www.reuters.com Open in urlscan Pro
65.9.61.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Submission: On January 27 via api (January 27th 2022, 4:43:47 am UTC) from US — Scanned from DE

Summary HTTP 237 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 50 IPs in 8 countries across 42 domains to perform 237 HTTP transactions. The main IP is 65.9.61.9, located in United States and belongs to AMAZON-02, US. The main domain is www.reuters.com. The Cisco Umbrella rank of the primary domain is 16684.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 19th 2021. Valid for: a year.

This is the only time www.reuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	65.9.61.9 65.9.61.9	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2606:4700:20:... 2606:4700:20::681a:374	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	209.234.236.20 209.234.236.20	7334 (WALLSTREET) (WALLSTREET)
1	2600:9000:223... 2600:9000:223c:1c00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:214... 2600:9000:214f:d400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:391::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 44	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
35	104.18.22.230 104.18.22.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:18b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.0.85 99.86.0.85	16509 (AMAZON-02) (AMAZON-02)
1	104.89.22.29 104.89.22.29	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.254.48.82 34.254.48.82	16509 (AMAZON-02) (AMAZON-02)
1	3.9.133.15 3.9.133.15	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
2	2a02:26f0:64:... 2a02:26f0:64::214:84a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	209.167.231.17 209.167.231.17	7160 (NETDYNAMICS) (NETDYNAMICS)
1	35.201.71.192 35.201.71.192	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100:594::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	18.222.235.185 18.222.235.185	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
2 4	35.181.29.184 35.181.29.184	16509 (AMAZON-02) (AMAZON-02)
2 2	35.181.77.138 35.181.77.138	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1 3	99.86.3.75 99.86.3.75	16509 (AMAZON-02) (AMAZON-02)
4 8	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1 1	217.79.188.21 217.79.188.21	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.60 217.79.188.60	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	65.9.61.37 65.9.61.37	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	34.210.41.193 34.210.41.193	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	65.9.61.47 65.9.61.47	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
12	146.20.132.148 146.20.132.148	27357 (RACKSPACE) (RACKSPACE)
9	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	15.197.164.148 15.197.164.148	16509 (AMAZON-02) (AMAZON-02)
10	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
237	50

16 65.9.61.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-9.fra56.r.cloudfront.net

www.reuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:374 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.234.236.20 (United States)

ASN7334 (WALLSTREET, US)

ad.wsod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1c00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:391::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd327.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 151.101.130.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ins.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 104.18.22.230 (None, )

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:18b (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.0.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-85.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.22.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-22-29.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.48.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-48-82.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.133.15 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-133-15.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:64::214:84a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

api-reuters-reuters-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.167.231.17 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)
PTR: e017.en25.com

s1319934923.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.71.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.71.201.35.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:594::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.222.235.185 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-222-235-185.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.28 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.181.29.184 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-29-184.eu-west-3.compute.amazonaws.com

mixcommander.swissquote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.181.77.138 (Paris, France) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-77-138.eu-west-3.compute.amazonaws.com

mix-phoenix.commander1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.3.75 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-75.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.166 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.21 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad2.adfarm1.adition.com

ad2.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.60 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.61.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-37.fra56.r.cloudfront.net

static.reutersmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.210.41.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-41-193.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.61.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-47.fra56.r.cloudfront.net

cdn.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

lit.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 146.20.132.148 (United States)

ASN27357 (RACKSPACE, US)

ssp.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.164.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: ab5547fe103db6c64.awsglobalaccelerator.com

collector.sophi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-octane-216112.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3412 cds.connatix.com — Cisco Umbrella Rank: 3516 capi.connatix.com — Cisco Umbrella Rank: 3102 ins.connatix.com — Cisco Umbrella Rank: 15544 lit.connatix.com — Cisco Umbrella Rank: 7075 vid.connatix.com — Cisco Umbrella Rank: 4031 img.connatix.com — Cisco Umbrella Rank: 4155	4 MB
35	dianomi.com www.dianomi.com — Cisco Umbrella Rank: 5886	258 KB
16	reuters.com www.reuters.com — Cisco Umbrella Rank: 16684	1 MB
14	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 496	231 KB
12	lkqd.net ssp.lkqd.net — Cisco Umbrella Rank: 12260	4 KB
12	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 195 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 96	148 KB
10	qualtrics.com zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com — Cisco Umbrella Rank: 56421 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1205	87 KB
9	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	521 B
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
7	segment.io api.segment.io — Cisco Umbrella Rank: 1081	988 B
6	sophi.io cdn.sophi.io — Cisco Umbrella Rank: 22672 collector.sophi.io — Cisco Umbrella Rank: 21707	53 KB
5	tru.am tru.am — Cisco Umbrella Rank: 5994 beacon.tru.am — Cisco Umbrella Rank: 7318	24 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 418	710 KB
4	reutersmedia.net static.reutersmedia.net — Cisco Umbrella Rank: 56311	97 KB
4	swissquote.com 2 redirects mixcommander.swissquote.com	5 KB
4	adform.net 4 redirects track.adform.net — Cisco Umbrella Rank: 3933	2 KB
4	moatads.com z.moatads.com — Cisco Umbrella Rank: 361 mb.moatads.com — Cisco Umbrella Rank: 561 geo.moatads.com — Cisco Umbrella Rank: 606	86 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100	38 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	201 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 138	2 KB
3	eloqua.com 1 redirects s1319934923.t.eloqua.com — Cisco Umbrella Rank: 59608	2 KB
2	adition.com 1 redirects ad2.adfarm1.adition.com — Cisco Umbrella Rank: 44768 imagesrv.adition.com — Cisco Umbrella Rank: 17629	697 B
2	commander1.com 2 redirects mix-phoenix.commander1.com — Cisco Umbrella Rank: 91994	3 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 743	803 B
2	arcpublishing.com api-reuters-reuters-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 50259	651 B
2	pub.network a.pub.network — Cisco Umbrella Rank: 6431 d.pub.network — Cisco Umbrella Rank: 6732	51 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1253 c.go-mpulse.net — Cisco Umbrella Rank: 542	52 KB
2	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1277 mab.chartbeat.com — Cisco Umbrella Rank: 2247	10 KB
2	wsod.com ad.wsod.com — Cisco Umbrella Rank: 8330	3 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	265 B
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1840	922 B
1	akstat.io 684dd327.akstat.io — Cisco Umbrella Rank: 53578	202 B
1	cloudfunctions.net us-central1-octane-216112.cloudfunctions.net — Cisco Umbrella Rank: 56106
1	google.se www.google.se — Cisco Umbrella Rank: 20475	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 13	501 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	17 KB
1	pghub.io pghub.io — Cisco Umbrella Rank: 1630	4 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6941	3 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1682	86 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	60 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 533	7 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1711	34 KB
237	42

