02711a6d3cfba1d5bfabbac7c8a1025c804ae89d4bf0b8e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 4NDM4HH341RHK3SE
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 754787
x-amz-id-2: Fvqdz+ERPDNjSnx/tUUDXQa1zTsHGjc3B3ojAAeNmYuguM8euPmAkwtPyl1WPoBzHt2G6puxvMs=
last-modified: Thu, 15 Sep 2022 17:34:52 GMT
server: openresty
etag: W/"6673cec7011397ad47b4a3c189629cca"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: h2-Sx0GVpDkCWPKQikmHKzAobZhZViAh9QiaCVFuem_aiXKnWpL4rA==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 default.css
www.reuters.com/pf/dist/components/combinations/ 512 KB
68 KB 45ms
44ms Stylesheet
text/css 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/default.css?d=111

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

05cc6a43d6c8528b7b7a6a0a90504f449b77b87cf4aeb958b1651df252457061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 4NDZSX56CH6JVEZE
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 68794
x-amz-id-2: 9EMgr/D1JI4qu9l6w7qwycuSDfgA6wrhyS+KwqLJIKVEdsqGIqHtlX2pxUiGWSTIF43u0Rpxui0=
last-modified: Thu, 15 Sep 2022 17:34:52 GMT
server: openresty
etag: W/"1b60ce1fe156f974706bef58bd05c19a"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: miL21Zh4cHyZnrYHK89JTe-sraEfth9AeTRu9zoJBa3GX2bsjyq0Lg==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 style.css
www.reuters.com/pf/resources/dist/reuters/css/ 2 KB
1 KB 61ms
61ms Stylesheet
text/css 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

812d2cb7d3db03fc1f0f06523487b4ac942d6b9634c919550067809949303f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-amz-request-id: 4NDS9G2P9EW79HK4
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 425
x-amz-id-2: t9Qbn9tt9b/AxCr6/yXSqkX8Gb9vrASHcVVQeEjLyu+LS3PVp6qX7LppVCoMtLEDDCl71WjbAwQ=
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 17:34:49 GMT
server: openresty
etag: W/"348fb129183d7981241fa8af93296435"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: UhqonaM-xxSqXjuXVf4TUL0kKG5Ue5EEcBBnvlJgDtYcLBuv_tgqVw==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 reuters.js Show response
tru.am/scripts/custom/ 890 B
1 KB 132ms
46ms Script
application/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/reuters.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6d8b16bf827fbfe535f67361873713ba49796900c0e2fc2d2ba081d584441c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=rgia6w==, md5=kFKN7mSLaVaof+zwydDtZQ==
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5360
x-guploader-uploadid: ADPycdvM2B7QvWgarsdhPF8TH0TmC09mwN7knfWtzlXkEUhpNOBc4Hz3-bGnQo-YLa9OxP8Jbq3VuVfvyJfiWa7Coe6B240m-g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 09 Mar 2022 04:19:29 GMT
server: cloudflare
etag: W/"90528dee648b6956a87fecf0c9d0ed65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBjAg3v%2F8a1oAuOSLPirLKIRBibxzarJ%2BEnliPVjO8daSbAHbx9oVXXlocgCnOF0EcTi3kAPxmlbVou%2BE7NWqvZKtgZ4KHAHn5m59GeJiHe%2BrV125OUHfRauJdMu7oqy2MBFYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1646799569984126
content-type: application/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 890
cf-ray: 74e97ee25e780e1a-MXP
expires: Fri, 22 Sep 2023 06:29:08 GMT

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 117ms
15ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
age: 21786
x-guploader-uploadid: ADPycdsW5P_8RMJOa76UmUt4xD5euCqfwN1bl-6Qp9eM39N7hRaK55xc06GmcRkIReGPqj-kbR2I-6EH9h1yN1SnhTgkSr_e-m91
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6181
x-served-by: cache-hhn4045-HHN
last-modified: Thu, 17 Mar 2022 20:05:53 GMT
server: UploadServer
x-timer: S1663833508.220140,VS0,VE0
etag: "1e95949e7c12b7ee6c5f4dd56d15b476"
vary: Origin
x-goog-hash: crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
x-goog-generation: 1647547553107114
via: 1.1 varnish
expires: Wed, 21 Sep 2022 01:55:20 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6181
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 3894

GET
H/1.1 200
OK 0.0.async Show response
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/ 6 KB
2 KB 641ms
134ms Script
text/html 209.234.224.18
MOD-PTC

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.234.224.18 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: 7ecdc53e20caae1fcccda96e1f8aae0b1f69d5b7dcc1151c5f6a4aa48e492cbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 07:58:28 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 381ms
34ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7BKk7WQU1Z9EDMZmf1T6Vg==
age: 14306
vary: Accept-Encoding
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Wed, 21 Sep 2022 16:34:52 GMT
server: cloudflare
etag: 0x8DA9BEF35E37A20
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bae06065-f01e-002e-5eed-cd5821000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee3f8b3cc56-ZRH

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
69 KB 134ms
52ms Script
application/javascript 2a00:1450:400d:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d32eedef25bcfd9d6340818a505e3761192d4a3bca41e7a01d6be7d6d33ecff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70077
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 07:58:28 GMT

GET
H2 200 GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 82ms
23ms Script
application/javascript 2a02:26f0:3500:586::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:586::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
last-modified: Tue, 30 Aug 2022 02:56:13 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 knowledge-bold..woff
www.reuters.com/pf/resources/dist/fonts/ 57 KB
58 KB 41ms
41ms Font
application/font-woff 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-bold..woff?d=111

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

f35a279e1ae0044ad0f8eab1c3d0569e707f13a2894f43b15e0de447098bee44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111
Origin: https://www.reuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-amz-request-id: 4NDMRE14GRQPTV0A
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 58272
x-amz-id-2: PnYr/jIghDMrqXm9aToQaIKBKpXJX8XkutV0/KyPkZvTgvf+cX8RawKCIVMCTfvB1SAPjwU36yg=
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 17:34:49 GMT
server: openresty
etag: W/"ba054d73a350fc1f77147054141c191c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: cJAEA2LZAWM2UNwhZ8JI5IcM1ME134WKaSsG19g1GD_NqTty_o4MoQ==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 knowledge-regular..woff
www.reuters.com/pf/resources/dist/fonts/ 49 KB
50 KB 39ms
38ms Font
application/font-woff 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-regular..woff?d=111

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

f01d25f7a76e0682a7a43230c32bef653eaf28b8a6f7a683ebb88bf8c6aa4f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111
Origin: https://www.reuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-amz-request-id: 4NDK4T7GJ1C2P2V1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49926
x-amz-id-2: gvJNR46YTLBKBzxjq60i7Q35w8BI5bsnRBs9jwPse6RYt5n41Jg85tYlK2B/tJiJMLsEPiyI+YI=
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 17:34:49 GMT
server: openresty
etag: W/"688baa6ec8576871229e082dcd4b4c5a"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: A5-2vyhlYgG9k3mgiH_m2sTWt-gfyTYQnzZdL_J26gQDaNmJKhh81A==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 knowledge-medium..woff
www.reuters.com/pf/resources/dist/fonts/ 49 KB
50 KB 45ms
45ms Font
application/font-woff 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-medium..woff?d=111

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

d7d62426c6b87d35cef5c2c873355aa44edffcf4a7f927f1c51b10694ea4f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111
Origin: https://www.reuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-amz-request-id: HBHF56K663901TYR
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 50065
x-amz-id-2: 3Dgp64LC+K2yjUFJjO/bp7Sk1xf66hu5R9iTc4MGPJuy7IRot8OLeJTkz32nI8RQV234CgWi8NQ=
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 17:34:49 GMT
server: openresty
etag: W/"cb99300d7588193b6c012888b94697ec"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: nKnU98tHaWRZ9JFJ9zN7vlPdATH86OX7GG0XhTOoGVrpGZ3u4ZTGQg==
expires: Fri, 22 Sep 2023 07:58:28 GMT

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 35 KB
12 KB 85ms
39ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/default.js?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40548521f94d96e418dd5b1cdc6dd2a4140418d6d35ab57d021a6f9bd203949e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 10:30:42 GMT
server: cloudflare
etag: W/"8ba6-5e8b4bcca8594"
strict-transport-security: max-age=2592000
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 22 Sep 2022 08:00:28 GMT
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 74e97ee49fa45c6e-FRA
cf-bgj: minify

GET
H2 200 Y4BTVIVUGRPRTL6QCENB6KBZTA.jpg
www.reuters.com/resizer/d7BNYZZW_DF-u-4sCoEfilVys2Y=/728x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 47 KB
48 KB 59ms
59ms Image
image/jpeg 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/d7BNYZZW_DF-u-4sCoEfilVys2Y=/728x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/Y4BTVIVUGRPRTL6QCENB6KBZTA.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

Akamai Image Manager /

Resource Hash

254395bf215e50b3a9f0b2986f95e93d321418f014c227674f2f952fca688a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:28 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=247
content-length: 48221
last-modified: Tue, 20 Sep 2022 16:56:57 GMT
server: Akamai Image Manager
etag: "e8d520d0bd4a7f8ef920d08d8fea06d3f720ecfa"
x-serial: 335
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: private, no-transform, max-age=31395405
x-amz-cf-id: MVHR9ENPoro-JYxAoAjxDav_xdJ8X2-IVrV6AXE9_IlnwZ8Pxvxgqg==
expires: Wed, 20 Sep 2023 16:55:13 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/reuters-com/ 146 KB
55 KB 113ms
42ms Script
application/javascript 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/reuters-com/pubfig.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/default.js?d=111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9fcbf95da8f48e642578309e490d3d3688cccb4bc7099e0bf25900abc04ce98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=pyVRZA==, md5=CQSateKNr63+h9CvZ+ENsg==
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48343
x-guploader-uploadid: ADPycds4JFFckgvHLHROlF3aIo7YYRBaXdfniECuQaOBnq3mjjKLUvBFJLNDUpY1PZxyye7jb6veHjcfJGJJ9cO8i2Walg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 15:19:12 GMT
server: cloudflare
etag: W/"09049ab5e28dafadfe87d0af67e10db2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ck4vjg4jHqbcAiL79GIsh%2BmQLrd5v6NEOPm3J9hZ1lXCRCdaEPaZv44XJBtfY7qm0%2FGJ9PwpgLh7JADkgXe9semQ5Uy18cf26L8%2B%2BjLkXNDPzS1ExV7PrNAGfoM5susDH0YGST%2FvP2av8Gg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1663606565311441
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 149722
cf-ray: 74e97ee4ebef83b5-MXP
expires: Wed, 21 Sep 2022 18:33:42 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/184105/ Frame A8B0
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/184105/connatix.player.dc.js

952 KB
218 KB

24ms
15ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184105/connatix.player.dc.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5b0f608377268809770e5a92d2943d7c3b68aef0f780dd63950d4d1fa24ead2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:30:29 GMT
age: 62688
etag: "5767ab9963b0d2f269da710a56238d76"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 223059

Redirect headers

location: https://cds.connatix.com/p/184105/connatix.player.dc.js
date: Thu, 22 Sep 2022 07:58:28 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 443 KB
78 KB 104ms
16ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93dd788a8c47a9491708bfbfdb2a2fa5275966742bc758c4c3493c9f6f1108c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: XyDLxkoi_DLg8jsCTic5HZuv9OEP9Jjl
content-encoding: br
etag: W/"7070f1aa96ba20bb742d80cd33df49b5"
age: 53
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 21 Sep 2022 10:32:40 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 07:57:41 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: ZIchYZgAwWKQguFXDIv9n8LWddKvgAlrQ3htPOt-U7gtrr-YbnLosw==

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 100ms
29ms Script
application/x-javascript 104.103.105.174
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.103.105.174 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-105-174.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 12 Jul 2022 22:09:35 GMT
Date: Thu, 22 Sep 2022 07:58:28 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "a2d639123c96d81:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 22 Sep 2022 07:58:28 GMT

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 98 B
642 B 121ms
121ms XHR
application/json 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c01300a23176847ad225adc6cdc81fa2ad9d1dcabbdc1aabc198c2d91ea1d70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:28 GMT
strict-transport-security: max-age=31536000 ; preload
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
anonid: 38d57fb5-0664-491d-9771-0b974cc27d40
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
content-length: 98
expires: Thu, 22 Sep 2022 07:58:28 GMT

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 226ms
115ms Preflight 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control
Access-Control-Request-Method: GET
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
date: Thu, 22 Sep 2022 07:58:28 GMT
expires: Thu, 22 Sep 2022 07:58:28 GMT
pragma: no-cache
strict-transport-security: max-age=31536000 ; preload

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 40ms
39ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 821046
x-guploader-uploadid: ADPycdvQDKdXByx88hIvZEQ77wBzs1uVhOwPXUc69pq_Iq4opzB_2Jg1WKVp5aAZU54X-g-2KdzJXhHgbyp-DkcJTpQCP02Xebrd
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDokoo16aOrMmitMG0ETzYjSJ2qbYZVh3J8V%2BErDebisb3a6xX8nrWjCerBDzHWBZxX3xV9WcQJeBGkwfmPe2KfOJ9ps95wMERJbQmT4PdfLKbc3wsxmToycnzph82OWvzxKSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1658389514760491
content-type: text/javascript
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 74e97ee529280e1a-MXP
expires: Mon, 12 Sep 2022 19:54:32 GMT

GET
H2 200 reuters.js Show response
tru.am/scripts/1/ 1 KB
1 KB 38ms
37ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/1/reuters.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac70196c8f6dba8f6bbab3be2acf9597dc6edef256fc7e211e3878dcd9d5fbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=mAzudw==, md5=pV4Ur+aAan+EwAfQoMr/8A==
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 496481
x-guploader-uploadid: ADPycdsHjSBWte-7kzbJTabaVBKyp7pqvJp2XinatVWOkLreXxO3m8ylBy4IuQM-IsAJa5N5UgAIULzteysY0FvmjlzXgg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 14:00:02 GMT
server: cloudflare
etag: W/"a55e14afe6806a7f84c007d0a0cafff0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZbMVI5CaIrS9BOdVtHgIxTtntEB8MJCmA6%2BmI6V%2F9lvov3OV7bwSPdvmGEDEMp8G3GX3AdlzCROcIyY4EptTOEt99pFPAHGJaXbVbpxGWb%2BSwv3FvpbqDSx0rQJ1u%2FQSGZWHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1663336802632430
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1265
cf-ray: 74e97ee529290e1a-MXP
expires: Fri, 16 Sep 2022 15:02:50 GMT