	Domain	Requested by
35	www.dianomi.com	www.reuters.com www.dianomi.com
18	vid.connatix.com	cd.connatix.com
16	www.reuters.com	www.reuters.com
14	cdn.cookielaw.org	www.reuters.com cdn.cookielaw.org
12	img.connatix.com	www.reuters.com
12	ssp.lkqd.net	cd.connatix.com
11	ins.connatix.com	cd.connatix.com
11	capi.connatix.com	cd.connatix.com
9	siteintercept.qualtrics.com	zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com siteintercept.qualtrics.com
9	www.facebook.com	www.reuters.com
9	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.reuters.com
8	ad.doubleclick.net	4 redirects www.dianomi.com
7	api.segment.io	cdn.segment.com
4	collector.sophi.io	cdn.sophi.io
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	static.reutersmedia.net	www.dianomi.com
4	mixcommander.swissquote.com	2 redirects www.dianomi.com
4	track.adform.net	4 redirects
4	tru.am	www.reuters.com tru.am
3	pagead2.googlesyndication.com	srcdoc
3	securepubads.g.doubleclick.net	cd.connatix.com securepubads.g.doubleclick.net
3	connect.facebook.net	tru.am connect.facebook.net
3	sb.scorecardresearch.com	1 redirects a.pub.network www.reuters.com
3	s1319934923.t.eloqua.com	1 redirects www.reuters.com img.en25.com
2	cdn.sophi.io	www.reuters.com cdn.sophi.io
2	mix-phoenix.commander1.com	2 redirects
2	geolocation.onetrust.com	cdn.cookielaw.org
2	api-reuters-reuters-prod.cdn.arcpublishing.com	www.reuters.com
2	cds.connatix.com	www.reuters.com cd.connatix.com
2	z.moatads.com	www.reuters.com z.moatads.com
2	ad.wsod.com	www.reuters.com ad.wsod.com
1	match.adsrvr.org	pandg.tapad.com
1	pandg.tapad.com	pghub.io
1	684dd327.akstat.io	s.go-mpulse.net
1	us-central1-octane-216112.cloudfunctions.net	tru.am
1	zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com	www.reuters.com
1	www.google.se	www.reuters.com
1	www.google.com	www.reuters.com
1	s0.2mdn.net	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	lit.connatix.com	cd.connatix.com
1	imagesrv.adition.com	www.dianomi.com
1	ad2.adfarm1.adition.com	1 redirects
1	pghub.io	a.pub.network
1	beacon.tru.am	tru.am
1	c.go-mpulse.net	s.go-mpulse.net
1	d.pub.network	a.pub.network
1	mab.chartbeat.com	static.chartbeat.com
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	img.en25.com	www.reuters.com
1	cdn.segment.com	www.reuters.com
1	a.pub.network	www.reuters.com
1	cd.connatix.com	1 redirects
1	s.go-mpulse.net	www.reuters.com
1	www.googletagmanager.com	www.reuters.com
1	static.adsafeprotected.com	www.reuters.com
1	static.chartbeat.com	www.reuters.com
1	www.googleoptimize.com	www.reuters.com
237	59

This site contains links to these domains. Also see Links.

Domain
graphics.reuters.com
www.reutersagency.com
www.thomsonreuters.com
static.reuters.com
newslink.reuters.com
www.twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.linkedin.com
legal.thomsonreuters.com
tax.thomsonreuters.com
www.refinitiv.com
liaison.reuters.com
trdigital.iad1.qualtrics.com
iabeurope.eu
privacyportal.onetrust.com
tcf.cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.reuters.com COMODO RSA Organization Validation Secure Server CA	`2021-10-19` - `2022-10-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-19` - `2022-06-18`	a year	crt.sh
www.wsod.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-29` - `2023-01-12`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
dianomi.com Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
*.pub.network Go Daddy Secure Certificate Authority - G2	`2021-03-17` - `2022-04-18`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
static.reuters.com Amazon	`2021-09-28` - `2022-10-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-05` - `2022-02-03`	3 months	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2022-04-08`	2 years	crt.sh
cdn.sophi.io Amazon	`2021-11-18` - `2022-12-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
collector.sophi.io R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
misc.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Frame ID: 4B98A4CE9C8331A7BE99DC39FA4313C1
Requests: 122 HTTP requests in this frame

Frame: https://cds.connatix.com/p/147588/connatix.player.dc.js
Frame ID: FDD82CB8A11C0F1FBFBE6D2B5DA85BA0
Requests: 56 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 26FF15BE38A8EFEE6714145E3B836829
Requests: 1 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
Frame ID: 77BEDB3B13937F61AB07D10054F66754
Requests: 24 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
Frame ID: E75B061E8F4851328DD3E70350EEE355
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 97B5E9EBCE273C463B4295C864974D87
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 91C9CDAD47E0CD0FF0BE548B83C84316
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F4D62DB7E9768AAA8A4E0E24CF24ED2D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: C7C1FB5EA24EB8765D08745487A980E2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 6227D5B9D9508702CFD092D4C4F92837
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 1EF745E58F08E73A4482346A83947047
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 25D515321435628D223889B4EDE8550B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8DDC6FF5C45B24E38F0AAB5231AEF068
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B56BBE4A2B5734435F0AE7A4AD5AF523
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4409246845FD53BB4EFEA251593B749A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FFC598EAF6BBACA59654CF4353B3B581
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ED0A168F0EA57B073D792CAAE2DA2E9B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ED0993BDE84A1642143DFF1288FA5232
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=CPTdV2TPTdV2TAcABBENB_CgAAAAAH_AACiQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAASAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA&referrer_url=&page_url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&owner=P%26G&bp_id=freestar
Frame ID: D81C2ED6A8B63D6D6C47983A07006C9B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chinese hackers target German pharma and tech firms | ReutersVideosPicturesGalleryBack ButtonSearch IconFilter Icon

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

237
Requests

95 %
HTTPS

42 %
IPv6

42
Domains

59
Subdomains

50
IPs

8
Countries

7225 kB
Transfer

15812 kB
Size

36
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://graphics.reuters.com/
Title: Graphics

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/about-us/
Title: About Reuters

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/?utm_source=website&utm_medium=reuters&utm_campaign=site-referral&utm_content=us&utm_term=0
Title: Reuters News Agency

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/about-us/brand-attribution-guidelines/
Title: Brand Attribution Guidelines

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/about/leadership-team/
Title: Reuters Leadership

Search URL Search Domain Scan URL

URL: https://static.reuters.com/resources/media/editorial/20210405/DiversityReportApril2021.pdf
Title: Reuters Diversity Report

Search URL Search Domain Scan URL

URL: https://newslink.reuters.com/join/subscribe
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Reuters

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ReutersVideo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/10256858/

Search URL Search Domain Scan URL

URL: https://legal.thomsonreuters.com/en/products/westlaw
Title: Westlaw

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/en/onesource
Title: Onesource

Search URL Search Domain Scan URL

URL: https://tax.thomsonreuters.com/en/checkpoint
Title: Checkpoint

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/refinitiv-workspace
Title: Refinitiv Workspace

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/financial-data
Title: Refinitiv Data Catalogue

Search URL Search Domain Scan URL

URL: https://www.refinitiv.com/en/products/world-check-kyc-screening
Title: Refinitiv World-Check

Search URL Search Domain Scan URL

URL: https://www.reutersagency.com/en/services/advertising-solutions/
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html#cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/digital-accessibility-policy.html
Title: Digital Accessibility

Search URL Search Domain Scan URL

URL: https://liaison.reuters.com/contact-us
Title: Corrections

Search URL Search Domain Scan URL

URL: https://trdigital.iad1.qualtrics.com/jfe/form/SV_8kte8gArGyCGVhz
Title: Site Feedback

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/copyright.html
Title: All rights reserved

Search URL Search Domain Scan URL

URL: https://iabeurope.eu/vendor-list
Title: We use the following partners

Search URL Search Domain Scan URL

URL: https://privacyportal.onetrust.com/webform/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/5dc91c0f-f1b7-4b6e-9d42-76043adaf72d
Title: clicking here

Search URL Search Domain Scan URL

URL: https://tcf.cookiepedia.co.uk/?lang=en
Title: | View Full Legal Text Opens in a new Tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/147588/connatix.player.dc.js

Request Chain 35

https://s1319934923.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1319934923&ref=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ref2=elqNone&tzo=0&ms=821&optin=disabled HTTP 302
https://s1319934923.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1319934923&ref=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ref2=elqNone&tzo=0&ms=821&optin=disabled&elqCookie=1

Request Chain 63

https://track.adform.net/adfserve/?bn=38779456;1x1inv=1;srctype=3;ord=1643258612 HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=38779456;1x1inv=1;srctype=3;ord=1643258612 HTTP 302
https://mixcommander.swissquote.com/mix/v3/?tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=75293 HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=mixcommander.swissquote.com&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=75293 HTTP 307
https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543333037540414&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=75293

Request Chain 84

https://track.adform.net/adfserve/?bn=38779456;1x1inv=1;srctype=3;ord=1643258613 HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=38779456;1x1inv=1;srctype=3;ord=1643258613 HTTP 302
https://mixcommander.swissquote.com/mix/v3/?tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=12679 HTTP 307
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=mixcommander.swissquote.com&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=12679 HTTP 307
https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543331115366597&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=12679

Request Chain 85

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B27106067.326161109;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B27106067.326161109;dc_pre=CICIqK-P0fUCFck14Aod6CoD_Q;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 86

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.325771811;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.325771811;dc_pre=CLiSqK-P0fUCFXH_uwgdkMAIsg;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 87

https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B26754109.322672677;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B26754109.322672677;dc_pre=CKCGqK-P0fUCFcVW5QodeQUGqg;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 88

https://ad2.adfarm1.adition.com/banner?sid=4478129&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=4943150&bid=15250628&wpt=C&ts=1643258613 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 89

https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B27002192.324576657;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B27002192.324576657;dc_pre=CPOHqK-P0fUCFS6R_QcdTy0FqQ;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=

Request Chain 98

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1643258613229&ns_c=UTF-8&cv=3.5&c8=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1643258613229&ns_c=UTF-8&cv=3.5&c8=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&c9=

237 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/ 154 KB
31 KB 315ms
158ms Document
text/html 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

d09167f00ed578dbc7bcb03da8989986aa6b3da43aecc815fe2fbd572617e638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 30810
server: openresty
content-encoding: gzip
etag: W/"253f6-K8K0GhdnPQjs0fiocN6gc3ZwhFQ"
last-modified: Thu, 27 Jan 2022 04:41:51 GMT
vary: Accept-Encoding
x-akamai-transformed: 9 28513 0 pmb=mRUM,2
cache-control: private, max-age=60
expires: Thu, 27 Jan 2022 04:44:32 GMT
date: Thu, 27 Jan 2022 04:43:32 GMT
server-timing: cdn-cache; desc=HIT edge; dur=125
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: mHFeGaj1w1hBneFewaxLbFi2AlWleLmDwQbAIUhgu0_1ZO7gtJrJug==

GET
H2 200 index.js Show response
www.reuters.com/pf/resources/dist/reuters/js/ 537 KB
119 KB 43ms
42ms Script
application/javascript 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

c3c8211684174b460c199953981803ff87bcf44aa2fa112dae39255e8a34d6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KGFB6E6MQYBM8C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 120958
x-amz-id-2: CcrDF5CaW81FwKcNp8T3s+4vmpLnkCfCF6jr6dzH6gcmQc0bfbSk5frfcjaoqHThY2cMAiVAOsg=
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 16:55:07 GMT
server: openresty
etag: W/"43266739279dbf092dcbf503ed1322bf"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: w-kiyU77LS5da8lZbBD9qGrpoUxIf6b-3Teh_KJ5knltVBO2n8YyPg==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 86 KB
34 KB 65ms
23ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-WWN4NB9

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d34c07eaa830fc05ed9bc3482d721ce5e8f813b8a5a082fe77927ea7be195503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34662
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 04:43:32 GMT

GET
H2 200 react.js Show response
www.reuters.com/pf/dist/engine/ 389 KB
113 KB 43ms
43ms Script
application/javascript 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/engine/react.js?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

c7e2bafe67ddc0b94430f6bc1a6dd3e97093163241d92d9481345d25730fc6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KG0CQYH6A517DCP
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 115400
x-amz-id-2: 31Sk1heVyNfVdcVU46PXPyTz+z9t7Shx654AgjaieKE5Xq9+OnE5YpAYqjJdb28QNE/3ODFRg8k=
last-modified: Thu, 20 Jan 2022 16:55:07 GMT
server: openresty
etag: W/"d9c2f5c8623cfb045af6899b990e998b"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ChWH3yT-tAoi-ey9HS1ma34b159JnbYpiLbc39Z_XWmof3GmAXoTkg==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 default.js Show response
www.reuters.com/pf/dist/components/combinations/ 2 MB
521 KB 38ms
37ms Script
application/javascript 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/default.js?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

e5909a70b2b37f734dba6ff8fa478371f28c2ea57650e104065b99bd5a59dfef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KGDDCS37Y9H2X8Q
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 532349
x-amz-id-2: WLVuRq1zJ9sGujejVi6ehWj4+/IzC8BVwnCBFy1STBza0m1d1aYM91Z1Ce3c7VhSosZhbEl7DPg=
last-modified: Thu, 20 Jan 2022 16:55:08 GMT
server: openresty
etag: W/"1a5b46fd223607cdf91d24c00e9b34a6"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: b_jlJKr4G6YQMy-tCT79VNL1LS6UjDfWI7hXL5kqShAK7MW8Gjyljg==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 default.css
www.reuters.com/pf/dist/components/combinations/ 368 KB
53 KB 61ms
61ms Stylesheet
text/css 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/dist/components/combinations/default.css?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

ab1da217654d2b2ef63ae0ea7a221b6f68df2f3434a440bfe44e65a023f9d7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KGFZZ6VS2FT2PBP
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 53181
x-amz-id-2: fPxoJov9OI9NxWMffz4n0YT1AYLUmEQisBd/3jLR53CEiMkKDRdpRd9tY/PSpD6VhfdV2+Njb+M=
last-modified: Thu, 20 Jan 2022 16:55:07 GMT
server: openresty
etag: W/"cdee6f6c6c674a81afdff4b85b203d98"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: f7fj3CFu9LCosxgC0owBhIc-dU6A07t_tHEC55OR141eri51SADcUQ==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 style.css
www.reuters.com/pf/resources/dist/reuters/css/ 2 KB
1 KB 31ms
31ms Stylesheet
text/css 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

c7596225b83ec93e7848a667146f52a7cd839400633482eb88efc6c732ea656b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KG8JXPQ7VQJWBJY
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 425
x-amz-id-2: gmSyaiWBHB6eThZXnV0ftJFHpYTTzux2YZEQd8S+K9LBf/ghy6VeuAapKW/Z//4+YU+rs2wy0iQ=
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 16:55:05 GMT
server: openresty
etag: W/"591eeec54dee2febd9c45441f44004d9"
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: sfAP0fhZfj328kDMuZCu4Od0O6wO6kGQSBvxNr3e_ZBIEKCKwaG2sw==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 p.min.js Show response
www.reuters.com/arc/subs/ 90 KB
22 KB 62ms
60ms Script
application/javascript 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/arc/subs/p.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4e3ed59a70785f64143100a87991612569cb025d2d10a6d2cabe6ffba30b7eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: SSMM2T0Z6VAX0C8Q
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 22313
x-amz-id-2: iCmTkYZe/HvlbYQy4IKvE9Y5CuLMPvpl6VeBDusLKVUY2gk1echPbdgXd4kCwfRZxDUfWdRLmLQ=
last-modified: Wed, 01 Sep 2021 13:07:05 GMT
server: AmazonS3
etag: "4f847dc2921273cd653338f20556889a"
strict-transport-security: max-age=31536000
content-type: application/javascript
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, private, max-age=51
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: kFS37EtzMJrtYxnkY4mwj80gYGkySyJ0XHMTeT1Aw04dy2-1QOjvtg==
expires: Thu, 27 Jan 2022 04:44:23 GMT

GET
H2 200 reuters.js Show response
tru.am/scripts/custom/ 921 B
1 KB 76ms
28ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/reuters.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f2394f38f5bc5c65c4d2efd29ec4ecdfa849e4222236730d048b9946cebcfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=Pzc4Yg==, md5=SEEWz6vkwn305VRY2fYLRg==
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162892
x-guploader-uploadid: ADPycdvQXn19MfeJ-9BF8ALNpurzBk-mHKIhp5D5sVkG5Vlh9auRT7jbHCsjKUlU-Ol_6fzYF_M8v-Q40_mY0jRFM5Eqoz1ufA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Apr 2021 23:06:28 GMT
server: cloudflare
etag: W/"484116cfabe4c27df4e55458d9f60b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JEjHNQsas41ykiMJnWM%2FhT5SZWx%2B0B94Oqt3l5iL%2Fd8bGkznZHW0I6kc%2BcBoc%2Bmb8q9uoglPirZAdckxAeY1RxZcHbp67FhOYcYNfUZV0gYRL0283ySo%2Fq2TxvlWM3SVqOw6MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1617923188147830
content-type: text/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 921
cf-ray: 6d3f52175b9f900a-FRA
expires: Tue, 25 Jan 2022 08:28:40 GMT