GET
H2 200 datadog-rum-v4.js Show response
www.datadoghq-browser-agent.com/ 121 KB
39 KB 61ms
18ms Script
application/javascript 143.204.207.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by: Host: info.chainalysis.com
URL: https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-145.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edbb5145efc49607980b0920490a9a72361518249f4e071a659acc7e1ad4d8cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:57:57 GMT
content-encoding: br
last-modified: Tue, 13 Sep 2022 11:18:18 GMT
server: AmazonS3
age: 56
etag: W/"3ec85af5b7a7bfaf3821a0a2345fe9af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: FRA53-C1
timing-allow-origin: *
x-amz-cf-id: CM2yW_IargCI3byNW-GmC9BeU0I11tk_Vq_LvkyIHH6dhJE6DXstgw==

GET
H2 200 38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/ 4 KB
2 KB 84ms
39ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f456759be0c1cd90b34b2c0e3019a4535c05023dc6e28ecadb56204f971c5adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NHW9brvHKkXSbMOVYJf8IA==
age: 14291
vary: Accept-Encoding
content-length: 1624
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 18:16:48 GMT
server: cloudflare
etag: 0x8DA757C54FD82AE
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 446fe2d6-501e-00ef-7176-a7d398000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee59c0e23c7-ZRH
expires: Thu, 22 Sep 2022 11:58:28 GMT

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 408 B
406 B 57ms
57ms XHR
application/json 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=321&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07dbb23174231bf463010a82335621aae4f96e3cedb58db5aa9a8afde9fe80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 74e97ee5592e5c6e-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 410 B
331 B 59ms
58ms XHR
application/json 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=322&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5e29ae0d83d140ff226a3dce76d03b3caa0383d8d9343cd5071fd4802e8434

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 74e97ee559305c6e-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK svrGP
s2124157686.t.eloqua.com/visitor/v200/ 49 B
448 B 906ms
149ms Image
image/gif 142.0.173.23
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2124157686&ref=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&ref2=https%3A%2F%2Finfo.chainalysis.com%2F&tzo=0&ms=691&optin=disabled

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.23 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Thu, 22 Sep 2022 07:58:29 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 init Show response
d.pub.network/v2/ 98 KB
7 KB 182ms
136ms XHR
application/json 35.201.71.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/init?siteId=1783&env=PROD
Requested by: Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.71.201.35.bc.googleusercontent.com
Software: /
Resource Hash: 066501ed8f2e84524d0f8ef27ba7631a56969cfd8eba859bf99361615084812e

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H3 200 reuters_pixel.681ed4.js Show response
tru.am/scripts/a/ 29 KB
10 KB 43ms
42ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/a/reuters_pixel.681ed4.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/1/reuters.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4c21b9220546781d7ca1dc0b2d2b90ce8fea9b9806956c63ce2c6e8474075d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-goog-hash: crc32c=5XhlJQ==, md5=6kiO6MVNCrvC7LBssGsEhw==
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 496538
x-guploader-uploadid: ADPycdvbkFUR5uU9ss3jpEeyIrChIQ7wS9zKoZ98iy7i3aIdjduRDqHJbubOMTntFn3GsIe022GkIqJ2zyhXZBfa5hnMjQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 13:59:04 GMT
server: cloudflare
etag: W/"ea488ee8c54d0abbc2ecb06cb06b0487"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCFeAu2V8C3sd83SLECzH%2Fbs4qDyhLNuz4PzLcUGalsJiF6eT%2BrIuNbL3Oouynl734FewWcZ6tOIk5%2F9cK6rp6Ux4HaWKJcVDG4qdJhhGZLj%2Bhq4v%2BfxNI29zuU6zV261ESGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1663336744692135
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 30077
cf-ray: 74e97ee59e30badf-MXP
expires: Fri, 16 Sep 2022 15:02:50 GMT

GET
H/1.1

200
OK

svrGP.aspx Show response
s2124157686.t.eloqua.com/visitor/v200/
Redirect Chain

https://s2124157686.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=2124157686&ms=691
https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=2124157686&ms=691&elqCookie=1

79 B
581 B

126ms
125ms

Script
application/javascript

142.0.173.23
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=2124157686&ms=691&elqCookie=1

Requested by

Protocol

HTTP/1.1

Server

142.0.173.23 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

a19fa6eef32401e092167415508f66272657f6fd77dc0196c287e0eeda228abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 07:58:29 GMT
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 106
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Thu, 22 Sep 2022 07:58:29 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s2124157686.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=2124157686&ms=691&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 229
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ 169 B
293 B 59ms
59ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1825
cf-polished: origSize=199
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"c7-57ff735ded940"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 74e97ee5d9f05c6e-FRA
expires: Thu, 22 Sep 2022 11:58:28 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame CB4C 8 KB
3 KB 72ms
72ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed8fac5815bb7a742f5b77e464cf4d122984c51d9444e2d1b0d8eec0e281b2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-h2-pushed: </img/a/pss/3352/93.css>
cf-ray: 74e97ee5d9f65c6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 07:58:28 GMT
expires: now
link: </img/a/pss/3352/93.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ 1 KB
1 KB 50ms
49ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2588048
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=2592000
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:28 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee5d9f25c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
259 B 67ms
67ms Image
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.321.Reuters&geo_ccod=de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 74e97ee5d9f85c6e-FRA
vary: X-FORWARDED-PROTO
content-length: 77
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 07:58:28 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 22D6 21 KB
4 KB 81ms
81ms Document
text/html 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a43658070dbf04fd66cc9c1b649e59b50b582952e9d61d2955cd0ee2297543

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache,no-store,private
cf-cache-status: DYNAMIC
cf-h2-pushed: </img/a/pss/3473/26.css>
cf-ray: 74e97ee5d9fc5c6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 07:58:28 GMT
expires: now
link: </img/a/pss/3473/26.css>;rel=preload;as=style
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=2592000
vary: X-FORWARDED-PROTO
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
137 B 67ms
67ms Image
image/gif 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.322.Reuters&geo_ccod=de

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 74e97ee5d9fa5c6e-FRA
vary: X-FORWARDED-PROTO
content-length: 77
x-xss-protection: 1; mode=block
expires: Wed, 21 Sep 2022 07:58:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
14ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 3388
date: Thu, 22 Sep 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 22 Sep 2022 09:02:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
384 B 120ms
69ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74e97ee63f1a01e3-ZRH
access-control-allow-headers: Content-Type

POST
H2 200 beacon Show response
beacon.tru.am/ 45 B
613 B 229ms
156ms Fetch
application/json 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ab840a8734ebd6a051c7611539037da47878ac8c1f240f685fd45e1d091ca8

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
pragma: no-cache
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2%2F8J8HztqQ6IvAMQcXYxl%2F22gtJb8076X2%2FshSiYeSguTPc8GIpOtU25UXce9%2BVm9SYjNxHea0Tu8n0y0QyqZvgdzuQeRC4g7rqDYoQYQ8bu6uxpJ7RoQFMzWJddKEK61hUtNRUyTLfMSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 74e97ee66db4bacf-MXP
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK 1663833508;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Ftechnology_@2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20_@2F_@3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABV... Show response
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/ 787 B
1 KB 144ms
144ms Script
text/html 209.234.224.18
MOD-PTC

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/1663833508;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Ftechnology_@2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20_@2F_@3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e;https%3A_@2F_@2Finfo.chainalysis.com_@2F;;
Requested by: Host: ad.wsod.com
URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.234.224.18 , United States, ASN395162 (MOD-PTC, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: e995ca7aaad3f1e9289bc4acbb975c2c250fb5d5270af5767d8d4320063de52e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 07:58:28 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 85ms
28ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tru.am
URL: https://tru.am/scripts/a/reuters_pixel.681ed4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: /Ns1rprbrxQ2q+nF96pLh56tnMNUcgFEj0D2esjf73FHE+hGDThCUr9G6dzJpUg9ReSpZbyp+VteqXuqx3XEMw==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 07:58:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 51 B
323 B 445ms
45ms XHR
application/json 184.51.8.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW&d=www.reuters.com&t=5546112&v=1.632.0&sl=0&si=omly3k2pex9-rilq5g&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=656997
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 184.51.8.202 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-8-202.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6aff8294af9ed8a0de81943befa1bf28a20befd348f4df64bd30a201d37b8504

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 22 Sep 2022 07:58:29 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
174 B 548ms
173ms XHR
application/json 35.155.253.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.253.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-253-53.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:29 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 52ms
15ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 22 Sep 2022 08:07:25 GMT

GET
H2 200 93.css
www.dianomi.com/img/a/pss/3352/ Frame CB4C 5 KB
2 KB 5ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3352/93.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfba2a255aecf3904717378babec2da68171f3b42b408782563d2d2aecbc8b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2588044
cf-polished: origSize=9088
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
last-modified: Tue, 31 May 2022 16:10:30 GMT
server: cloudflare
etag: W/"2380-5e05102f6a1bc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:28 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 74e97ee63a925c6e-FRA
cf-bgj: minify

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame CB4C 8 KB
3 KB 39ms
38ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ea5adf14b93b7db936b4a5aa1400cdcf744baaf01faf1ecc402f2775dbfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
cf-polished: origSize=12434
last-modified: Tue, 20 Sep 2022 08:36:20 GMT
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"3092-5e917b8f8de5c"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 74e97ee66af35c6e-FRA
expires: Thu, 22 Sep 2022 08:00:28 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame CB4C 1 KB
1 KB 40ms
35ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2588048
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=2592000
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:28 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee68b105c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/269460/2/ Frame CB4C 11 KB
12 KB 40ms
36ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/269460/2/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c0973e2bb03e0ac522a48c70abf4d9f6f1fb49f0ec1f172d55049e85c3abdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 754445
cf-polished: origSize=11807, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Sep 2022 14:24:23 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:28 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee68b125c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/255382/4/ Frame CB4C 11 KB
11 KB 39ms
35ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/255382/4/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f229cefc10eb77c24ca8ddc7ebb31b9e6d83b3b20a5ceca37a43cab029976d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202770
cf-polished: qual=85, origFmt=jpeg, origSize=86247
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=2592000
content-length: 11170
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Sep 2022 23:18:32 GMT
server: cloudflare
etag: "150e7-5e81e88059923"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:28 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee68b135c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/270056/3/ Frame CB4C 7 KB
7 KB 43ms
39ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/270056/3/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c3ea5f48e75475fa858c97b2662eb7b4e172fbf837641130570cf70284be9e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 169995
cf-polished: qual=85, origFmt=jpeg, origSize=17457
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Sep 2022 08:44:13 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:28 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee68b155c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/269589/6/ Frame CB4C 18 KB
18 KB 50ms
46ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/269589/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5239c93a8a309697ddaa09071cf074f39bc17f0069644ffc5e229ff36a7751f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 581564
cf-polished: degrade=85, origSize=38466, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 14:25:44 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:28 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee68b165c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H3

200

B26980385.345378465;dc_pre=CJqfkOr2p_oCFUCe_Qcd1r8CfQ;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./ Frame CB4C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CJqfkOr2p_oCFUCe_Qcd1r8CfQ;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_f...

42 B
64 B

89ms
56ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CJqfkOr2p_oCFUCe_Qcd1r8CfQ;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CJqfkOr2p_oCFUCe_Qcd1r8CfQ;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26.css
www.dianomi.com/img/a/pss/3473/ Frame 22D6 6 KB
2 KB 9ms
0ms Stylesheet
text/css 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3473/26.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f9381ba44c58b39cb07fbb8e71258fd46bdb308364505f7e9ac07ef96cfedfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2588045
cf-polished: origSize=9981
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Aug 2022 08:07:51 GMT
server: cloudflare
etag: W/"26fd-5e6e40f8e57b0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:28 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 74e97ee64aab5c6e-FRA
cf-bgj: minify

GET
H2 200 viewability11.js Show response
www.dianomi.com/js/ Frame 22D6 8 KB
3 KB 40ms
37ms Script
application/javascript 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability11.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ea5adf14b93b7db936b4a5aa1400cdcf744baaf01faf1ecc402f2775dbfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
cf-polished: origSize=12434
last-modified: Tue, 20 Sep 2022 08:36:20 GMT
strict-transport-security: max-age=2592000
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"3092-5e917b8f8de5c"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=120
access-control-allow-credentials: true
cf-ray: 74e97ee68b145c6e-FRA
expires: Thu, 22 Sep 2022 08:00:28 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 22D6 1 KB
1 KB 61ms
55ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2588049
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=2592000
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c205c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/269147/7/ Frame 22D6 13 KB
13 KB 57ms
52ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/269147/7/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

491b21d82c937a0b3f492755add02a1ff937c40ed83080478d2ff3ffd944c081

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64784
cf-polished: qual=85, origFmt=jpeg, origSize=22376
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Sep 2022 13:58:45 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:29 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee72c235c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/270381/2/ Frame 22D6 12 KB
12 KB 54ms
49ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/270381/2/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d865b73802449a1dd4c7d212b50105307efd9dc30ce4a0e3b82b2c7047b1a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63510
cf-polished: qual=85, origFmt=jpeg, origSize=54229
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Sep 2022 14:19:55 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:29 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee72c245c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/263079/5/ Frame 22D6 8 KB
8 KB 53ms
48ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/263079/5/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d611acef2046fa281a8fd8b0127fc125c55907db8997b60cff77bd32afe59f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 285234
cf-polished: qual=85, origFmt=jpeg, origSize=13657
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=2592000
content-length: 7890
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Sep 2022 11:52:36 GMT
server: cloudflare
etag: "3559-5e87988268290"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c275c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/265623/3/ Frame 22D6 16 KB
16 KB 58ms
54ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/265623/3/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d1b6d1881cec8af17f88cba8345e025a974be8beef007b59df24dcca96b1f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1964966
cf-polished: degrade=85, origSize=45426, status=webp_bigger
strict-transport-security: max-age=2592000
content-length: 16301
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Aug 2022 14:08:55 GMT
server: cloudflare
etag: "b172-5e775ebbd9bd8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c2b5c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/256662/4/ Frame 22D6 5 KB
6 KB 52ms
48ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/256662/4/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c43925a305244d713ab2c336429764db8f0aaa938538575a1af156b325004fdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1445619
cf-polished: qual=85, origFmt=jpeg, origSize=34605
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=2592000
content-length: 5622
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Aug 2022 05:25:30 GMT
server: cloudflare
etag: "872d-5e618a0880df6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c2d5c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/269463/2/ Frame 22D6 19 KB
19 KB 51ms
47ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/269463/2/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a89e410a1e5cd40b89ba911c65783b59616f9396977a09b43b520a683e3e1069

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 202864
cf-polished: degrade=85, origSize=39933, status=webp_bigger
strict-transport-security: max-age=2592000
content-length: 19352
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Sep 2022 14:25:18 GMT
server: cloudflare
etag: "9bfd-5e88fc8163768"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c2f5c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/268117/4/ Frame 22D6 17 KB
18 KB 62ms
58ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/268117/4/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2994312ab9a883fa489b311d1efe2c89b4aa6f543317e8c660677cbcc3ca9527

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 116214
cf-polished: degrade=85, origSize=88232, status=webp_bigger
strict-transport-security: max-age=2592000
content-length: 17764
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Sep 2022 16:33:00 GMT
server: cloudflare
etag: "158a8-5e7b448813478"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c315c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/130501/8/ Frame 22D6 19 KB
19 KB 41ms
37ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/130501/8/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e848f578130a2c6d8a5c216d4208430bb28315b33300bb9cfa1c9fded0c007c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2587942
cf-polished: degrade=85, origSize=30909, status=webp_bigger
strict-transport-security: max-age=2592000
content-length: 19361
x-xss-protection: 1; mode=block
last-modified: Sun, 14 Aug 2022 10:55:01 GMT
server: cloudflare
etag: "78bd-5e63158cfa82b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c325c6e-FRA
cf-bgj: imgq:85,h2pri

GET 321x214.jpg
www.dianomi.com/img/a/sav2/269589/6/ Frame 22D6 0
0

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/267149/4/ Frame 22D6 23 KB
23 KB 59ms
56ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/267149/4/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1548918ddff8711b0e1ac8d3b7805ae1fe938012d8e753e596bb9f872aaf2101

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1983870
cf-polished: degrade=85, origSize=37097, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Aug 2022 08:47:07 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:29 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee72c355c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/255374/5/ Frame 22D6 18 KB
18 KB 56ms
53ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/255374/5/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c3949807d568271265fb7f16ea4cbc134bb688bbd73cd7d3e6aaa45bd812ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 808421
cf-polished: qual=85, origFmt=jpeg, origSize=99604
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=2592000
content-length: 18220
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Sep 2022 23:20:43 GMT
server: cloudflare
etag: "18514-5e81e8fdea8e5"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c365c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/266301/3/ Frame 22D6 2 KB
2 KB 60ms
57ms Image
image/webp 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/266301/3/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66928011e9a8a27370b40d339fba947c7a6b58981c4c5b51b70d74452f92611d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2462022
cf-polished: qual=85, origFmt=jpeg, origSize=7571
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=2592000
content-length: 2344
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Aug 2022 12:47:59 GMT
server: cloudflare
etag: "1d93-5e6d3db92dd76"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 22 Oct 2022 17:58:29 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 74e97ee72c375c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H3

200

B26980385.345378465;dc_pre=CIubler2p_oCFUOZ_QcdYYMKGw;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./ Frame 22D6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CIubler2p_oCFUOZ_QcdYYMKGw;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_f...

42 B
65 B

70ms
50ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CIubler2p_oCFUOZ_QcdYYMKGw;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6563.576592DIANOMIINC./B26980385.345378465;dc_pre=CIubler2p_oCFUOZ_QcdYYMKGw;dc_trk_aid=536990738;dc_trk_cid=177319699;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 22D6
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1133784/65726462/skeleton.gif
https://static.adsafeprotected.com/skeleton.gif

43 B
483 B

91ms
15ms

Image
image/gif

2600:9000:214f:600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
Protocol: H2
Server: 2600:9000:214f:600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
age: 7664731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: oC78qdSHIRPdj3F2_wa-Cyqz71M9LKhqhI9Exf7q4nD0PCS9-oTpdA==

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif
cache-control: no-cache
content-length: 0
server: nginx

GET
H3

200

B28277029.346023471;dc_pre=COOakOr2p_oCFTTDuwgdpH0O5Q;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent... Show response
ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/ Frame 22D6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_pre=COOakOr2p_oCFTTDuwgdpH0O5Q;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for...

15 KB
11 KB

101ms
67ms

Script
text/javascript

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_pre=COOakOr2p_oCFTTDuwgdpH0O5Q;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

18cb06bc044762e23a3fa6ac410f2e1a86b32904cbedacb843542be840562b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11470
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_pre=COOakOr2p_oCFTTDuwgdpH0O5Q;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B27452628.346325825;dc_pre=CPiYler2p_oCFYPwuwgdBYIJ0w;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent... Show response
ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/ Frame 22D6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;g...
https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_pre=CPiYler2p_oCFYPwuwgdBYIJ0w;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for...

18 KB
13 KB

63ms
57ms

Script
text/javascript

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_pre=CPiYler2p_oCFYPwuwgdBYIJ0w;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

35fffe668e2c8f3234f338c82fb2138c9ac2a29a5bcecc2fa93d46f140fce3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12823
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_pre=CPiYler2p_oCFYPwuwgdBYIJ0w;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B28090910.344991753;dc_pre=CPOgler2p_oCFZVF5QodoDYKvA;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/ Frame 22D6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B28090910.344991753;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B28090910.344991753;dc_pre=CPOgler2p_oCFZVF5QodoDYKvA;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;t...

42 B
65 B

57ms
50ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B28090910.344991753;dc_pre=CPOgler2p_oCFZVF5QodoDYKvA;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B28090910.344991753;dc_pre=CPOgler2p_oCFZVF5QodoDYKvA;dc_trk_aid=536720952;dc_trk_cid=177282692;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B28384395.343985369;dc_pre=CNypler2p_oCFTTLuwgdd-MK0g;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent... Show response
ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/ Frame 22D6
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B28384395.343985369;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B28384395.343985369;dc_pre=CNypler2p_oCFTTLuwgdd-MK0g;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_f...

15 KB
11 KB

68ms
62ms

Script
text/javascript

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B28384395.343985369;dc_pre=CNypler2p_oCFTTLuwgdd-MK0g;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

f0066a442b456e21b928e8e34dd1de3e27f6b0fe574e9bd60148695103b2b543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B28384395.343985369;dc_pre=CNypler2p_oCFTTLuwgdd-MK0g;dc_trk_aid=535623818;dc_trk_cid=176232131;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.29b1ff4c2227d65c148f.js
cds.connatix.com/p/184105/ Frame A8B0 0
47 KB 15ms
15ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:30:30 GMT
age: 62688
etag: "e5fe8d4634de636d5a9d4be6c94dfe3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48328

GET
H2 200 player.css
cds.connatix.com/p/184105/ 60 KB
9 KB 18ms
17ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184105/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 52191420a5a431811f417bfbecf8e7258b4353358f194d5491cf12e32c6a4afc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:30:30 GMT
age: 62688
etag: "7de7ede7a6305cc2f4a9963b0623371e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 9306

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ 334 KB
79 KB 37ms
36ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D263R6OySncrpIc5uRH3nQ==
age: 14302
vary: Accept-Encoding
content-length: 80955
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:24 GMT
server: cloudflare
etag: 0x8DA032EC5D12B02
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 37f37dc6-101e-000d-6e1d-3537ea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee71caccc56-ZRH

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 129ms
39ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-24152976-22&cid=440535591.1663833509&jid=935513008&gjid=818071499&_gid=132081972.1663833509&_u=aGBAgEAjAAAAAE~&z=2137220336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Sep 2022 07:58:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=1655588862&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&dr=https%3A%2F%2Finfo.chainalysis.com%2F&ul=en-us&de=UTF-8&dt=Major%20crypto%20trader%20Wintermute%20hit%20by%20%24160%20million%20hack%2C%20CEO%20says%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=article.content.bottom.visible&ev=0&_u=aGBAgEAj~&jid=935513008&gjid=818071499&cid=440535591.1663833509&tid=UA-24152976-22&_gid=132081972.1663833509&cm26=1&cd2=Technology&cd11=CRYPTO-CURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd4=Article-News&cd32=2022-09-20T09%3A37%3A33.485Z&cd10=image&cd9=%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Tom%20Wilson&cd3=Technology&cd1=Technology&cd13=194&cd18=Major%20crypto%20trader%20Wintermute%20hit%20by%20%24160%20million%20hack%2C%20CEO%20says&cd37=MYIWLGXIXZLMJK7NQQCRKLK3FM&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=L8N30R25T&cd44=1&cd51=CRYPTO%2CCURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd52=BLKCHN%2CCRYCUR%2CFIN%2CFINS%2CFINS08%2CFINTE%2CFINTE1%2CFNMKT%2CFRX%2CFTECH%2CGEN%2CITEC%2CSCI%2CSOCI%2CTECH%2CTECH08%2CTMT%2CUK%2CWWW%2CGB%2CWEU%2CEASIA%2CAMERS%2CUS%2CEUROP%2CNAMER%2CASXPAC%2CEMRG%2CCN%2CASIA%2CTOPNWS&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-09-21T00%3A27%3A14.072Z&cd77=Data%20Privacy%2CProduct%20Liability&cd79=Tom%20Wilson&cd102=-1&cd127=Anonymous&cd128=Reuters&z=1991626793

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 00:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28662
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 231683795448623 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 69ms
34ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231683795448623?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42816af823ea7a24a3e181630a2e90cfe2cda150c4ee056db52a6b8e50943800

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 86057
x-xss-protection: 0
pragma: public
x-fb-debug: YPa92HZrkW0p5CTBifItWrZ2zfWwaUF4Pve2yr8HyeopEXWD4OqZRRGgPpR2WooYIWHE8i/6X+4lRd2KudZH9A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 22 Sep 2022 07:58:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/269589/6/ Frame CB4C 18 KB
18 KB 44ms
44ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/269589/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5239c93a8a309697ddaa09071cf074f39bc17f0069644ffc5e229ff36a7751f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&numAds=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6616-YywVpBueyHfC-1_17T_j4AAAABE0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 581565
cf-polished: degrade=85, origSize=38466, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 14:25:44 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:29 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee74c605c6e-FRA
cf-bgj: imgq:85,h2pri

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame A8B0 8 KB
4 KB 174ms
134ms XHR
application/x-protobuf 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dfe2e46eef9fa0db186e5a8645148da49093057f44b11391c05f25db6ac7e2dc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 86400
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3964

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/269589/6/ Frame 22D6 18 KB
18 KB 47ms
45ms Image
image/jpeg 104.18.23.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/269589/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5239c93a8a309697ddaa09071cf074f39bc17f0069644ffc5e229ff36a7751f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 581565
cf-polished: degrade=85, origSize=38466, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Sep 2022 14:25:44 GMT
server: cloudflare
strict-transport-security: max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 29 Sep 2022 07:58:29 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 74e97ee79cc85c6e-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame CB4C 24 KB
24 KB 97ms
20ms Font
application/x-font-woff 65.9.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3352/93.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-109.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 05:57:36 GMT
content-encoding: gzip
age: 180053
x-cache: Hit from cloudfront
content-length: 24497
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: e4Bgq5Ffg-VMLC6lp16fX2eZJgN4EpJw1vdeHScEd0EODYkiuCG9AQ==
expires: Tue, 27 Sep 2022 05:57:36 GMT

GET
H2 200 Knowledge-Regular.woff
static.reutersmedia.net/resources_v2/fonts/ Frame CB4C 24 KB
24 KB 120ms
42ms Font
application/x-font-woff 65.9.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Regular.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3352/93.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-109.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:34:14 GMT
content-encoding: gzip
age: 303855
x-cache: Hit from cloudfront
content-length: 24249
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: -cztTtgwEXoUbwfmxKtewemX58zvQUrSNjOIXp8E73HSUzjXMsQyWQ==
expires: Sun, 25 Sep 2022 19:34:14 GMT

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame 22D6 24 KB
24 KB 105ms
32ms Font
application/x-font-woff 65.9.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3473/26.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-109.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 05:57:36 GMT
content-encoding: gzip
age: 180053
x-cache: Hit from cloudfront
content-length: 24497
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 0tEm_Pzl487OHg5ZkOOq3dL2syVy9AXfNGGGTZl828D3p82vjrHZ5w==
expires: Tue, 27 Sep 2022 05:57:36 GMT

GET
H2 200 Knowledge-Regular.woff
static.reutersmedia.net/resources_v2/fonts/ Frame 22D6 24 KB
24 KB 89ms
17ms Font
application/x-font-woff 65.9.66.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Regular.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3473/26.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-109.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:34:14 GMT
content-encoding: gzip
age: 303855
x-cache: Hit from cloudfront
content-length: 24249
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: r_jjU_jSmRNIw4Yz9s86vgDbGrB2TCD1VY8EL1ck1Prp3Jujvz3TWg==
expires: Sun, 25 Sep 2022 19:34:14 GMT

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 124 KB
41 KB 90ms
16ms Script
application/javascript 65.9.66.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b8b45f95f260b5fe20ed13bbc24672747119392efa1b1a2ebf8034a87e24c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 22 Sep 2022 00:54:55 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 21:14:26 GMT
server: AmazonS3
age: 25415
etag: W/"02647b6d480ecf7d79935b079efdd47f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 1TwttMuTujejGZC.n3EQcIEYN6TuN6Ro
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: 3jSw7WyTbaj4gpAe5Jo1TFDMiaqu9HgNGBIwT8ZAB8z_DGgUfiH4RQ==

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
173 B 310ms
174ms XHR
application/json 35.155.253.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.253.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-253-53.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:29 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
14ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=1655588862&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&dr=https%3A%2F%2Finfo.chainalysis.com%2F&ul=en-us&de=UTF-8&dt=Major%20crypto%20trader%20Wintermute%20hit%20by%20%24160%20million%20hack%2C%20CEO%20says%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=sophi.attached&el=story&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=440535591.1663833509&tid=UA-24152976-22&_gid=132081972.1663833509&cm26=1&cd2=Technology&cd11=CRYPTO-CURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd4=Article-News&cd32=2022-09-20T09%3A37%3A33.485Z&cd10=image&cd9=%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Tom%20Wilson&cd3=Technology&cd1=Technology&cd13=194&cd18=Major%20crypto%20trader%20Wintermute%20hit%20by%20%24160%20million%20hack%2C%20CEO%20says&cd37=MYIWLGXIXZLMJK7NQQCRKLK3FM&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=L8N30R25T&cd44=1&cd51=CRYPTO%2CCURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd52=BLKCHN%2CCRYCUR%2CFIN%2CFINS%2CFINS08%2CFINTE%2CFINTE1%2CFNMKT%2CFRX%2CFTECH%2CGEN%2CITEC%2CSCI%2CSOCI%2CTECH%2CTECH08%2CTMT%2CUK%2CWWW%2CGB%2CWEU%2CEASIA%2CAMERS%2CUS%2CEUROP%2CNAMER%2CASXPAC%2CEMRG%2CCN%2CASIA%2CTOPNWS&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-09-21T00%3A27%3A14.072Z&cd77=Data%20Privacy%2CProduct%20Liability&cd79=Tom%20Wilson&cd102=2&cd127=Anonymous&cd128=Reuters&cm8=0&z=338343746