GET
H/1.1 200
OK 0.0.async Show response
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/ 6 KB
2 KB 1132ms
124ms Script
text/html 209.234.236.20
WALLSTREET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.234.236.20 , United States, ASN7334 (WALLSTREET, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: 22fa83bbda6b50948410d7f09e2e2d0ebe1b093514e8d207d57c48203b463b49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:43:33 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 84ms
18ms Script
application/x-javascript 2600:9000:223c:1c00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1c00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:29:29 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 02:25:43 GMT
server: nginx
age: 843
etag: W/"61e0df27-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: e40RTu1fLwRWYjHwQPS6zmxdZ7JyB_ffjVJaJIQYm4utNmoehmwJsA==
expires: Thu, 27 Jan 2022 06:29:29 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/reutersheader194883552024/ 245 KB
84 KB 63ms
16ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/reutersheader194883552024/moatheader.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a4f18b05f1a917f84cd32db7732188648896066051d776248adbe9a17956bf11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 15:34:33 GMT
server: AmazonS3
x-amz-request-id: E2EJW9FPEC37NQN8
etag: "3475f19152643d3d5f68dce50c57cd6e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=25489
accept-ranges: bytes
content-length: 85266
x-amz-id-2: SMuUOIpbifpQHL02dpCrWkj6nsn4AsAl96/H+ieWD1Nr2+Yb8oMTlOV9hVtetcqFaOv6l0CYkso=

GET
H2 200 iasPET.1.js Show response
static.adsafeprotected.com/ 22 KB
7 KB 83ms
16ms Script
application/javascript 2600:9000:214f:d400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasPET.1.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:d400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: UWTIHcIBCTlOhfqinKDA9NwqhFA8.Ocb
content-encoding: gzip
etag: W/"51636de3ce868a2172f9e6996c2934e0"
age: 31578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Jun 2021 13:42:44 GMT
server: AmazonS3
date: Wed, 26 Jan 2022 19:57:15 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: FxwMucKxXdewhvJlgD6GrumhoPCYr0Or5-lUO7rIAwrGmJ-CHKl3UA==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 58ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: IVhKS9vCZ6N2xbLKU0Dl/w==
age: 5707
vary: Accept-Encoding
content-length: 6456
x-ms-lease-status: unlocked
last-modified: Tue, 25 Jan 2022 16:52:03 GMT
server: cloudflare
etag: 0x8D9E02303A94EE8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 23e7ffd8-401e-0177-431e-121bf2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f52174e346961-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
60 KB 77ms
35ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K5WTBZN

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b143bb278312eb3934774742a6f0af08a1bef2f0fdcd93931b72e110c84c43b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60585
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jan 2022 04:43:32 GMT

GET
H2 200 GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 52ms
15ms Script
application/javascript 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
last-modified: Mon, 17 Jan 2022 19:57:05 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 knowledge-bold.woff
www.reuters.com/pf/resources/dist/fonts/ 57 KB
58 KB 64ms
64ms Font
application/font-woff 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-bold.woff?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

f35a279e1ae0044ad0f8eab1c3d0569e707f13a2894f43b15e0de447098bee44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69
Origin: https://www.reuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KGBNQWF9XKTWBD3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 58272
x-amz-id-2: xOoo97eVb8AqYqSP363ld0lWgI0gBFZykcuXOV+j94cthjUWq69whsniSGC+U3LlAM77a4Gf7ug=
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 16:55:06 GMT
server: openresty
etag: W/"ba054d73a350fc1f77147054141c191c"
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: JKvr22mpiR7439BTyrFJFtOtqAa8a5sEkElLWdFOs3YEWuEgfPPhdw==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 knowledge-regular.woff
www.reuters.com/pf/resources/dist/fonts/ 49 KB
49 KB 61ms
61ms Font
application/font-woff 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-regular.woff?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

f01d25f7a76e0682a7a43230c32bef653eaf28b8a6f7a683ebb88bf8c6aa4f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69
Origin: https://www.reuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KG1Z5GEZ54SS2NZ
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49926
x-amz-id-2: bSVy9kFhBxSiRip2Sx6J0Xx9OS9gtEKFSJiakglDCMx1BhJLZzDPL3kbxKnceLTwb8rJBBWJyRk=
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 16:55:06 GMT
server: openresty
etag: W/"688baa6ec8576871229e082dcd4b4c5a"
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: T9C4WtCg-w_QkALipWrtj4oUbzGv99nrMnkImS6i6KJmp_FQzWzPrQ==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 knowledge-medium.woff
www.reuters.com/pf/resources/dist/fonts/ 49 KB
50 KB 60ms
59ms Font
application/font-woff 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-medium.woff?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

d7d62426c6b87d35cef5c2c873355aa44edffcf4a7f927f1c51b10694ea4f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69
Origin: https://www.reuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9KG8697G690VJF8H
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 50065
x-amz-id-2: klqOOlxvVEjs0sWjmfLhVH75rYmnypDqba1dFO/3EIShZcfDQR+Dn2s2ZllZS672rKl/2Lq6xEI=
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 16:55:06 GMT
server: openresty
etag: W/"cb99300d7588193b6c012888b94697ec"
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9-H8B-XSHnjF9tzpsuAgl9v1cjtNm2ebO-vpAlNz7uLnfYQbWkTeAw==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 knowledge-light.woff
www.reuters.com/pf/resources/dist/fonts/ 49 KB
50 KB 59ms
58ms Font
application/font-woff 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/resources/dist/fonts/knowledge-light.woff?d=69

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

45610b21279531a97f9566b0f0f8a1d287a45ae4bc6bc545971af5cd7e393cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.reuters.com/pf/resources/dist/reuters/css/style.css?d=69
Origin: https://www.reuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: K02A1QD4JH11WWDF
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 49974
x-amz-id-2: t6gmyohvE7j0ex//eiDolQbpChCHEQeOvFTq5JTsEy/j8j+QARVf+MPlyWSNfZtn0GdfvF1C+SY=
access-control-allow-origin: *
last-modified: Thu, 20 Jan 2022 16:55:06 GMT
server: openresty
etag: W/"e76d05f89d70cea61820a955651ea70f"
strict-transport-security: max-age=31536000
content-type: application/font-woff
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ZLHvxtz7UnlJ8Bv52P3j_mQDChIoAEiip2mrzDA2GHH-VrMjp8XN7w==
expires: Fri, 27 Jan 2023 04:43:32 GMT

GET
H2 200 site-hierarchy-by-name-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 17 KB
3 KB 32ms
32ms Fetch
application/json 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/site-hierarchy-by-name-v1?query=%7B%22hierarchy_name%22%3A%22Website%22%2C%22website%22%3A%22reuters%22%7D&d=69&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

a9a4093129209ee8df38f9441bc8ea31317ea9103b2feb86bab6003e989d7ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
If-Modified-Since: 1643258223733
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 2227
last-modified: Thu, 27 Jan 2022 04:37:03 GMT
server: openresty
etag: W/"4501-cFEs8X+UpYYDX4Gw874vdbnaobA"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=0
x-amz-cf-id: 6_KJCo7PwMDdICiX5ZsIKbfBLa_XzSH5b80MOCc_AuYZffpytNh_vg==
expires: Thu, 27 Jan 2022 04:43:32 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/147588/ Frame FDD8
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/147588/connatix.player.dc.js

1 MB
237 KB

42ms
15ms

Script
application/javascript

151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/147588/connatix.player.dc.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f40324c6a937e60837502f141fdcfc56523259d80549379354d061a03f43cd08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 11:30:24 GMT
age: 61313
etag: "529ec5610b851937720f29680c2a64c8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 241974

Redirect headers

location: https://cds.connatix.com/p/147588/connatix.player.dc.js
date: Thu, 27 Jan 2022 04:43:32 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
server: Kestrel
accept-ranges: bytes
content-length: 0

GET
H2 200 contextfeed.js Show response
www.dianomi.com/js/ 19 KB
7 KB 77ms
32ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/contextfeed.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/default.js?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b05f5839fe2717da5588b517c4498ae0ce5541e259ed9ec1309f1957c4d4681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6039
vary: X-FORWARDED-PROTO, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 19 Jan 2022 17:37:45 GMT
server: cloudflare
etag: W/"4bd6-5d5f2d7f75368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 27 Jan 2022 08:43:32 GMT
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6d3f52196fa09295-FRA
cf-bgj: minify