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 00:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28663
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 22D6 41 KB
15 KB 84ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N10077.160898DIANOMI/B28277029.346023471;dc_trk_aid=537428811;dc_trk_cid=176282481;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 07:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 07:32:47 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/7eb26c17-dad2-4745-8671-f0d13abb6ce7/ 291 KB
50 KB 67ms
62ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/7eb26c17-dad2-4745-8671-f0d13abb6ce7/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be4633ffd5d477833712c19fbe3e51f9cfa2a0ead383d40f4d340f8df79f9ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: pOSGlP2gSu9uNck2yYVHBQ==
age: 14220
vary: Accept-Encoding
content-length: 50783
x-ms-lease-status: unlocked
last-modified: Wed, 03 Aug 2022 18:18:27 GMT
server: cloudflare
etag: 0x8DA757C8F8BB4D0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dd4ee721-701e-00bc-4676-a7cf97000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee818cc23c7-ZRH
expires: Thu, 22 Sep 2022 11:58:29 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 353 KB
51 KB 39ms
34ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b7a0ecb050a3fa4b727f8b0b070cc886b07d3d6cf8fd796f42e1f7c8c68191b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WnFQTenkCrUnOd8/e2yJhg==
age: 14220
vary: Accept-Encoding
content-length: 51700
x-ms-lease-status: unlocked
last-modified: Thu, 22 Sep 2022 00:13:24 GMT
server: cloudflare
etag: 0x8DA9C2F44098427
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8be1a985-701e-013b-5f18-cedced000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee818e123c7-ZRH

GET
H2 200 googleData.json Show response
cdn.cookielaw.org/vendorlist/ 59 KB
17 KB 46ms
42ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/googleData.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5b00fb1d8632efb31ea7c36949d6bc71c4542af911398045615347c4096243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3UJqYcd+ibxBEPWZM7BgJw==
age: 14297
vary: Accept-Encoding
content-length: 17101
x-ms-lease-status: unlocked
last-modified: Thu, 22 Sep 2022 01:05:06 GMT
server: cloudflare
etag: 0x8DA9C367CB91C93
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 191ef33c-901e-00b6-1620-ced61e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee818ee23c7-ZRH

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ 68 KB
15 KB 48ms
44ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YqubTJFxZ/bgicfXzL0zsw==
age: 14297
vary: Accept-Encoding
content-length: 14952
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:22 GMT
server: cloudflare
etag: 0x8DA032EC4ACF9AB
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3119f4c1-001e-0116-7e1f-355f2d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee81dd0cc56-ZRH

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 157ms
67ms Image
image/gif 2a00:1450:400d:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-24152976-22&cid=440535591.1663833509&jid=935513008&_u=aGBAgEAjAAAAAE~&z=1986092915

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 86ms
43ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-24152976-22&cid=440535591.1663833509&jid=935513008&_u=aGBAgEAjAAAAAE~&z=1986092915

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 114ms
29ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231683795448623&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&rl=https%3A%2F%2Finfo.chainalysis.com%2F&if=false&ts=1663833509153&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663833509152.657550785&it=1663833508991&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
215 B 114ms
29ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231683795448623&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&rl=https%3A%2F%2Finfo.chainalysis.com%2F&if=false&ts=1663833509166&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.1.1663833509152.657550785&it=1663833508991&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/ptarmiganmediadcm677757797954/ Frame 22D6 305 KB
105 KB 94ms
26ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/ptarmiganmediadcm677757797954/moatad.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N6540.160898.DIANOMI/B27452628.346325825;dc_trk_aid=538276453;dc_trk_cid=178207315;ord=1663833508;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d6e66eb994a8253ca0a8a6a200fd07b4786cdd906c40db17830103fcc095005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:30:39 GMT
server: AmazonS3
x-amz-request-id: 1TFXCDFEPA9T97N4
etag: "da60a53cc263f66447ac0d8165ad33a2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17061
accept-ranges: bytes
content-length: 106654
x-amz-id-2: LEGVSWiMg11WmrI/5c1h8tHxGzQlp10NEt3hEmOAoitSu8lsTpsv5iG0m5lHOPcLNOVceZj79tA=

OPTIONS
H2 200 tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 355ms
110ms Preflight 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.reuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 5
content-length: 0
date: Thu, 22 Sep 2022 07:58:29 GMT
server: nginx

GET
H2 200 config_reuters.min.js Show response
cdn.sophi.io/latest/ 29 KB
11 KB 15ms
15ms Script
application/javascript 65.9.66.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/config_reuters.min.js
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a60bda61a9d31e5b9beca0588ecaf047d65617e376494c34587b912e1b877d57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 22 Sep 2022 03:21:47 GMT
content-encoding: br
last-modified: Fri, 29 Jul 2022 21:14:26 GMT
server: AmazonS3
age: 16603
etag: W/"0a653020cc9d68ad2011316114f6a423"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: mxUEac8Fd8xwIi7X.p0Fn1LJQr8zMcGl
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
content-type: application/javascript
x-amz-cf-id: _iQXv-F_Fkn7X3PHlckKz82veHaD68YUi1_OmhsyPXCuK2fgraUX0w==

POST
H2 200 tp2 Show response
collector.sophi.io/com.snowplowanalytics.snowplow/ 2 B
223 B 303ms
106ms XHR
text/plain 52.223.1.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.1.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a8fd921d2017b5f79.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:29 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/plain; charset=UTF-8
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 insights.bin Show response
ins.connatix.com/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/4/ Frame A8B0 65 B
170 B 82ms
16ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/4/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2af036897d9c5e613e5fedc8f071dc67fffa21940e9e196959f29a6d458e4059

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 11:13:03 GMT
age: 499411
etag: "0f9db5e2db05c041423868ee725a1de8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 80

GET
H2 200 insights.bin Show response
ins.connatix.com/48921c65-aedf-4b70-8d0a-aad1ad63c788/3/ Frame A8B0 137 B
225 B 82ms
17ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/48921c65-aedf-4b70-8d0a-aad1ad63c788/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c5e7f8604b48922362da7453c4afb561bc01280a46e4b6568a4bf74e6c00d1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 11:13:23 GMT
age: 763117
etag: "c8acb37fcc33d3b87fd77229cf2dfaec"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 134

GET
H2 200 insights.bin Show response
ins.connatix.com/6d4d0d2b-1ba5-4a1e-b5d1-38e5b1e61479/3/ Frame A8B0 119 B
349 B 80ms
15ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/6d4d0d2b-1ba5-4a1e-b5d1-38e5b1e61479/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44a01ca06fd4e48d823e850ab19c1ad6b7443e24ee8a57d999d6af75999d6e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 11:13:13 GMT
age: 676028
etag: "6ae81fd36176abe702cf4c556fbf6b78"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 111

GET
H2 200 insights.bin Show response
ins.connatix.com/ad2edca3-06e0-40d3-8081-fecde3fb974e/3/ Frame A8B0 128 B
221 B 80ms
16ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/ad2edca3-06e0-40d3-8081-fecde3fb974e/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 052846f1403fb870f5f6cea589fe0aa2ba3bcacfa801b83bd60978abbf9fbd04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 11:12:19 GMT
age: 1191268
etag: "15e683c1d33aa46ed9ed746110610bb8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 130

GET
H2 200 insights.bin Show response
ins.connatix.com/4f9c3e5f-735d-4bb9-8f99-bb5512073e8e/5/ Frame A8B0 56 B
165 B 93ms
29ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/4f9c3e5f-735d-4bb9-8f99-bb5512073e8e/5/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c55ebf35722d8f4a1999d6c035b6d0a2ddecdd2cc315e9829c4432373e768168

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 11:14:59 GMT
age: 2314278
etag: "16f70f2a0939ee9ae817360e3eac8bf6"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 75

GET
H2 200 insights.bin Show response
ins.connatix.com/eef5d667-4f76-4e0b-8db8-e5581872da00/4/ Frame A8B0 56 B
311 B 91ms
27ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/eef5d667-4f76-4e0b-8db8-e5581872da00/4/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 28cfa0d88adead6147bdf51cc792794675e8d9704e086526514982cf1d7dcfdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 11:23:59 GMT
age: 3005399
etag: "eeeed00bd4cff4283da0752e917a9e36"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 75

GET
H2 200 insights.bin Show response
ins.connatix.com/64f50f44-b260-43b5-936c-8666f70fdce4/4/ Frame A8B0 65 B
171 B 82ms
19ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/64f50f44-b260-43b5-936c-8666f70fdce4/4/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 624a446690e7ff5b22a3e08dad807e72668d083d6c8ca2579ae5e41897c2a5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 11:19:46 GMT
age: 3600955
etag: "bb1453d3eb4398f3a71d26f5e1d54cae"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 80

GET
H2 200 insights.bin Show response
ins.connatix.com/3060be0a-a597-4b6d-9c8e-7ee09340c7dd/6/ Frame A8B0 128 B
219 B 91ms
28ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/3060be0a-a597-4b6d-9c8e-7ee09340c7dd/6/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f44082adc8c63bbaaf1f09801319d7006c759772e6daf25590803b9be65426e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 11:13:48 GMT
age: 3026316
etag: "d1a47d9730e116a23b11130c8e817792"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 128

GET
H2 200 insights.bin Show response
ins.connatix.com/81e2c984-8fb6-436a-ae70-7a9f1e7c415c/3/ Frame A8B0 65 B
171 B 80ms
17ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/81e2c984-8fb6-436a-ae70-7a9f1e7c415c/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0378200c7220f862f56d0b794f2a95d395a89ec548cb5fbcdebd548a3713df0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 11:14:53 GMT
age: 2575959
etag: "792054d5a30621f3060b2c7317a62485"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 80

GET
H2 200 insights.bin Show response
ins.connatix.com/7dbb44c8-721e-4fe6-9e57-f48cca9e370e/5/ Frame A8B0 245 B
291 B 80ms
18ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/7dbb44c8-721e-4fe6-9e57-f48cca9e370e/5/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 298a535da52ffbed150c9bbe5c0fed129482e67a5fbd8d5449e876ddab624256

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 11:21:43 GMT
age: 1940489
etag: "809bcb96e0c8e78e1a08a52b2ff0346c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 200

GET
H2 200 blockedDomains_21.bin Show response
lit.connatix.com/08d73c4a-1f08-bb8e-5601-47e4bef1e155/ Frame A8B0 6 KB
3 KB 96ms
21ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73c4a-1f08-bb8e-5601-47e4bef1e155/blockedDomains_21.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e6a65d5c6962890fccf3f31b017e15b7e3a6997ae9ea503cef2308e28f80e3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Wed, 07 Sep 2022 17:31:05 GMT
age: 1261524
etag: "969abad87a72b9be5e335530f929287f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 3033

GET
H2 200 insights.bin Show response
ins.connatix.com/87ac47374cd43448b90a6ee11187dfd5/ Frame A8B0 216 B
338 B 78ms
18ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/87ac47374cd43448b90a6ee11187dfd5/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e8ee357a758dd68508acb9fc4a857b65af3bc3e71a1733b00d50073942d58f0b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 09:43:08 GMT
age: 166065
etag: "6209b01e9db026ae003c3f34b1d4231c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 153

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 13 KB
3 KB 45ms
44ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: EXbJt9InrxA+LlZTe81nFg==
age: 14218
vary: Accept-Encoding
content-length: 2960
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:13 GMT
server: cloudflare
etag: 0x8DA032EBEE58F18
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5247e128-601e-016b-561d-35c3e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee9bc2023c7-ZRH

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/ 47 KB
12 KB 40ms
39ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ZpEAbh0BppVJFPu0Tn1v0w==
age: 14218
vary: Accept-Encoding
content-length: 11558
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC085471F
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: dc89b812-601e-00a8-0621-350cf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee9bc2123c7-ZRH

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 5 KB
2 KB 40ms
40ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bZ6sFc9Mh4SBvE3dHyo0/Q==
age: 13705
vary: Accept-Encoding
content-length: 1780
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC020A07E
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fd0e2561-301e-015a-3d1d-359832000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 74e97ee9bc2723c7-ZRH

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 21 KB
4 KB 32ms
31ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2HSefDmVwJneRQMu6SXIPw==
age: 12110
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:31 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 5aba30b3-b01e-0029-6523-35aea4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 74e97ee9bc2b23c7-ZRH

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5D25 22 KB
8 KB 48ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 174342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A0EA 22 KB
8 KB 45ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 174342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C30 22 KB
8 KB 45ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dianomi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 174342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 07:32:47 GMT
expires: Wed, 20 Sep 2023 07:32:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK sr Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame A8B0 0
316 B 473ms
116ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 84ms
29ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f315bee09de5380be93ba335422be2fbc2a0e39d13d61417d30875fb6c081ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27765
x-xss-protection: 0
server: sffe
etag: "1341 / 630 of 1000 / last-modified: 1663798047"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H2 200 4_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 727 B
611 B 26ms
18ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/4_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f2ff4ccffa5f0100f3ef515395ddf8afca3c371b0756a036bd2e9ec8ca5b4480

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 11:13:02 GMT
age: 495801
etag: "920a90b52f2efdabb2f3883491c90860"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 520

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A8B0 378 KB
127 KB 167ms
70ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128888
x-xss-protection: 0
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H2 200 elements.ui.a00f6f51fe97ad142aec.js Show response
cds.connatix.com/p/184105/ Frame A8B0 56 KB
13 KB 16ms
16ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184105/elements.ui.a00f6f51fe97ad142aec.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ea94bebb8cc836a59832ce027073ddd40b4623bddfd1ba097e1af6d45226896b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:30:30 GMT
age: 62689
etag: "83155a5d5bd5c3eb21033eda041943e9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 13576

GET
H2 200 3_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/48921c65-aedf-4b70-8d0a-aad1ad63c788/ Frame A8B0 828 B
649 B 20ms
18ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/48921c65-aedf-4b70-8d0a-aad1ad63c788/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93bfa7db4e9940ba1f5e4329b4bd20832134e07ec7c3253e50bc4424c3e2c06c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 11:13:23 GMT
age: 765426
etag: "a7e02fa9662598d08265e439142fa264"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 558

GET
H2 200 3_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/6d4d0d2b-1ba5-4a1e-b5d1-38e5b1e61479/ Frame A8B0 851 B
658 B 19ms
16ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/6d4d0d2b-1ba5-4a1e-b5d1-38e5b1e61479/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e3e93eaf10ac6a7b179c041529211b834cb84de2860f74617190a4ee1426151

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 11:13:13 GMT
age: 1191268
etag: "77027bd6baedaf69cee70874dfe42ccc"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 567

GET
H2 200 3_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/ad2edca3-06e0-40d3-8081-fecde3fb974e/ Frame A8B0 777 B
635 B 21ms
19ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/ad2edca3-06e0-40d3-8081-fecde3fb974e/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 79e96b275db01aed5ca061c45f101840a98153600798ef189e06c15116005de0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 11:12:19 GMT
age: 204680
etag: "9aea57fe13ea17bf44e4b56c9d031080"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 544

GET
H2 200 5_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/4f9c3e5f-735d-4bb9-8f99-bb5512073e8e/ Frame A8B0 656 B
559 B 20ms
18ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/4f9c3e5f-735d-4bb9-8f99-bb5512073e8e/5_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5274b2ebad1da98bb78dc64f283e8d4dabd2672400dfeb1c64e6a9aebb04d9f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Fri, 26 Aug 2022 11:14:59 GMT
age: 1322989
etag: "93cfe7e20aac7392cc7f1ac62483e1e5"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 468