GET
H2 200 pubfig.min.js Show response
a.pub.network/reuters-com/ 118 KB
45 KB 67ms
26ms Script
application/javascript 2606:4700:20::681a:18b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/reuters-com/pubfig.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/components/combinations/default.js?d=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:18b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e0054acdff4e3b3e92d08ba8fe66b74560725776b0779d1f853c5d212d15f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=dyazPA==, md5=QlLuRXlVmdJr7Vp5MdFP+A==
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101120
x-guploader-uploadid: ADPycdsv3k8UtAfdMivHA5Vw2Z73OhcEOMeJi_0BrM7jCSmj2lERJrQRMA7hh1f4rKoGsik8vc85RODv16f9E4W_2n9oecWYeA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 26 Jan 2022 00:37:40 GMT
server: cloudflare
etag: W/"4252ee45795599d26bed5a7931d14ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfxZJplxw2u3Uhbgk0C%2BusBQGWomWsrkD%2Be52REhNMlj08xnu6uMkNt6i%2FN3T%2BcOtAXsUqrbIXjtAoHsALOXh4qB5PNg3dTUCnS1uOAlL616ek7lLDeiTkHEEeAjvJ8Dc%2BWpOtoS3lyRC7w%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1642636842291640
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 120829
cf-ray: 6d3f5219785f5c5c-FRA
expires: Wed, 26 Jan 2022 00:38:43 GMT

GET
H2 200 DTU77PAQLRJGRJMMVZQ6D5WFP4.jpg
www.reuters.com/resizer/BBHQ1iBXSK7zSNmx0Kz2OG_UvAU=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 51 KB
52 KB 35ms
35ms Image
image/jpeg 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/BBHQ1iBXSK7zSNmx0Kz2OG_UvAU=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/DTU77PAQLRJGRJMMVZQ6D5WFP4.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

Akamai Image Manager /

Resource Hash

c20a84a091dc60f36ffe0ac3d4d1e61275a6202ac19f40aca619eb95a99f77eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jan 2022 12:24:24 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-C1
etag: "0de75420a74103c6e4225ad67bc5c939972d3603"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=30872405
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 52701
x-amz-cf-id: 1_RWhB6HozdW5ze_ftWk6SwSeanDhLuEIFbtrSOjg0G0VTN-i1fbWg==
expires: Thu, 19 Jan 2023 12:23:37 GMT

GET
H2 200 GAFC75WV7FLN7OCLG7TDVA3RQY.jpg
www.reuters.com/resizer/JVxH7tRMmZ91321xEK-Ayq7cTC0=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/ 63 KB
64 KB 47ms
47ms Image
image/jpeg 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.reuters.com/resizer/JVxH7tRMmZ91321xEK-Ayq7cTC0=/960x0/filters:quality(80)/cloudfront-us-east-2.images.arcpublishing.com/reuters/GAFC75WV7FLN7OCLG7TDVA3RQY.jpg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

Akamai Image Manager /

Resource Hash

4c5053477ae2a18539b3495c34109ef0d3a288e105381135352d4226a30465ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jan 2022 13:38:45 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-C1
etag: "176decf343feea999ce47e9ab0f5cad99302fc74"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=31481673
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 64690
x-amz-cf-id: pozgKccc8k3rU8i2KZsRSEqJt2k6itmXzuYUjNGCCjOq-j276xmaSQ==
expires: Thu, 26 Jan 2023 13:38:05 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/ 473 KB
86 KB 714ms
624ms Script
text/javascript 99.86.0.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.0.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-85.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c08295827748b1348ed0268d4127449073ff72f11a4afd9606437bb584a18ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: YYS0qCAT9GXTkDfi.b7sQeIGsC7hG_TQ
content-encoding: br
etag: W/"96dd5c724be8928f80f9b007d844c51b"
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 05 Jan 2022 23:12:03 GMT
server: AmazonS3
date: Thu, 27 Jan 2022 04:43:34 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: TfG5lH4JDx99UWHHBaxi9hIP2F4I-mzQ3m6N-kA0yab3rS9aHuC9qw==

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 60ms
19ms Script
application/x-javascript 104.89.22.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.22.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-22-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 14 Oct 2021 00:58:49 GMT
Date: Thu, 27 Jan 2022 04:43:32 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "28352a696c0d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Thu, 27 Jan 2022 04:43:32 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 420 B
596 B 174ms
49ms Script
text/html 34.254.48.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-YEPg5sLyVy50og%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&pcode=reutersheader194883552024&rx=100657385949&callback=MoatNadoAllJsonpRequest_69773246
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/reutersheader194883552024/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.48.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-48-82.eu-west-1.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: b38fa982220b795bbe89209661fa157d83fd866a2b57acc0bb95151633689b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "2b278bd0e354c298b9d84d3008996e7896b835ca"
content-length: 420
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 99 B
273 B 140ms
33ms Script
text/html 3.9.133.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BYbjrG%3DH%3CU%3CO%24cRJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-YEPg5sLyVy50og%3D%3D&sc=1&os=1-JQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&pcode=reutersheader194883552024&rx=100657385949&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=REUTERS_HEADER1&hp=1&wf=1&pxm=7&sgs=3&zMoatRawSlicer1=unclassified&zMoatRawSlicer2=unclassified&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1643258612689&de=536562728399&m=0&ar=a6dce605da5-clean&iw=beae8ce&q=1&cb=0&cu=1643258612689&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=reutersheader194883552024&fd=1&ac=1&it=500&pe=1%3A593%3A593%3A0%3A601&fs=196570&na=2086749137&cs=0&callback=MoatDataJsonpRequest_69773246
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/reutersheader194883552024/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.133.15 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-133-15.eu-west-2.compute.amazonaws.com
Software: TornadoServer/5.1.1 /
Resource Hash: 3def8d84e6ac1244f07fa20d497643ca8189cdd120cf2c0235c3173dc94e1685

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
cache-control: max-age=900
server: TornadoServer/5.1.1
timing-allow-origin: *
etag: "d2aec406a5e3abe622c39fcb07dd8643ca3d4a77"
content-length: 99
content-type: text/html; charset=UTF-8

GET
H2 200 iframe.html Show response
z.moatads.com/hd09824092/ Frame 26FF 1 KB
2 KB 15ms
15ms Document
text/html 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/hd09824092/iframe.html
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/reutersheader194883552024/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

x-amz-id-2: tXhAc64MXavoo2Ys7gL4K0CHvWdnnjW6yMDYhattkSwkbmjydK4ZTHB9EYLhbnHzR5lAnVYPFb8=
x-amz-request-id: 7Y2H1YDSCY2G4ZCG
last-modified: Tue, 26 Jan 2021 22:41:39 GMT
etag: "4a9cbc2e5bc164313dace42a58bef141"
accept-ranges: bytes
content-type: text/html
content-length: 1374
server: AmazonS3
cache-control: max-age=2844
date: Thu, 27 Jan 2022 04:43:32 GMT

GET
H2 200 38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/ 4 KB
2 KB 57ms
23ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/38cb75bd-fbe1-4ac8-b4af-e531ab368caf.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f78d85809ffe7e247ba551d99c3bd14c8b677055409d98ae05fd0d0a768dc554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: su/HA1qBtRCqsoLv/bR5MQ==
age: 6183
vary: Accept-Encoding
content-length: 1535
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jan 2022 18:54:32 GMT
server: cloudflare
etag: 0x8D9D6C6228BBBA2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 083aab35-b01e-000b-3ab9-11c092000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521a1a6d6916-FRA
expires: Thu, 27 Jan 2022 08:43:32 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
10 KB 27ms
27ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/reuters.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=189alg==, md5=Aq8QqpKO913oQSpg0Lh6TA==
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 162893
x-guploader-uploadid: ADPycdsTCVGYbVxFEgH7EpCmP3cjnl8vBM7tUfBXP_-AlYYhp0JrkufFdeEIgsVjNrUpWBLmHxGUfRZOZRJD2JNRrrE
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 11 Nov 2020 17:32:38 GMT
server: cloudflare
etag: W/"02af10aa928ef75de8412a60d0b87a4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylCdzmx6QiYhOH4LEkycsmPKPbPL7dQh09btDUfNWsmZ%2FbXmZ1HMtEkStRq48wj15JbhkoHaRma6zJgSiLbpXkIFSt9MNlve0QGP0bHKh7eX8mYdVDInNuQJMfr0IIcC79qCxA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1605115958819708
content-type: text/javascript
cache-control: public, max-age=2678400
x-goog-stored-content-length: 27827
cf-ray: 6d3f5219eec9900a-FRA
expires: Tue, 25 Jan 2022 08:05:17 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 220 B
523 B 68ms
15ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=reuters.com&domain=reuters.com&path=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ad3b323f96182145a458a80a3855cb17c0f5f9e2704fbbbc0a1f5429601ae9fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
x-cache-hits: 1
age: 2440
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 170
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
x-timer: S1643258613.866287,VS0,VE0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Tue, 25 Jan 2022 04:02:53 GMT

GET
H2 200 entitlements Show response
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ 98 B
651 B 116ms
116ms XHR
application/json 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/arc/subs/p.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c01300a23176847ad225adc6cdc81fa2ad9d1dcabbdc1aabc198c2d91ea1d70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Cache-Control: no-store
Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
strict-transport-security: max-age=31536000 ; preload
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
anonid: b02034e4-e428-4deb-8467-167dfaf8ee58
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
content-length: 98
expires: Thu, 27 Jan 2022 04:43:33 GMT

OPTIONS
H2 204 entitlements
api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/ Frame 0
0 547ms
378ms Preflight 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api-reuters-reuters-prod.cdn.arcpublishing.com/sales/public/v1/entitlements

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.reuters.com
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,SPREEDLY_SUCCEEDED,anonid
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, PATCH
access-control-allow-credentials: true
expires: Thu, 27 Jan 2022 04:43:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
strict-transport-security: max-age=31536000 ; preload

GET
H/1.1

200
OK

svrGP.aspx
s1319934923.t.eloqua.com/visitor/v200/
Redirect Chain

https://s1319934923.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1319934923&ref=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ref2=elqNone&tz...
https://s1319934923.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1319934923&ref=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ref2=elqNo...

49 B
448 B

577ms
577ms

Image
image/gif

209.167.231.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1319934923.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1319934923&ref=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ref2=elqNone&tzo=0&ms=821&optin=disabled&elqCookie=1

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

HTTP/1.1

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Thu, 27 Jan 2022 04:43:33 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Thu, 27 Jan 2022 04:43:32 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s1319934923.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=1319934923&ref=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ref2=elqNone&tzo=0&ms=821&optin=disabled&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 384
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 391 B
320 B 56ms
55ms XHR
application/json 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=321&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f9bc2cc5328c33c00511f82ff2d0354ea2cbb6fffceb0fa0d68569b2edb7e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6d3f521a28939295-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H2 200 context.pl Show response
www.dianomi.com/cgi-bin/ 393 B
399 B 50ms
50ms XHR
application/json 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/context.pl?id=322&h=www.reuters.com&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

102c8237713d95e20f30d154acf0ea18beb3d14904e2634cc829ed650288a1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: https://www.reuters.com
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 6d3f521a38969295-FRA
vary: X-FORWARDED-PROTO
x-xss-protection: 1; mode=block

GET
H2 200 init Show response
d.pub.network/v2/ 77 KB
6 KB 170ms
127ms XHR
application/json 35.201.71.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/init?siteId=1783&env=PROD
Requested by: Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.71.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.71.201.35.bc.googleusercontent.com
Software: /
Resource Hash: d6f9bc648e2f554c2e5f6c26537349896c863d4a637402ab2abef0023bf84aff

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 153 B
432 B 62ms
28ms XHR
application/json 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d3f521a8b0e910d-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 2 KB
965 B 103ms
68ms XHR
application/json 2a02:26f0:7100:594::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW&d=www.reuters.com&t=5477529&v=1.632.0&sl=0&si=eyixbsmkpuv-r6cqgk&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=656997
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:594::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a1d9a53ebb5c78c3620d13ac02267d0df89e3d62778c29d303d2ce01b842e036

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 27 Jan 2022 04:43:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 645

POST
H2 200 beacon Show response
beacon.tru.am/ 45 B
687 B 209ms
164ms Fetch
application/json 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ab840a8734ebd6a051c7611539037da47878ac8c1f240f685fd45e1d091ca8

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chxEFNMxbuSJ43%2BNa2e%2FSU43wNecNmqN6Xt0q0SDJ%2FYMtsdg3xAdTg5OtAj%2FWrAoJl8zkuTGo7wZNh0ug6TcK%2Fmyw4qYrxcRo2SrYgwIHspUHwUKacf3i4bub9Mz82ZcK9yHA%2FrP2hpg9Dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 6d3f521aace090e8-FRA
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 dianomi-context.css
www.dianomi.com/partner/dianomi/css/ 169 B
262 B 28ms
27ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/partner/dianomi/css/dianomi-context.css?v=1.1

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3650
cf-polished: origSize=199
last-modified: Mon, 21 Jan 2019 12:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"c7-57ff735ded940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6d3f521a88f99295-FRA
expires: Thu, 27 Jan 2022 08:43:32 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame 77BE 17 KB
4 KB 156ms
155ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b81bfa5da5d34039ae6813d48de677c6cafcafc84cc769538121488ff52afda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/3473/21.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f521a89029295-FRA
content-encoding: br
cf-h2-pushed: </img/a/pss/3473/21.css>

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ 1 KB
1 KB 28ms
26ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9434
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:32 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521a89049295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
260 B 46ms
46ms Image
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.322.Reuters&geo_ccod=de

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6d3f521a89069295-FRA
expires: Wed, 26 Jan 2022 04:43:32 GMT

GET
H2 200 smartads.epl Show response
www.dianomi.com/ Frame E75B 7 KB
2 KB 115ms
114ms Document
text/html 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/contextfeed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d254f3fb008970024bb224b71eb172ddce9cc5ba18814d98c55bf25e69af7f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-FORWARDED-PROTO
expires: now
pragma: no-cache
cache-control: no-cache,no-store,private
link: </img/a/pss/3352/92.css>;rel=preload;as=style
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d3f521a99159295-FRA
content-encoding: br
cf-h2-pushed: </img/a/pss/3352/92.css>

GET
H2 200 pixeltrack.pl
www.dianomi.com/cgi-bin/ 77 B
138 B 49ms
48ms Image
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?cf=545.321.Reuters&geo_ccod=de

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6d3f521a99149295-FRA
expires: Wed, 26 Jan 2022 04:43:32 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.25.0/ 318 KB
76 KB 22ms
22ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: wv3c0qnkBhaWE//T4i2BGA==
age: 2899
vary: Accept-Encoding
content-length: 77456
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:46 GMT
server: cloudflare
etag: 0x8D9957C5F8AA42D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bc54bd62-e01e-00df-3e69-1189b2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521aca3e6961-FRA

GET
H2 200 player.css
cds.connatix.com/p/147588/ 54 KB
8 KB 15ms
15ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/147588/player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1cc9f616bd372ae964eec0a11061ac73c070372be1f6442dda535b69b12cb28d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: br
last-modified: Wed, 26 Jan 2022 11:30:25 GMT
age: 61312
etag: "de6f3533fb435fa3f7d0104764b594b6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 8462

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/0199937a-8ef8-4a27-8574-28b4bf79ec75/ 241 KB
42 KB 27ms
27ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/38cb75bd-fbe1-4ac8-b4af-e531ab368caf/0199937a-8ef8-4a27-8574-28b4bf79ec75/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68fdb8366b06fbd02f5cd29a38a8aaea10bd514bfba8cf175efb700576099ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vgxHxl0Q03ymrs98jobjgw==
age: 2844
vary: Accept-Encoding
content-length: 42850
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jan 2022 18:54:51 GMT
server: cloudflare
etag: 0x8D9D6C62E41FEA5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cc7e5315-701e-00f3-66c0-110b8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521b3bcd6916-FRA
expires: Thu, 27 Jan 2022 08:43:33 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 274 KB
38 KB 23ms
23ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7644f1bd3b04c1b6fb00354cdc363258a48044d85946bd2ce287c7fbfb0aed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9IX9pbsod8NTlkuKMxcqTg==
age: 2808
vary: Accept-Encoding
content-length: 38695
x-ms-lease-status: unlocked
last-modified: Thu, 27 Jan 2022 01:00:05 GMT
server: cloudflare
etag: 0x8D9E1305AFF4A0E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9997a093-f01e-0108-7c31-1385c0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521b3bcf6916-FRA