GET
H2 200 4_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/eef5d667-4f76-4e0b-8db8-e5581872da00/ Frame A8B0 774 B
618 B 18ms
17ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/eef5d667-4f76-4e0b-8db8-e5581872da00/4_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3399c2e7898be9a07c15582df7d27223cd248b6154305113f3a3cd4a2f0dc89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 11:23:59 GMT
age: 200124
etag: "2a2374e61a86343addd59ce06d0b5ab5"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 528

GET
H2 200 4_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/64f50f44-b260-43b5-936c-8666f70fdce4/ Frame A8B0 639 B
548 B 17ms
16ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/64f50f44-b260-43b5-936c-8666f70fdce4/4_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8897e3121513803990ab213c38d6635dd85537472804a0c6c3d8ebca0d0e7b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 11:19:46 GMT
age: 2620194
etag: "9016fec8b60106f80304c490e0a1e814"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 457

GET
H2 200 6_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3060be0a-a597-4b6d-9c8e-7ee09340c7dd/ Frame A8B0 769 B
636 B 19ms
17ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3060be0a-a597-4b6d-9c8e-7ee09340c7dd/6_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dda53f39502dd16f645a160d9122bfa162a3902ffbd5a33c21d7c0ab30cc5fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 11:13:48 GMT
age: 2003340
etag: "6f5c32b5b72f704a056f114b5a68211f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 545

GET
H2 200 3_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/81e2c984-8fb6-436a-ae70-7a9f1e7c415c/ Frame A8B0 638 B
698 B 20ms
19ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/81e2c984-8fb6-436a-ae70-7a9f1e7c415c/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 15c948b0e0ff91ea061b7f3e0a1fb1ce11664640ee288b477e2a1b3a3e7c4df8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 11:14:53 GMT
age: 2021494
etag: "90485e417e1511088bfeba5c0b76cbf1"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 461

GET
H2 200 5_media.bin Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/7dbb44c8-721e-4fe6-9e57-f48cca9e370e/ Frame A8B0 919 B
728 B 21ms
20ms XHR
application/octet-stream 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/7dbb44c8-721e-4fe6-9e57-f48cca9e370e/5_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6f9bccc9cea6b9459080bb97b97dd07450bdfc6a37398faf1d8f6bb53824a499

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 11:21:43 GMT
age: 36690
etag: "fa9ef1e3d84d2c1ba4759f2ebcfb84e4"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 638

GET
H2 200 pixel.gif
px.moatads.com/ Frame 22D6 43 B
267 B 52ms
34ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PTARMIGANMEDIA1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.reuters.com&lp=https%3A%2F%2Fwww.reuters.com&t=1663833509492&de=594055441771&m=0&ar=220b545db30-clean&iw=afc65d6&q=2&cb=0&ym=0&cu=1663833509492&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=27452628%3A1405503%3A346325825%3A178207315&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2F&id=0&ii=3&bd=reuters.com&bo=reuters.com&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=346325825&gw=ptarmiganmediadcm677757797954&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A625&fs=200409&na=1846717032&cs=0
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 22 Sep 2022 07:58:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H2 200 knowledge-light..woff
www.reuters.com/pf/resources/dist/fonts/ 49 KB
50 KB 50ms
50ms Font
application/font-woff 65.9.66.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-light..woff?d=111

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-117.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

45610b21279531a97f9566b0f0f8a1d287a45ae4bc6bc545971af5cd7e393cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=111
Origin: https://www.reuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-amz-request-id: C7S0ZPJ43E578NBB
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49974
x-amz-id-2: C6sHnW1AoqfkWSy9Yb+5c7y+OP63sirHwsfiOgHgdFLPzN9RxSfuUIknPBMhcVUGvYHFzS35eyw=
access-control-allow-origin: *
last-modified: Thu, 15 Sep 2022 17:34:49 GMT
server: openresty
etag: W/"e76d05f89d70cea61820a955651ea70f"
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xp_BUMpRQyfYD8Ax_qjqN1Xz-tuoJLXyBWHsXKS9vjIiZiAmSyukMQ==
expires: Fri, 22 Sep 2023 07:58:29 GMT

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ 3 KB
3 KB 63ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f0946e75d7524f5b57bcd635349025815c329beef40857113673f0fd64c3be61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 500147
etag: "plCNQ7fphUhzuOlzii75oz+GJLDJGU/O2oZs1FQ4wU0"
access-control-max-age: 86400
fastly-io-info: ifsz=96290 idim=2562x1440 ifmt=jpeg ofsz=3220 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2775

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/48921c65-aedf-4b70-8d0a-aad1ad63c788/ 3 KB
3 KB 59ms
18ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/48921c65-aedf-4b70-8d0a-aad1ad63c788/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70fbef52f329e6d6f298ad8fd4d9675e66ce7f804db0718794cc3d83cdcec439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 766295
etag: "Pzqxcjp0PVJgSynxfe1lXrIqFztQnbPy81PLZjK1bys"
access-control-max-age: 86400
fastly-io-info: ifsz=108379 idim=2562x1440 ifmt=jpeg ofsz=3378 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2961

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/6d4d0d2b-1ba5-4a1e-b5d1-38e5b1e61479/ 3 KB
3 KB 34ms
16ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/6d4d0d2b-1ba5-4a1e-b5d1-38e5b1e61479/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6740de892fa68b3a209da6e1f42255c4ef704736ac87f09f35433f7cb0e8d259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 1191389
etag: "8TTHcuZF/anfU+GwA6Jyridp3k7JenQl8NQSAoP0hoE"
access-control-max-age: 86400
fastly-io-info: ifsz=95066 idim=2562x1440 ifmt=jpeg ofsz=3381 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2960

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/ad2edca3-06e0-40d3-8081-fecde3fb974e/ 4 KB
4 KB 30ms
17ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/ad2edca3-06e0-40d3-8081-fecde3fb974e/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 239a96255be95ed1b72e07ae03bf470c0cd6333cdc70b12cb9ab7745cbd3baf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 1191388
etag: "AAwgMNmSPUNM5ZiR2FM9pKjhJZ9RAaj5R0fxLTZ2H88"
access-control-max-age: 86400
fastly-io-info: ifsz=103788 idim=2562x1440 ifmt=jpeg ofsz=3925 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3495

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/4f9c3e5f-735d-4bb9-8f99-bb5512073e8e/ 4 KB
4 KB 30ms
20ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/4f9c3e5f-735d-4bb9-8f99-bb5512073e8e/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5733d552c9012b1d4c882400509f9105e83bb261cf2a74cf983cb267a2fe3057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 851335
etag: "dmtzmWYWTgc3zav0xaI5lpvZK1jhYgb27dDd890ylu0"
access-control-max-age: 86400
fastly-io-info: ifsz=124235 idim=2562x1440 ifmt=jpeg ofsz=4139 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3717

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/eef5d667-4f76-4e0b-8db8-e5581872da00/ 4 KB
4 KB 25ms
19ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/eef5d667-4f76-4e0b-8db8-e5581872da00/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 29c6e1217a343e7f2ec4ca7b2027bd6fcf620cd6dfb96ff9c06bed9182cc798e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 2507205
etag: "qQSgyiWGTlk5Bk3YBXXmpxQtHOdQNfHzjlmR2iLHjcE"
access-control-max-age: 86400
fastly-io-info: ifsz=113282 idim=2562x1440 ifmt=jpeg ofsz=4228 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3802

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/64f50f44-b260-43b5-936c-8666f70fdce4/ 2 KB
2 KB 17ms
15ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/64f50f44-b260-43b5-936c-8666f70fdce4/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3d6883c09220b0bb51448898dfaf80e78876c93a434681dddcd03afa9aa4945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 3122340
etag: "hGL24LziutptqPhNyFp5eKKgx6eJyOhDYDnZrZzoEeA"
access-control-max-age: 86400
fastly-io-info: ifsz=62522 idim=2562x1440 ifmt=jpeg ofsz=2173 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1698

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3060be0a-a597-4b6d-9c8e-7ee09340c7dd/ 2 KB
2 KB 17ms
16ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3060be0a-a597-4b6d-9c8e-7ee09340c7dd/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c3e868e2030316a3a1852d77d6b1b2ded363b145b282db4b6729bdbadcf50ed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 2515137
etag: "k+UjCEXnPPYfR+yrp7u7ID+zMHcgvpDToDuPx31h5jw"
access-control-max-age: 86400
fastly-io-info: ifsz=59572 idim=2562x1440 ifmt=jpeg ofsz=2407 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1945

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/81e2c984-8fb6-436a-ae70-7a9f1e7c415c/ 3 KB
3 KB 18ms
17ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/81e2c984-8fb6-436a-ae70-7a9f1e7c415c/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa6281231cb5224b2ab98da5b3d2d39ea70784299e615d9cc53e8ddab44d57a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 1973349
etag: "Q97kznv4HdxSmPsW7NMJGpGOwXXZBYkkz1GjsHRyLKU"
access-control-max-age: 86400
fastly-io-info: ifsz=95152 idim=2562x1440 ifmt=jpeg ofsz=3303 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2896

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/7dbb44c8-721e-4fe6-9e57-f48cca9e370e/ 4 KB
3 KB 17ms
17ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/7dbb44c8-721e-4fe6-9e57-f48cca9e370e/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f9bb825277de14b57fe28755eea1c7c14d39a6ec7cd802668d076a4ae8b85263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: br
age: 1437543
etag: "ysZZ7gTpFfpMJmx37cL/n0CiIlfpusYSmhRHKEyysFw"
access-control-max-age: 86400
fastly-io-info: ifsz=159642 idim=2562x1440 ifmt=jpeg ofsz=3608 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3174

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 7DD7 0
18 B 55ms
26ms Document
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.reuters.com
Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.reuters.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 07:58:29 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pixel.gif
px.moatads.com/ Frame 22D6 43 B
267 B 27ms
26ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fwww.dianomi.com%2Fimg%2Fa%2Fsav2%2F269147%2F7%2F321x214.jpg&i=PTARMIGANMEDIA1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-J7ZHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-eA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1440&qe=1700&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=213&w=320&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.reuters.com&lp=https%3A%2F%2Fwww.reuters.com&t=1663833509492&de=594055441771&cu=1663833509492&m=122&ar=220b545db30-clean&iw=afc65d6&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1700&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A625&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=68&cd=0&ah=68&am=0&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A3000sec%3Acumulative&cl=0&at=0&d=27452628%3A1405503%3A346325825%3A178207315&bd=reuters.com&bo=reuters.com&gw=ptarmiganmediadcm677757797954&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=346325825&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=836029749&cs=0
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6617&numAds=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&unitId=dianomi-6617-YywVpLt6agXRxhX2zG-7xwAAAAw1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 22 Sep 2022 07:58:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H3 200 pubads_impl_2022091501.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
127 KB 48ms
15ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 12:11:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130101
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 12:11:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 495 B
215 B 56ms
24ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.reuters.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

367f34d3e588a7616a8b97713e75396c32289151bf77bc8d69ac7b464be942bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 07:58:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
expires: Thu, 22 Sep 2022 07:58:29 GMT

GET
H3 200 bridge3.532.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DEEB 638 KB
207 KB 95ms
36ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 164530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211807
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 10:16:20 GMT
expires: Wed, 20 Sep 2023 10:16:20 GMT
last-modified: Tue, 20 Sep 2022 10:12:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A8B0 44 KB
17 KB 109ms
23ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 22 Sep 2022 07:58:30 GMT

GET
H3 200 bridge3.532.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 42AA 638 KB
207 KB 59ms
37ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 164530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211807
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 10:16:20 GMT
expires: Wed, 20 Sep 2023 10:16:20 GMT
last-modified: Tue, 20 Sep 2022 10:12:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bridge3.532.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D1A1 638 KB
207 KB 51ms
51ms Document
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.532.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 164530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 211807
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 10:16:20 GMT
expires: Wed, 20 Sep 2023 10:16:20 GMT
last-modified: Tue, 20 Sep 2022 10:12:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 32ms
32ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 14307
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7778cbab-501e-0023-2239-28b72d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 74e97eed9d0fcc56-ZRH

GET
H2 200 hls.29b1ff4c2227d65c148f.js Show response
cds.connatix.com/p/184105/ Frame A8B0 162 KB
47 KB 15ms
15ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a3b02034311cea7142bc7beb7d4476aa4e134dd376f63e5df49bf83e10d1c45e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: br
last-modified: Wed, 21 Sep 2022 14:30:30 GMT
age: 62689
etag: "e5fe8d4634de636d5a9d4be6c94dfe3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48328

GET
H2 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D25 36 KB
16 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 11:21:14 GMT

GET
H2 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame A0EA 36 KB
16 KB 58ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 11:21:14 GMT

GET
H2 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C30 36 KB
16 KB 69ms
32ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 11:21:14 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 191 B
323 B 119ms
74ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 74e97ef0dac901f0-ZRH
date: Thu, 22 Sep 2022 07:58:30 GMT
vary: Accept-Encoding
content-type: text/javascript

POST
H/1.1 200
OK g Show response
capi-tier-2-us-east-2.connatix.com/rtb/ Frame A8B0 104 B
412 B 498ms
149ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 41a1645bb0c78ce44ca2b5a2ec87528b91d4be4c8f5cc96b20b8ad709d010744

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 115

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame A8B0 168 B
347 B 342ms
106ms XHR
application/xml 146.20.128.59
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081151&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.64.151.5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&pageurl=www.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2&contentid=%5Bcontent_id%5D&contenttitle=%27It%27s%20awesome%27%3A%20world%27s%20first%20flying%20bike%20makes%20U.S.%20debut&contentlength=79&contenturl=%5Bcontent_url%5D&rnd=c84800ea-3824-4f2a-81aa-8056a8efcff1&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:30 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ 24 KB
24 KB 17ms
16ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/1_th.jpg?crop=832:468,smart&width=832&height=468&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7487067175560dede68883c64b9fd2475e18683a407bebbe10208727eac4a840

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: br
age: 500149
etag: "QQ/n97DvFsP47h4SzUhKB+LrYyucaGO716h5adGWO7k"
access-control-max-age: 86400
fastly-io-info: ifsz=96290 idim=2562x1440 ifmt=jpeg ofsz=24918 odim=832x468 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 24519

GET
H2 200 1_th.jpg
img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ 27 KB
27 KB 17ms
16ms Image
image/jpeg 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/1_th.jpg?crop=1008:468,smart&width=1008&height=468&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/technology/major-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20/?mkt_tok=NTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4ccb28ee4709216069975d7800c6adde5e41468487fc61cf117df1e40454e6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: br
age: 500149
etag: "c81lOE2E0UZJUM5tKD/8dtJfx3x+I2Evk7mHIg9bf7Q"
access-control-max-age: 86400
fastly-io-info: ifsz=96290 idim=2562x1440 ifmt=jpeg ofsz=27575 odim=1008x468 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 27125

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
173 B 173ms
173ms XHR
application/json 35.155.253.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.253.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-253-53.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:30 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 309 B
295 B 26ms
25ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/playlist.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bee09fef7ab18fb3388be07f89250b896ded47f3340b1b2f699ccccf2d23c24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 11:07:14 GMT
age: 500140
etag: "b45f5a4af4a6c573e783f3561bacf7d8"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H2 200 0.m3u8 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 605 B
329 B 19ms
19ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/0.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fabcd7b6d8cdefa2a529a12f02fdbca46be4f7a79964ca6c3f89c5032a028d44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 11:07:14 GMT
age: 500140
etag: "fb5b49a6c647600da3823ff4e2d92047"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 266

GET
H2 200 / Show response
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/ 7 KB
4 KB 108ms
49ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Requested by

Host: info.chainalysis.com
URL: https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d752ec00759f1d2ca18b4b1fa59e8dbe20bdc2ae6c9e4f84ded1a67f0b33ee13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 543829
cf-polished: origSize=8487
cf-ray: 74e97ef28f679b7d-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"2127-AOqLoEMDeuavjsBjDeYVOqzhgfg"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 27ms
26ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231683795448623&ev=ViewContent&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&rl=https%3A%2F%2Finfo.chainalysis.com%2F&if=false&ts=1663833510739&cd[content_ids]=%5B%221960967127%22%5D&cd[content_type]=product&cd[currency]=USD&cd[product_catalog_id]=227623085888646&cd[value]=1&cd[content_category]=&cd[te]=0&cd[lc7]=0&cd[pv7]=0&cd[pv15]=0&cd[pv30]=0&cd[sd]=0&cd[dur]=0&cd[ls]=19257&cd[s1]=1&cd[dv7]=1&cd[dv30]=1&cd[dv]=1&cd[n]=1&cd[l]=0&cd[pp]=0.29828486204325133&cd[top]=0&cd[lc]=0&cd[ujl]=1&cd[ppjl]=0&sw=1600&sh=1200&v=2.9.83&r=stable&ec=3&o=30&fbp=fb.1.1663833509152.657550785&it=1663833508991&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 22 Sep 2022 07:58:30 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 27ms
26ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231683795448623&ev=ViewContent&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&rl=https%3A%2F%2Finfo.chainalysis.com%2F&if=false&ts=1663833510744&cd[content_ids]=%5B%221960967127%22%5D&cd[content_type]=product&cd[currency]=USD&cd[product_catalog_id]=227623085888646&cd[value]=1&cd[content_category]=&cd[te]=0&cd[lc7]=0&cd[pv7]=0&cd[pv15]=0&cd[pv30]=0&cd[sd]=0&cd[dur]=0&cd[ls]=19257&cd[s1]=1&cd[dv7]=1&cd[dv30]=1&cd[dv]=1&cd[n]=0&cd[l]=0&cd[pp]=0.29828486204325133&cd[top]=0&cd[lc]=0&cd[ujl]=1&cd[ppjl]=0&sw=1600&sh=1200&v=2.9.83&r=stable&ec=4&o=30&fbp=fb.1.1663833509152.657550785&it=1663833508991&coo=false&tm=1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 22 Sep 2022 07:58:30 GMT

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 1 KB
1 KB 17ms
17ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 86998a9d3e4ccf6b52b35081c8bdc1dd72a9fccf9146e5bcc86db4e4387b3dc1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-1411

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
last-modified: Fri, 16 Sep 2022 11:07:13 GMT
age: 111562
etag: "83667faa77a31914ee3c6a4eaab6923d"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1411/5427791
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1412

GET
H2 206 0.mp4 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 704 KB
704 KB 26ms
25ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/0.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: be0c06da9306da65e963f6c5c7e8561eec2b98ff2915d0db173906f03fa6fcad

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=1412-722195

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
last-modified: Fri, 16 Sep 2022 11:07:13 GMT
age: 111562
etag: "83667faa77a31914ee3c6a4eaab6923d"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1412-722195/5427791
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 720784

GET
H2 200 11.6d774a6a642c7cb91435.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 61 KB
19 KB 58ms
57ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Requested by

Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a65898de9846b2861e40f8339a62ffc56d70d433072ddda6ac5748673cc0e613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194899
cf-polished: origSize=63386
cf-ray: 74e97ef359349b7d-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
server: cloudflare
etag: W/"f79a-18333011708"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame A8B0 168 B
346 B 423ms
423ms XHR
application/xml 146.20.128.59
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.64.151.5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&pageurl=www.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2&contentid=%5Bcontent_id%5D&contenttitle=%27It%27s%20awesome%27%3A%20world%27s%20first%20flying%20bike%20makes%20U.S.%20debut&contentlength=79&contenturl=%5Bcontent_url%5D&rnd=576fc421-e920-42eb-88e0-067c0f5ea285&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D25 0
20 B 87ms
54ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUl51pRUsY_2nAqql3gPt3bSgBAAAAAA4AeAEAg&bg=!ra6lrurNAAZqQh0mSkI7ACkAdvg8WjiOHi5YCiYJEQzvYqv-MiHutIfnnhNiKPaZfKgRbrSxwH0aEwIAAAHjUgAAAANoAQcKACL0qJKmXDGZxA9K9bru5kSj2SXAgBMA0M1GiieEGh1iTLvxmQK64rjpIt_q9AV_zznyeLyVfG57HSsXfhO9e08mn8fHSRxWLxZ_WkcRyXCTP4re6qYnbyYRI_vDHPVLhP8pV_59GAPjp7CfWC9QKvFLI7EI-UdM8SBlLkY-8Rt9EKLJDLwesN22DlEhrgFrMJq5y0OjhWIKUlC-GKMxGNu-UVnjSSVlr8HFWo5HmY7OYjGHO0hQjs_GglmelYR2kb4VVXTx_NQZ7L5iyFyco1o4wnSZLw7frxz1i87Oao4fLyJOapf66rB0Y1YWrZx0Zt7G6txGOd28TQj3Kf_j4Ki4s19MpOAzP41kREp8xbCLZZlBOeqJRnuOQBGXPFOc1naXL7PvW2xofIMN2n9Mky7Wtbb8OFIi0lRhSUNc-ZHkDclH8Mt2h7jwrynh0P4BpcGO1_YUDOPDlfQRutrkITaKp4kN5_i2dY7pXBjinJ8N0qROWN5U2qSjhkL_loWfUds8xNvZ1f8C8e4oLkJCAj_435KghY0sSiyiUJS-cNc-Z2hAQ_F60ZkPH6aqZ8_7Vtfbw0ij__i6ThQBU-NbkM12R4iir90mIr1WAJnV4Jf-dVNyJ3Q7Fa9gIgpHFaVOX8irsgxZvd3O-LxO4QmVVV2Q2V26uFnYMZuyW6mc6DSXXi4Yhl01nPhEyHRusg6Ybx5WLcQuqsqAIixHysWtu3WZt3cMz9RGL_WtG-hSySVFkcCn0IKu9olL6vICW3Ksf70jJKqAGpu3QsUkiXd-aFFMN-hSck9iCy-8igTn1DNN0L6J_xNBQtjos2rV7K-u_86RWf8GjbrMcp-UbJh00ua6GF_K9lBA-wiWs_C05WBHRBaANT7b7xLEOMHDkFt_0ssR7bEzwl5gN0UvcF8Z791OHmUtte14nNzesBS2C4DAG5fmGdbv8rbv47Ym78d0M-s_leL8iO7sXAIyoNoPdZU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A0EA 0
20 B 91ms
63ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuKTapRUsY6_1CL279u8PjqSHqAMAAAAAOAHgBAI&bg=!ubqluv7NAAZqQh0mSkI7ACkAdvg8WuYGJTVRu-abLr35sl-PlcI9TnQieQGJbtVSwNfUgIkabT_0IQIAAAHPUgAAAANoAQeZArlJ8LEAKWbHMNB6PqS70h5Efv91ulYlW28qMCLv_T7inyZXyQM-gCExy3QKpGElqEZ_qjfU7e0wND8cheEhW6ano_NcEfKJdoifDSj0ow417QM-UX0a3NjwMtghXcdz6PlfThDHLkq7vnrAtaSmFCitv2YAsvTI5P-cMfgn1Faticba8keHzCSwY6_73LyXdsVGGd8MODgnpb4ar8XbBuvjtiqPlhiRN-VjcIF_9U8JJ9YSrbqUj3HXs2BLC2ktsZsHT7rTLO1Mjk0M8Ygv9R0_Y-48YKnK0-cgv8eS6191k8H_c_7F6W45ZXhbmWGwx0esi2efKBS-NBYTE77fgLxUBqboO9PEOXabnuwkptFCoqXDTxSZDoqYyLJX0znJk_Z-CWpGgZYtjcs8PyxBbvG2JADZlNriBsUoOqpMyBqZVrtGaWu5xH4bDxMY-byRATqwLqXe_NcYZqljx6sqZWEgde3jW8PWEeMhQUgkygKKhPj75OwsAO_TGbHyygymspogJjEnUO_J_SmBTwKJ97amnQ0PhduEbC8RzR0tupaeDGqn8Fg9hcTSOS5MH1jDITsgxz_VMjFySGLwIp0-064bM9-JsoQZFy6Nn44SyzLbocxue112EMiip21GMQNyYKw-5iM9NYTu09pOLJoNWg8oKEV1A_NARCbVpdOafVu6sX7awb2M2K26_ATmQkQav7k11tV9LY1ii5xZQKfrbiGlVIPoJCkBQzfdApmckcrMl9wTXoGlyo-3h2koM7SGymiKUA_WqGGPaJ74Pf78W4CCKvOt0jRFFkNiCGh3ZYD2G69b9cwr8TGyLoHN0o55rQoQx0bm9sLgt6_bdiNO8quKPm1Xh9IMvwm7QL9ra_wsymO-Eqbq6EOrlfSq4eN9LyCCc7Fe_4FY7t99qJFzx2PwuL5oCr4wxwZY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C30 0
20 B 92ms
66ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG7MGpRUsY9CpCa2t9u8PqeGi4A8AAAAAOAHgBAI&bg=!goGlgcXNAAZqQh0mSkI7ACkAdvg8WvFryq153n1IrJXTVIyozzswCci9chOdXmREuyKaprU7p8j7iQIAAAHCUgAAAANoAQcKANFzkBgos0AIi2A-MlD1jlsBguSu2bbNywdNSDyJk9YbL5-3PGxS72hZp-LC_Z77MR1nL3NbXbfzHGlklNPszifTnBczr7DuYDCOI4mtWE-ex09m98e0PslruijWuPeiYecCrYjylpvWGhg0IevvbalF0UpHcesJrZ-xvnW3LGYVwGo8UbHwnZZ-4yUPe7HnbGrwEQzDHWlxNdgQ8r8AdjIEqI0VsvCC4xwwEx7yjvnoZ29moWLq019Q13EMxrC_c4FJUC75Ojcagz5mEeQXdkbjI5kCx7CWKLXPhpCgfZDs3zz5iM4Zcml1-UDuqp1JzIbUFokBDMhwZbyvw3QgW0vuwvo-rUiM-7zkiQKWDQffZrDsHs-BsN60LTmyy042UJrLDUOe9_eUmluoWQ1bgjC42dmvOjy6oViWbhdN5pdN_UMKPAW9hOR5K_nLB7sp0XLe6-g1G38b4oRm7ix6fRWX-8YoXaPGusdoSYDWsV7QXbRRhd0D76q5NFogBMuwAFIW0uKRddKDAGph1vvRu9qm6a7iD2SMqwoJZ5tp1rALD1N7Ve6Rq5B35W6YIxMQEZ_B8zkBkp_WHK-E8yCou9EKY0pcDkPoB0wdkktyYL2sSp5Fof4kmNW82ETBIJqCZcLHVVEaNrpfCzIRrTMy_w4ZK5IOBspYYmJv_XL77CIAQetL3KtuC70fYCO7lENTyTAYEoE_9MwAKjn8KCPnrVsxAYv3y6ZrRdTFF9q6kx91obkUi1_4DkNdbsNK-ukPI0gBlTnHQMXug84sqkJPoc16tjVxl5CeALQgba5wg7PULGVMgE5sU4kJwU48SVte-0OAF8lYe5O03vR5mXAhSoVQ-eo7ANIogt9efgGNbXETImyw2-rReHtKSRZc0eMCwCL79pziwgX-J5yv91zZPnPQYZeyfT7ll7GWwWGVlh7WYdcEDYBvBFO4Uvt3BktrWyGfbT0WYrnQ934-MIPGgzyWg5s3svUl9lk5UO642lsDGGM9XSUTAf-_5mOI4vVl60ANhOfhymKq4SM3kdscUOWvIX_Plomn6L_YZaYhpy0TlrKWj_UNqiH-DzgpY8wv438Kjdw-E2z-DZr9Zbpt2WTGYKhtmRkhy9geZkwG1E3vlEviwD-NCEPLNCS_CLy9QsiYQs5Xpl9-PRqHmhJLW4TKrfH9Mp-6UAK_CbzGqI5b_58vovo5JFSQbuQNcdftiwbP3CUa1dCVJ1kqnA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 07:58:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.m3u8 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 615 B
361 B 18ms
18ms XHR
application/x-mpegurl 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/1.m3u8
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41ae35296ba452d38fa777d2a9e628e17f0b3f23dfe802d05e7cb2f5c19153ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 11:07:14 GMT
age: 500090
etag: "d204547734fce877aa67d07cffe7b67f"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 270

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 261ms
261ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8qfK42aZO5fsR2R&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c3a3ff6bf2950ce3587dcb4c6b4a94934aa19d867ddaeabcbcc14baa6d26c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 8216959b793ec437
cf-ray: 74e97ef3ca179b7d-FRA

GET
H2 206 1.mp4 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 1 KB
1 KB 17ms
17ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/1.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e81634f77088811dddc84e94ffdce3f3ebf9f5acc54e228c44f6a9187d1d84eb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=0-1411

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
last-modified: Fri, 16 Sep 2022 11:07:14 GMT
age: 496458
etag: "ec4b53a5a26972d0996b2759d4f2cde4"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1411/12002673
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1412

POST
H/1.1 200
OK mq Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame A8B0 0
316 B 117ms
116ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/mq?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame A8B0 0
316 B 227ms
116ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 206 1.mp4 Show response
vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/ Frame A8B0 1 MB
1 MB 16ms
15ms XHR
video/mp4 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-0245e3a1-43c3-489c-8708-2e641bbc1608/3b57e3bf-5ed8-4ee1-bf0c-74797630acf0/1.mp4
Requested by: Host: cds.connatix.com
URL: https://cds.connatix.com/p/184105/hls.29b1ff4c2227d65c148f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca81cef1a2449f8d403c658782e5ffbb3ad60bd5c66d79c16dfb59ae772a78a3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range: bytes=1611291-3144822

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
last-modified: Fri, 16 Sep 2022 11:07:14 GMT
age: 205976
etag: "ec4b53a5a26972d0996b2759d4f2cde4"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1611291-3144822/12002673
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1533532