GET
H2 200 googleData.json Show response
cdn.cookielaw.org/vendorlist/ 60 KB
17 KB 41ms
41ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/googleData.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b34e6b19ee1bbe26115cfbc6d52f84729c5c473ca88a78a2ef3e46b51b486f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: BipnkdiApNGvskw2GIyzRQ==
age: 2807
vary: Accept-Encoding
content-length: 17342
x-ms-lease-status: unlocked
last-modified: Thu, 27 Jan 2022 01:00:05 GMT
server: cloudflare
etag: 0x8D9E1305B7E2B1E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4eeaef64-101e-014d-2d31-135851000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521b3bd06916-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.25.0/ 68 KB
15 KB 21ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YXJYn5Vw+11yZ/srS1Yf2Q==
age: 8656557
vary: Accept-Encoding
content-length: 14952
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 05:25:47 GMT
server: cloudflare
etag: 0x8D98ED3140A205E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75965901-e01e-0031-0b6c-c48331000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521b3ad56961-FRA

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame FDD8 6 KB
3 KB 498ms
123ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 45ff25cf64a14e1b0982a1d7ea8e50b230907766c979c6c30cd6625ee05e0046

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 3181

GET
H2 200 92.css
www.dianomi.com/img/a/pss/3352/ Frame E75B 5 KB
2 KB 17ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3352/92.css

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc9cd1ee28cd0b7187f0e73923d799e13027697e01ff217c2007fffdd4c0b873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154874
cf-polished: origSize=9069
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Nov 2021 01:06:15 GMT
server: cloudflare
etag: W/"236d-5d1e30c311074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6d3f521b39a79295-FRA
cf-bgj: minify

GET
H2 200 21.css
www.dianomi.com/img/a/pss/3473/ Frame 77BE 6 KB
2 KB 0ms
0ms Stylesheet
text/css 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/img/a/pss/3473/21.css

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d145a12e7210db6dabb1dda4d8940c8a6c7f0db1366c9dca62e7ee1ddb0e2862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154875
cf-polished: origSize=9902
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Jan 2022 06:12:34 GMT
server: cloudflare
etag: W/"26ae-5d4934a388b21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
cf-ray: 6d3f521b69cf9295-FRA
cf-bgj: minify

GET
H2 200 viewability8.js Show response
www.dianomi.com/js/ Frame E75B 7 KB
2 KB 30ms
30ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability8.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6041
cf-polished: origSize=9963
last-modified: Tue, 31 Aug 2021 16:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"26eb-5caddd1f2481d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6d3f521bca259295-FRA
expires: Thu, 27 Jan 2022 08:43:33 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame E75B 1 KB
1 KB 29ms
28ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9435
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521bca269295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/223700/5/ Frame E75B 16 KB
16 KB 29ms
28ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/223700/5/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a07b798c12b3129fceda1ad39416f2e147d5bf54af9217f12f71a1f44f0162a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154832
cf-polished: qual=85, origFmt=jpeg, origSize=64870
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Jan 2022 09:58:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:43:33 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6d3f521c2a869295-FRA
cf-bgj: imgq:85,h2pri

GET 321x214.jpg
www.dianomi.com/img/a/sav2/170151/6/ Frame E75B 0
0

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/175545/15/ Frame E75B 9 KB
9 KB 30ms
29ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/175545/15/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4a22ff571291a394a6222d7b4579e03f154421c5df7c826fec69ba181299256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 89000
cf-polished: qual=85, origFmt=jpeg, origSize=22959
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Jan 2022 04:00:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:43:33 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6d3f521c2a889295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/244195/4/ Frame E75B 20 KB
20 KB 56ms
55ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/244195/4/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90244bc1d0cfff3b142043e18428d00f04f745b5227d8d50b151177f84f56f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: degrade=85, origSize=32341, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20395
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Jan 2022 00:29:09 GMT
server: cloudflare
etag: "7e55-5d6714a46ec08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c2a899295-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
mixcommander.swissquote.com/mix/v3/ Frame E75B
Redirect Chain

https://track.adform.net/adfserve/?bn=38779456;1x1inv=1;srctype=3;ord=1643258612
https://track.adform.net/adfserve/?CC=1&bn=38779456;1x1inv=1;srctype=3;ord=1643258612
https://mixcommander.swissquote.com/mix/v3/?tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news...
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=mixcommander.swissquote.com&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20...
https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543333037540414&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-euro...

43 B
1 KB

31ms
30ms

Image
image/gif

35.181.29.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543333037540414&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=75293

Requested by

Protocol

HTTP/1.1

Server

35.181.29.184 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-29-184.eu-west-3.compute.amazonaws.com

Software

web /

Resource Hash

546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload;
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: private
Date: Thu, 27 Jan 2022 04:43:33 GMT
Content-Encoding: gzip
Server: web
X-Frame-Options: sameorigin
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400; includeSubDomains; preload;
Content-Type: image/gif
Expires: Wed, 27 Apr 22 05:43:33 +0200

Redirect headers

Pragma: private
Date: Thu, 27 Jan 2022 04:43:33 GMT
Server: web
location: https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543333037540414&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=75293
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Content-Type: text/html
Expires: Wed, 27 Apr 22 05:43:33 +0200

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 73ms
16ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:00:51 GMT
content-encoding: gzip
age: 2562
x-guploader-uploadid: ADPycdshUiS0HMLlMRGxpGCD-qQc5c51dEMv2EKiW0JR7bA2uSZ0sJEFslt30YKvUN6O6-k7VZudz84bvForkL9c2Iw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 68ms
15ms Script
application/javascript 99.86.3.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: a.pub.network
URL: https://a.pub.network/reuters-com/pubfig.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.3.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-75.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:30:39 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 818
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: sADxmKpb7BIE8t0XFqiGNbBl_ndlI15iVArg6-lbzIdFsshF0H1gGg==

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 10 KB
3 KB 22ms
21ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: n626O7KaK1I8+1+ACoyIKA==
age: 3117
vary: Accept-Encoding
content-length: 2586
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:37 GMT
server: cloudflare
etag: 0x8D9957C5A7CFC5A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 032f288e-801e-00ed-5e9c-11d162000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521c1d396916-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/ 47 KB
12 KB 27ms
27ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9E3lVDuBS011aFtnS8Lptg==
age: 2809
vary: Accept-Encoding
content-length: 11581
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:38 GMT
server: cloudflare
etag: 0x8D9957C5B1359BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4b4f58ce-701e-0119-17c0-11b2db000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521c2d3c6916-FRA

GET
H2 200 otCookieSettingsButton.json Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 5 KB
2 KB 22ms
22ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCookieSettingsButton.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: faMrXPz5JqfF3CH105XLtA==
age: 13912
vary: Accept-Encoding
content-length: 2144
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:35 GMT
server: cloudflare
etag: 0x8D9957C59807238
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 1a2f4ea8-d01e-001b-59c0-11f674000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521c2d3f6916-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.25.0/assets/ 20 KB
4 KB 22ms
22ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.25.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.25.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 6174
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Fri, 22 Oct 2021 16:52:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 933d70f7-d01e-015b-75e2-1099cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6d3f521c2d406916-FRA

GET
H2 200 viewability8.js Show response
www.dianomi.com/js/ Frame 77BE 7 KB
2 KB 28ms
28ms Script
application/javascript 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/js/viewability8.js

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6041
cf-polished: origSize=9963
last-modified: Tue, 31 Aug 2021 16:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
cf-bgj: minify
server: cloudflare
etag: W/"26eb-5caddd1f2481d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6d3f521c2a829295-FRA
expires: Thu, 27 Jan 2022 08:43:33 GMT