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
173 B 173ms
173ms XHR
application/json 35.155.253.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.253.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-253-53.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:31 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=1655588862&t=pageview&_s=3&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&dr=https%3A%2F%2Finfo.chainalysis.com%2F&dp=%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&ul=en-us&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=440535591.1663833509&tid=UA-24152976-22&_gid=132081972.1663833509&cm26=1&cd2=Technology&cd11=CRYPTO-CURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd4=Article-News&cd32=2022-09-20T09%3A37%3A33.485Z&cd10=image&cd9=%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Tom%20Wilson&cd3=Technology&cd1=Technology&cd13=194&cd18=Major%20crypto%20trader%20Wintermute%20hit%20by%20%24160%20million%20hack%2C%20CEO%20says&cd37=MYIWLGXIXZLMJK7NQQCRKLK3FM&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=L8N30R25T&cd44=1&cd51=CRYPTO%2CCURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd52=BLKCHN%2CCRYCUR%2CFIN%2CFINS%2CFINS08%2CFINTE%2CFINTE1%2CFNMKT%2CFRX%2CFTECH%2CGEN%2CITEC%2CSCI%2CSOCI%2CTECH%2CTECH08%2CTMT%2CUK%2CWWW%2CGB%2CWEU%2CEASIA%2CAMERS%2CUS%2CEUROP%2CNAMER%2CASXPAC%2CEMRG%2CCN%2CASIA%2CTOPNWS&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-09-21T00%3A27%3A14.072Z&cd77=Data%20Privacy%2CProduct%20Liability&cd79=Tom%20Wilson&cd102=2&cd127=Anonymous&cd128=Reuters&cm8=0&cd99=referral&cd100=https%3A%2F%2Finfo.chainalysis.com%2F&cd133=false&cd8=0&cd19=Page%20Load&cd36=https%3A%2F%2Finfo.chainalysis.com%2F&z=782301172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 00:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28665
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=1655588862&t=timing&_s=4&dl=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&dr=https%3A%2F%2Finfo.chainalysis.com%2F&dp=%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&ul=en-us&de=UTF-8&dt=Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3585&pdt=13&dns=44&rrt=1&srt=761&tcp=32&dit=1019&clt=1266&_gst=1609&_gbt=1685&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=440535591.1663833509&tid=UA-24152976-22&_gid=132081972.1663833509&cm26=1&cd2=Technology&cd11=CRYPTO-CURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd4=Article-News&cd32=2022-09-20T09%3A37%3A33.485Z&cd10=image&cd9=%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd17=Tom%20Wilson&cd3=Technology&cd1=Technology&cd13=194&cd18=Major%20crypto%20trader%20Wintermute%20hit%20by%20%24160%20million%20hack%2C%20CEO%20says&cd37=MYIWLGXIXZLMJK7NQQCRKLK3FM&cd40=Technology&cd41=%2F4735792%2Freuters.com%2Ftechnology%2Farticle&cd42=L8N30R25T&cd44=1&cd51=CRYPTO%2CCURRENCY%2FWINTERMUTE%20(UPDATE%202)&cd52=BLKCHN%2CCRYCUR%2CFIN%2CFINS%2CFINS08%2CFINTE%2CFINTE1%2CFNMKT%2CFRX%2CFTECH%2CGEN%2CITEC%2CSCI%2CSOCI%2CTECH%2CTECH08%2CTMT%2CUK%2CWWW%2CGB%2CWEU%2CEASIA%2CAMERS%2CUS%2CEUROP%2CNAMER%2CASXPAC%2CEMRG%2CCN%2CASIA%2CTOPNWS&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-09-21T00%3A27%3A14.072Z&cd77=Data%20Privacy%2CProduct%20Liability&cd79=Tom%20Wilson&cd102=2&cd127=Anonymous&cd128=Reuters&cm8=0&cd99=referral&cd100=https%3A%2F%2Finfo.chainalysis.com%2F&cd133=false&cd8=0&cd19=Page%20Load&cd36=https%3A%2F%2Finfo.chainalysis.com%2F&z=1810740536

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 00:00:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28665
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 43ms
43ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

281060ecfe99bdb5e6a343f78379f87e1f8e5056416fbb0efd35df4744983be4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194882
cf-polished: origSize=105149
cf-ray: 74e97ef57d459b7d-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
server: cloudflare
etag: W/"19abd-18333011708"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 4.1fa8baa6e7b1d7777fa4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
896 B 38ms
38ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.1fa8baa6e7b1d7777fa4.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade0cdb22ec55e2516c5ac023de45671958ea767b6f07980d3323309d2ab9d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194882
cf-polished: origSize=2539
cf-ray: 74e97ef5dde49b7d-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
server: cloudflare
etag: W/"9eb-18333011708"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.646b5a7aa96ac3ade1d5.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 43ms
43ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.646b5a7aa96ac3ade1d5.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fccd058d242e52a6726d1a2e73a14e753ca3f4ebfad1dbd12f705138aaa8554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194882
cf-polished: origSize=29568
cf-ray: 74e97ef5dde79b7d-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
server: cloudflare
etag: W/"7380-18333011708"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
23 KB 40ms
40ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5aceeabb3acd528746d88da082a178e77658bbeea164b0f382469c6e23b8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194832
cf-polished: origSize=66295
cf-ray: 74e97ef5dde99b7d-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 18:40:53 GMT
server: cloudflare
etag: W/"102f7-18333011708"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1023 B
684 B 123ms
88ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_7TzTPCwT5Py0QUl&Version=23&Q_ORIGIN=https://www.reuters.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3584829f6ded61514cd4b5e6bc1aeb469eb4d7b1679bd161b599a7324e79dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 214974
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Sep 2022 20:15:37 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Thu, 16 Sep 2032 20:15:37 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 74e97ef61b5a690a-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 114ms
79ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9YcuSxbz7r7Av5j&Version=20&Q_InterceptID=SI_7TzTPCwT5Py0QUl&Q_ORIGIN=https://www.reuters.com&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d774a6a642c7cb91435.chunk.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b2b6cd7d76dd3ad03037c18c925af9b8f7441292a45eb1ed5b0913f8ad2d795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 214955
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Sep 2022 20:15:56 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Thu, 16 Sep 2032 20:15:56 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 74e97ef61b5d690a-FRA
servershortname

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame A8B0 168 B
346 B 106ms
106ms XHR
application/xml 146.20.128.59
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.64.151.5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&pageurl=www.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2&contentid=%5Bcontent_id%5D&contenttitle=%27It%27s%20awesome%27%3A%20world%27s%20first%20flying%20bike%20makes%20U.S.%20debut&contentlength=79&contenturl=%5Bcontent_url%5D&rnd=ee79efad-edb3-4c42-8d25-716bea702d03&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
205 B 55ms
54ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9YcuSxbz7r7Av5j&Q_SIID=SI_7TzTPCwT5Py0QUl&Q_ASID=AS_18129256&Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&r=1663833511457

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.77.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 399194f9830d1ce4
cf-ray: 74e97ef6ac7a690a-FRA
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame A8B0 168 B
346 B 108ms
108ms XHR
application/xml 146.20.128.59
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.64.151.5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&pageurl=www.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2&contentid=%5Bcontent_id%5D&contenttitle=%27It%27s%20awesome%27%3A%20world%27s%20first%20flying%20bike%20makes%20U.S.%20debut&contentlength=79&contenturl=%5Bcontent_url%5D&rnd=df2d8caf-0155-4753-8c04-2964c8d57a35&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame A8B0 168 B
346 B 632ms
632ms XHR
application/xml 146.20.128.59
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081147&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.64.151.5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&pageurl=www.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2&contentid=%5Bcontent_id%5D&contenttitle=%27It%27s%20awesome%27%3A%20world%27s%20first%20flying%20bike%20makes%20U.S.%20debut&contentlength=79&contenturl=%5Bcontent_url%5D&rnd=d17793e0-16b8-432b-ac8e-5d8f534d9d6b&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

POST
H/1.1 200
OK ao Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame A8B0 0
316 B 116ms
116ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame A8B0 168 B
346 B 283ms
283ms XHR
application/xml 146.20.128.59
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.64.151.5&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&pageurl=www.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2&contentid=%5Bcontent_id%5D&contenttitle=%27It%27s%20awesome%27%3A%20world%27s%20first%20flying%20bike%20makes%20U.S.%20debut&contentlength=79&contenturl=%5Bcontent_url%5D&rnd=603bff94-605d-470a-bc56-9908def3bea3&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.59 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 22 Sep 2022 07:58:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml; charset=UTF-8

POST
H/1.1 200
OK sv Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame A8B0 0
316 B 117ms
116ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sv?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:31 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK abt Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame A8B0 0
316 B 116ms
116ms XHR
application/x-protobuf 18.217.55.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=184105
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.55.23 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-55-23.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 22 Sep 2022 07:58:33 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 pixel.gif
px.moatads.com/ Frame 22D6 43 B
267 B 27ms
26ms Image
image/gif 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=PTARMIGANMEDIA1&ol=2050913313&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-J7ZHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-AAEDDJRIqioP6g%3D%3D&sc=1&os=1-eA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1440&qe=1567&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=213&w=320&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.reuters.com&lp=https%3A%2F%2Fwww.reuters.com&t=1663833509492&de=594055441771&cu=1663833509492&m=5337&ar=220b545db30-clean&iw=afc65d6&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1567&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1338%3A625&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5117&cd=68&ah=5117&am=68&xd=00&rf=0&re=1&wb=1&wm=1&wi=0&zMoatCustomParams=50%25%3A3000sec%3Acumulative&cl=0&at=0&d=27452628%3A1405503%3A346325825%3A178207315&bd=reuters.com&bo=reuters.com&gw=ptarmiganmediadcm677757797954&zMoatOrigSlicer1=1405503&zMoatOrigSlicer2=346325825&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200409&na=1437911631&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Thu, 22 Sep 2022 07:58:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
pragma: no-cache
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 22 Sep 2022 07:58:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dianomi.com
URL: https://www.dianomi.com/img/a/sav2/269589/6/321x214.jpg

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.chainalysis.com/	1970-01-20 06:10:35	Name: __cf_bm Value: oiIkdjs.krFZF23BKLh54.nvWdRyaWAnvXYXfzpAlEE-1663833507-0-AcbN8YkB7Yn7Gn6G8/isVH+1ra9+Lu0g3yj8gDJAarTsqpgerM8fCyNkmz0jTjg8fe8i9v4k1pk0moX/ZlvQi6g=
www.reuters.com/	1969-12-31 23:59:59	Name: reuters-geo Value: {"country":"DE", "region":"-"}
.reuters.com/	1970-01-20 06:20:38	Name: RT Value: "z=1&dm=reuters.com&si=omly3k2pex9&ss=l8crifbe&sl=0&tt=0"
.reuters.com/	1970-01-20 06:20:38	Name: cleared-onetrust-cookies Value: Thu, 17 Feb 2022 19:17:07 GMT
www.reuters.com/	1969-12-31 23:59:59	Name: fs.bot.check Value: true
.reuters.com/	1970-01-20 14:56:09	Name: ajs_anonymous_id Value: %22ecb30c6c-b7fc-43b3-9709-ff9235376b45%22
.reuters.com/	1970-01-20 15:46:33	Name: _ga Value: GA1.2.440535591.1663833509
.reuters.com/	1970-01-20 06:11:59	Name: _gid Value: GA1.2.132081972.1663833509
.wsod.com/	1970-01-20 06:55:11	Name: f77 Value: !!!!!!0:1663833508
.reuters.com/	1970-01-20 06:10:33	Name: _gat Value: 1
.reuters.com/	1970-01-20 08:20:09	Name: _fbp Value: fb.1.1663833509152.657550785
.doubleclick.net/	1970-01-20 15:32:09	Name: IDE Value: AHWqTUkfJGHP1pshrbWllZpL8WgXB399Fsxqa_JSy1Xf5UqwgQJPvyiTe2IOZVFrCe4
.reuters.com/	1970-01-20 06:10:35	Name: sophiTagses.23dd Value: *
.reuters.com/	1970-01-20 15:46:33	Name: sophiTagid.23dd Value: d4bad82a-9408-4f5e-b168-d1a568ff8b40.1663833509.1.1663833509.1663833509.8c866dac-c3b1-4f10-8465-9f57b16a802c
.reuters.com/	1970-01-20 15:46:33	Name: _sp_duid Value: d4bad82a-9408-4f5e-b168-d1a568ff8b40
.facebook.com/	1970-01-20 08:20:09	Name: fr Value: 09T22Nk7iFlW0OWp9..BjLBWl...1.0.BjLBWl.
.eloqua.com/	1970-01-20 15:39:21	Name: ELOQUA Value: GUID=68C376DB070641B3A7AAD9269AB22B26
.eloqua.com/	1970-01-20 15:39:21	Name: ELQSTATUS Value: OK
.reuters.com/	1970-01-20 14:56:09	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Sep+22+2022+07%3A58%3A29+GMT%2B0000+(GMT)&version=6.31.0&hosts=&consentId=f8fbf215-84d6-4577-bf25-d4e41d6f7efe&interactionCount=0&landingPath=https%3A%2F%2Fwww.reuters.com%2Ftechnology%2Fmajor-crypto-trader-wintermute-hit-by-160-million-hack-ceo-says-2022-09-20%2F%3Fmkt_tok%3DNTAzLUZBUC0wNzQAAAGHAC7cABVKk7G5UaQMyxq731JBjjfxO1BEqz9B-OLjb6IgtGUbJ8Xp4ukObHXJhxwVgywWLGdtrLRd-sC74VSZLEaxsZISc6m0GF1yxVymkZ1e&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2CSTACK42%3A0
www.reuters.com/	1970-01-20 14:56:09	Name: usprivacy Value: 1---
.reuters.com/	1970-01-20 15:46:33	Name: ta-octane.id Value: 08f832a5-5e98-474c-969f-df9d443596d3\|f3f0477e-bf56-403f-8950-90f264e2c0ab\|1663833510746\|

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://info.chainalysis.com/NTAzLUZBUC0wNzQAAAGHAC7cAHkgkuVHGQafeZICrU9t84WOliB4jN5vj42VI8W2uqGzs1JbLomt56r452u1BP5V_vQ= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
javascript	warning	URL: https://z.moatads.com/ptarmiganmediadcm677757797954/moatad.js(Line 137) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-M4rJPhfWY4Mu4ccEtPiLGvi5jcEzfzV8+9QHvbIwDS8=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
ad.doubleclick.net
ad.wsod.com
api-reuters-reuters-prod.cdn.arcpublishing.com
api.segment.io
beacon.tru.am
c.go-mpulse.net
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.segment.com
cdn.sophi.io
cds.connatix.com
collector.sophi.io
connect.facebook.net
d.pub.network
geolocation.onetrust.com
imasdk.googleapis.com
img.connatix.com
img.en25.com
info.chainalysis.com
ins.connatix.com
lit.connatix.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.moatads.com
s.go-mpulse.net
s0.2mdn.net
s2124157686.t.eloqua.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
ssp.lkqd.net
static.adsafeprotected.com
static.reutersmedia.net
static.scroll.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tru.am
vid.connatix.com
www.datadoghq-browser-agent.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.reuters.com
z.moatads.com
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
www.dianomi.com
104.103.105.174
104.17.208.240
104.17.209.240
104.17.71.206
104.18.23.230
142.0.173.23
142.250.185.194
143.204.207.145
146.20.128.59
151.101.130.137
151.101.2.137
172.217.16.134
18.217.55.23
184.51.10.56
184.51.8.202
199.232.194.217
209.234.224.18
2600:9000:214f:600:8:48e:53c0:93a1
2606:4700:20::681a:18b
2606:4700:20::681a:274
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2a00:1450:4001:808::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:400c:c07::9a
2a00:1450:400d:805::200e
2a00:1450:400d:806::2004
2a00:1450:400d:807::200a
2a00:1450:400d:80c::2008
2a02:26f0:3500:586::11a6
2a02:26f0:6c00::210:bb11
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.155.253.53
35.201.71.192
52.211.219.3
52.223.1.76
65.9.66.109
65.9.66.117
65.9.66.15
99.86.8.175
0378200c7220f862f56d0b794f2a95d395a89ec548cb5fbcdebd548a3713df0b
052846f1403fb870f5f6cea589fe0aa2ba3bcacfa801b83bd60978abbf9fbd04
05cc6a43d6c8528b7b7a6a0a90504f449b77b87cf4aeb958b1651df252457061
066501ed8f2e84524d0f8ef27ba7631a56969cfd8eba859bf99361615084812e
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
0d611acef2046fa281a8fd8b0127fc125c55907db8997b60cff77bd32afe59f2
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
146697e686c91fde6e30955bc6cba7bfe752c511b2f27545a6938266e49cdfcd
1548918ddff8711b0e1ac8d3b7805ae1fe938012d8e753e596bb9f872aaf2101
15c948b0e0ff91ea061b7f3e0a1fb1ce11664640ee288b477e2a1b3a3e7c4df8
18cb06bc044762e23a3fa6ac410f2e1a86b32904cbedacb843542be840562b0b
1a4c21b9220546781d7ca1dc0b2d2b90ce8fea9b9806956c63ce2c6e8474075d
1a6d8b16bf827fbfe535f67361873713ba49796900c0e2fc2d2ba081d584441c
1c3949807d568271265fb7f16ea4cbc134bb688bbd73cd7d3e6aaa45bd812ee2
1c7884468bc03d2b02711a6d3cfba1d5bfabbac7c8a1025c804ae89d4bf0b8e8
1d6e66eb994a8253ca0a8a6a200fd07b4786cdd906c40db17830103fcc095005
1d865b73802449a1dd4c7d212b50105307efd9dc30ce4a0e3b82b2c7047b1a13
23091133c2c9c43412cf7ee8e2471a7cba775e981334be7d13b0d78d9babc5a9
239a96255be95ed1b72e07ae03bf470c0cd6333cdc70b12cb9ab7745cbd3baf8
254395bf215e50b3a9f0b2986f95e93d321418f014c227674f2f952fca688a4b
259272074feb37a675f884f617a88c249e9fa448608c8674015baf830c9d6369
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
281060ecfe99bdb5e6a343f78379f87e1f8e5056416fbb0efd35df4744983be4
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
28cfa0d88adead6147bdf51cc792794675e8d9704e086526514982cf1d7dcfdd
298a535da52ffbed150c9bbe5c0fed129482e67a5fbd8d5449e876ddab624256
2994312ab9a883fa489b311d1efe2c89b4aa6f543317e8c660677cbcc3ca9527
29c6e1217a343e7f2ec4ca7b2027bd6fcf620cd6dfb96ff9c06bed9182cc798e
2af036897d9c5e613e5fedc8f071dc67fffa21940e9e196959f29a6d458e4059
2b5aceeabb3acd528746d88da082a178e77658bbeea164b0f382469c6e23b8de
2d1b6d1881cec8af17f88cba8345e025a974be8beef007b59df24dcca96b1f49
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
35fffe668e2c8f3234f338c82fb2138c9ac2a29a5bcecc2fa93d46f140fce3d9
367f34d3e588a7616a8b97713e75396c32289151bf77bc8d69ac7b464be942bc
3a5e29ae0d83d140ff226a3dce76d03b3caa0383d8d9343cd5071fd4802e8434
3bee09fef7ab18fb3388be07f89250b896ded47f3340b1b2f699ccccf2d23c24
3e3e93eaf10ac6a7b179c041529211b834cb84de2860f74617190a4ee1426151
3f229cefc10eb77c24ca8ddc7ebb31b9e6d83b3b20a5ceca37a43cab029976d4
3f44082adc8c63bbaaf1f09801319d7006c759772e6daf25590803b9be65426e
40548521f94d96e418dd5b1cdc6dd2a4140418d6d35ab57d021a6f9bd203949e
41a1645bb0c78ce44ca2b5a2ec87528b91d4be4c8f5cc96b20b8ad709d010744
41ae35296ba452d38fa777d2a9e628e17f0b3f23dfe802d05e7cb2f5c19153ed
42816af823ea7a24a3e181630a2e90cfe2cda150c4ee056db52a6b8e50943800
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
44a01ca06fd4e48d823e850ab19c1ad6b7443e24ee8a57d999d6af75999d6e9b
45610b21279531a97f9566b0f0f8a1d287a45ae4bc6bc545971af5cd7e393cc6
491b21d82c937a0b3f492755add02a1ff937c40ed83080478d2ff3ffd944c081
4ccb28ee4709216069975d7800c6adde5e41468487fc61cf117df1e40454e6b9
4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d
4e848f578130a2c6d8a5c216d4208430bb28315b33300bb9cfa1c9fded0c007c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52191420a5a431811f417bfbecf8e7258b4353358f194d5491cf12e32c6a4afc
5239c93a8a309697ddaa09071cf074f39bc17f0069644ffc5e229ff36a7751f4
5274b2ebad1da98bb78dc64f283e8d4dabd2672400dfeb1c64e6a9aebb04d9f3
53c0973e2bb03e0ac522a48c70abf4d9f6f1fb49f0ec1f172d55049e85c3abdb
5733d552c9012b1d4c882400509f9105e83bb261cf2a74cf983cb267a2fe3057
5b0f608377268809770e5a92d2943d7c3b68aef0f780dd63950d4d1fa24ead2e
5c3a3ff6bf2950ce3587dcb4c6b4a94934aa19d867ddaeabcbcc14baa6d26c5b
610a98ccb6c74fb2dc3649ac5d45d0c0eced6ed922a7c7aa1b44aaf378f8d1bd
624a446690e7ff5b22a3e08dad807e72668d083d6c8ca2579ae5e41897c2a5bd
66928011e9a8a27370b40d339fba947c7a6b58981c4c5b51b70d74452f92611d
6740de892fa68b3a209da6e1f42255c4ef704736ac87f09f35433f7cb0e8d259
675badbb4ef9f08c574adb9a6ef9932903c18660b5b840fa18ebf76f4ed275d2
6aff8294af9ed8a0de81943befa1bf28a20befd348f4df64bd30a201d37b8504
6f9bccc9cea6b9459080bb97b97dd07450bdfc6a37398faf1d8f6bb53824a499
6fccd058d242e52a6726d1a2e73a14e753ca3f4ebfad1dbd12f705138aaa8554
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
70fbef52f329e6d6f298ad8fd4d9675e66ce7f804db0718794cc3d83cdcec439
7487067175560dede68883c64b9fd2475e18683a407bebbe10208727eac4a840
79e96b275db01aed5ca061c45f101840a98153600798ef189e06c15116005de0
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7c5b00fb1d8632efb31ea7c36949d6bc71c4542af911398045615347c4096243
7ecdc53e20caae1fcccda96e1f8aae0b1f69d5b7dcc1151c5f6a4aa48e492cbe
7f9381ba44c58b39cb07fbb8e71258fd46bdb308364505f7e9ac07ef96cfedfa
812d2cb7d3db03fc1f0f06523487b4ac942d6b9634c919550067809949303f79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
86998a9d3e4ccf6b52b35081c8bdc1dd72a9fccf9146e5bcc86db4e4387b3dc1
8897e3121513803990ab213c38d6635dd85537472804a0c6c3d8ebca0d0e7b9d
8b2b6cd7d76dd3ad03037c18c925af9b8f7441292a45eb1ed5b0913f8ad2d795
8b7a0ecb050a3fa4b727f8b0b070cc886b07d3d6cf8fd796f42e1f7c8c68191b
8b8b45f95f260b5fe20ed13bbc24672747119392efa1b1a2ebf8034a87e24c78
8c3ea5f48e75475fa858c97b2662eb7b4e172fbf837641130570cf70284be9e1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93bfa7db4e9940ba1f5e4329b4bd20832134e07ec7c3253e50bc4424c3e2c06c
93dd788a8c47a9491708bfbfdb2a2fa5275966742bc758c4c3493c9f6f1108c1
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9e413fe14135b1fe89832925dad54fd79bef183a189868be478726d11f3942d1
a19fa6eef32401e092167415508f66272657f6fd77dc0196c287e0eeda228abf
a2a43658070dbf04fd66cc9c1b649e59b50b582952e9d61d2955cd0ee2297543
a3399c2e7898be9a07c15582df7d27223cd248b6154305113f3a3cd4a2f0dc89
a3584829f6ded61514cd4b5e6bc1aeb469eb4d7b1679bd161b599a7324e79dca
a3b02034311cea7142bc7beb7d4476aa4e134dd376f63e5df49bf83e10d1c45e
a3d6883c09220b0bb51448898dfaf80e78876c93a434681dddcd03afa9aa4945
a60bda61a9d31e5b9beca0588ecaf047d65617e376494c34587b912e1b877d57
a65898de9846b2861e40f8339a62ffc56d70d433072ddda6ac5748673cc0e613
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a89e410a1e5cd40b89ba911c65783b59616f9396977a09b43b520a683e3e1069
aa6281231cb5224b2ab98da5b3d2d39ea70784299e615d9cc53e8ddab44d57a7
ade0cdb22ec55e2516c5ac023de45671958ea767b6f07980d3323309d2ab9d0b
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f
b07dbb23174231bf463010a82335621aae4f96e3cedb58db5aa9a8afde9fe80b
b2ab840a8734ebd6a051c7611539037da47878ac8c1f240f685fd45e1d091ca8
b8b8fa76143b1e3d6bcd32187df721f7ad888aeb09fef2dc15b485c98d09e362
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
be0c06da9306da65e963f6c5c7e8561eec2b98ff2915d0db173906f03fa6fcad
be4633ffd5d477833712c19fbe3e51f9cfa2a0ead383d40f4d340f8df79f9ee2
c01300a23176847ad225adc6cdc81fa2ad9d1dcabbdc1aabc198c2d91ea1d70a
c3e868e2030316a3a1852d77d6b1b2ded363b145b282db4b6729bdbadcf50ed2
c43925a305244d713ab2c336429764db8f0aaa938538575a1af156b325004fdc
c55ebf35722d8f4a1999d6c035b6d0a2ddecdd2cc315e9829c4432373e768168
c5e7f8604b48922362da7453c4afb561bc01280a46e4b6568a4bf74e6c00d1a7
c868ea5adf14b93b7db936b4a5aa1400cdcf744baaf01faf1ecc402f2775dbfc
c9fcbf95da8f48e642578309e490d3d3688cccb4bc7099e0bf25900abc04ce98
ca81cef1a2449f8d403c658782e5ffbb3ad60bd5c66d79c16dfb59ae772a78a3
cac70196c8f6dba8f6bbab3be2acf9597dc6edef256fc7e211e3878dcd9d5fbe
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d32eedef25bcfd9d6340818a505e3761192d4a3bca41e7a01d6be7d6d33ecff9
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d752ec00759f1d2ca18b4b1fa59e8dbe20bdc2ae6c9e4f84ded1a67f0b33ee13
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d7d62426c6b87d35cef5c2c873355aa44edffcf4a7f927f1c51b10694ea4f6ed
dda53f39502dd16f645a160d9122bfa162a3902ffbd5a33c21d7c0ab30cc5fa3
dfba2a255aecf3904717378babec2da68171f3b42b408782563d2d2aecbc8b5c
dfe2e46eef9fa0db186e5a8645148da49093057f44b11391c05f25db6ac7e2dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a65d5c6962890fccf3f31b017e15b7e3a6997ae9ea503cef2308e28f80e3a7
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
e81634f77088811dddc84e94ffdce3f3ebf9f5acc54e228c44f6a9187d1d84eb
e8ee357a758dd68508acb9fc4a857b65af3bc3e71a1733b00d50073942d58f0b
e995ca7aaad3f1e9289bc4acbb975c2c250fb5d5270af5767d8d4320063de52e
ea94bebb8cc836a59832ce027073ddd40b4623bddfd1ba097e1af6d45226896b
eb712f0dd00716c16c09aa375a06db43fe808c8a150a4589e36fa74f4bfde715
ed8fac5815bb7a742f5b77e464cf4d122984c51d9444e2d1b0d8eec0e281b2d6
edbb5145efc49607980b0920490a9a72361518249f4e071a659acc7e1ad4d8cd
eefe7f7a5381463b0f8317fe171995b69d68e15f04c8fb7172844ee38eb93387
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0066a442b456e21b928e8e34dd1de3e27f6b0fe574e9bd60148695103b2b543
f01d25f7a76e0682a7a43230c32bef653eaf28b8a6f7a683ebb88bf8c6aa4f50
f0946e75d7524f5b57bcd635349025815c329beef40857113673f0fd64c3be61
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2ff4ccffa5f0100f3ef515395ddf8afca3c371b0756a036bd2e9ec8ca5b4480
f315bee09de5380be93ba335422be2fbc2a0e39d13d61417d30875fb6c081ec4
f35a279e1ae0044ad0f8eab1c3d0569e707f13a2894f43b15e0de447098bee44
f456759be0c1cd90b34b2c0e3019a4535c05023dc6e28ecadb56204f971c5adf
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f9bb825277de14b57fe28755eea1c7c14d39a6ec7cd802668d076a4ae8b85263
fabcd7b6d8cdefa2a529a12f02fdbca46be4f7a79964ca6c3f89c5032a028d44
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

www.reuters.com Open in urlscan Pro 65.9.66.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

95 %HTTPS

43 %IPv6

34 Domains

51 Subdomains

44 IPs

6 Countries

6369 kBTransfer

15656 kBSize

21 Cookies

26 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.reuters.com Open in urlscan Pro
65.9.66.117 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

95 %
HTTPS

43 %
IPv6

34
Domains

51
Subdomains

44
IPs

6
Countries

6369 kB
Transfer

15656 kB
Size

21
Cookies

208 HTTP transactions
0 data transactions