GET
H2 200 dianomi-max-200x38.png
www.dianomi.com/img/ Frame 77BE 1 KB
1 KB 24ms
24ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/dianomi-max-200x38.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9435
cf-polished: origFmt=png, origSize=3940
content-disposition: inline; filename="dianomi-max-200x38.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1164
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Jul 2020 16:53:11 GMT
server: cloudflare
etag: "f64-5ab9764140bc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c2a849295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/244709/5/ Frame 77BE 26 KB
27 KB 46ms
43ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/244709/5/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e228dfa98127bc8dfa5cfd300316ab16440248ed0159e034c86d290a172a40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66180
cf-polished: degrade=85, origSize=122191, status=webp_bigger
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Jan 2022 10:19:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:43:33 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6d3f521c2a8f9295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/225312/5/ Frame 77BE 8 KB
8 KB 43ms
41ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/225312/5/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b61037f2a0dc4226ad7b44b7333db248f57c50813399cd778bba889e9568456

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 52138
cf-polished: qual=85, origFmt=jpeg, origSize=12968
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Jan 2022 05:00:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:43:33 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6d3f521c2a909295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/220798/7/ Frame 77BE 16 KB
16 KB 30ms
28ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/220798/7/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a07b798c12b3129fceda1ad39416f2e147d5bf54af9217f12f71a1f44f0162a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154832
cf-polished: qual=85, origFmt=jpeg, origSize=64870
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Jan 2022 09:58:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:43:33 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6d3f521c2a919295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/217467/6/ Frame 77BE 20 KB
20 KB 43ms
40ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/217467/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ff6ca9adda6b1c8dc42c28e85a8380595c5ba36dd6c90d6e640c729a02553b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154749
cf-polished: degrade=85, origSize=94577, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20397
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jan 2022 10:50:00 GMT
server: cloudflare
etag: "17171-5d4fbbf9c04e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c2a929295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/241003/7/ Frame 77BE 3 KB
3 KB 46ms
44ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/241003/7/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5c003a8eb338c3606499ed78b6a879b129f448b5645eadd3dc6754ec0afacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 14887
cf-polished: qual=85, origFmt=jpeg, origSize=21237
content-disposition: inline; filename="321x214.webp"
vary: Accept
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jan 2022 13:32:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:43:33 GMT
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 6d3f521c2a939295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/173379/4/ Frame 77BE 13 KB
13 KB 42ms
39ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/173379/4/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c05ede94f8f8bd2339247ce0a13c3fa22a310604d3eb9c81dede81bf9ccdc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13396
cf-polished: qual=85, origFmt=jpeg, origSize=26829
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 13138
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Jan 2022 12:00:27 GMT
server: cloudflare
etag: "68cd-5d53915152b12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c2a949295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/130500/6/ Frame 77BE 14 KB
14 KB 47ms
44ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/130500/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ae656c21ca50980a3788579628230e49808f5c8003e6d45393fb4c6cc5d0f64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154775
cf-polished: qual=85, origFmt=jpeg, origSize=65464
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 14146
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Jan 2022 08:56:51 GMT
server: cloudflare
etag: "ffb8-5d4d1ef4c0336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3a9d9295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/239658/5/ Frame 77BE 4 KB
4 KB 53ms
51ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/239658/5/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439cb5cd41dee3561901e445e01241fb296bc83579cec2dc81807b0be26c76d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13396
cf-polished: qual=85, origFmt=jpeg, origSize=48942
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 4234
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Dec 2021 00:54:45 GMT
server: cloudflare
etag: "bf2e-5d2ac0d74bfe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3aa09295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/170151/6/ Frame 77BE 20 KB
20 KB 44ms
42ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/170151/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc966037ee8b0a7b452634ae81508a813f38544c203cb40b69828b4e11b91ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101844
cf-polished: degrade=85, origSize=29378, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20770
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Jan 2022 06:30:07 GMT
server: cloudflare
etag: "72c2-5d639fbaa5031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3aa19295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/244163/2/ Frame 77BE 19 KB
20 KB 47ms
45ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/244163/2/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21a3b531897649925c45149884f37d46c134870ec77e44ce0879ff142eb64d25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15655
cf-polished: origSize=20920, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 19954
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Jan 2022 00:32:58 GMT
server: cloudflare
etag: "51b8-5d5f8a4ea8d1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3aa59295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/244024/3/ Frame 77BE 7 KB
7 KB 47ms
45ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/244024/3/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64dbf56729c9134ca42cb606dcd084d436c059c7a1a673a66a614c1a2465b0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101409
cf-polished: qual=85, origFmt=jpeg, origSize=20039
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 7270
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Jan 2022 16:45:27 GMT
server: cloudflare
etag: "4e47-5d5ddff1008dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3aa79295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/226749/8/ Frame 77BE 13 KB
13 KB 45ms
44ms Image
image/webp 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/226749/8/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67d99f2a20922f66f7fcad4b52ead2be54e02c83a705103400137bf4c239a508

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 99764
cf-polished: qual=85, origFmt=jpeg, origSize=26722
content-disposition: inline; filename="321x214.webp"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 13220
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Jan 2022 10:18:14 GMT
server: cloudflare
etag: "6862-5d4d312549a55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3aa89295-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

/
mixcommander.swissquote.com/mix/v3/ Frame 77BE
Redirect Chain

https://track.adform.net/adfserve/?bn=38779456;1x1inv=1;srctype=3;ord=1643258613
https://track.adform.net/adfserve/?CC=1&bn=38779456;1x1inv=1;srctype=3;ord=1643258613
https://mixcommander.swissquote.com/mix/v3/?tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news...
https://mix-phoenix.commander1.com/mix/v3/?TC_CHECK_COOKIES_SUPPORT=1&tc_first=mixcommander.swissquote.com&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20...
https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543331115366597&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-euro...

43 B
1 KB

30ms
29ms

Image
image/gif

35.181.29.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543331115366597&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=12679

Requested by

Protocol

HTTP/1.1

Server

35.181.29.184 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-181-29-184.eu-west-3.compute.amazonaws.com

Software

web /

Resource Hash

546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload;
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: private
Date: Thu, 27 Jan 2022 04:43:33 GMT
Content-Encoding: gzip
Server: web
X-Frame-Options: sameorigin
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400; includeSubDomains; preload;
Content-Type: image/gif
Expires: Wed, 27 Apr 22 05:43:33 +0200

Redirect headers

Pragma: private
Date: Thu, 27 Jan 2022 04:43:33 GMT
Server: web
location: https://mixcommander.swissquote.com/mix/v3/?tc_id=202201270543331115366597&tcs=3551&rand=%n&chn=native&src=dianomi&cty=en&cmp=research&bsn=trading&bsn_type=retail%20&bsn_entity=swissquote-bank-europe&med=native&tpc=economic-news&aff_id=&aff_name=&rnd=12679
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=486000, pre-check=486000
Content-Type: text/html
Expires: Wed, 27 Apr 22 05:43:33 +0200

GET
H3

200

B27106067.326161109;dc_pre=CICIqK-P0fUCFck14Aod6CoD_Q;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/ Frame 77BE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B27106067.326161109;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gd...
https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B27106067.326161109;dc_pre=CICIqK-P0fUCFck14Aod6CoD_Q;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_...

42 B
64 B

61ms
37ms

Image
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B27106067.326161109;dc_pre=CICIqK-P0fUCFck14Aod6CoD_Q;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N6540.160898.DIANOMI/B27106067.326161109;dc_pre=CICIqK-P0fUCFck14Aod6CoD_Q;dc_trk_aid=518617576;dc_trk_cid=165261279;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B26132838.325771811;dc_pre=CLiSqK-P0fUCFXH_uwgdkMAIsg;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/ Frame 77BE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.325771811;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;t...
https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.325771811;dc_pre=CLiSqK-P0fUCFXH_uwgdkMAIsg;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;t...

42 B
64 B

57ms
40ms

Image
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.325771811;dc_pre=CLiSqK-P0fUCFXH_uwgdkMAIsg;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1175286.3498843DIANOMI.COM/B26132838.325771811;dc_pre=CLiSqK-P0fUCFXH_uwgdkMAIsg;dc_trk_aid=517841744;dc_trk_cid=164637128;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

B26754109.322672677;dc_pre=CKCGqK-P0fUCFcVW5QodeQUGqg;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent... Show response
ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/ Frame 77BE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B26754109.322672677;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B26754109.322672677;dc_pre=CKCGqK-P0fUCFcVW5QodeQUGqg;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_f...

11 B
38 B

93ms
69ms

Script
text/javascript

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B26754109.322672677;dc_pre=CKCGqK-P0fUCFcVW5QodeQUGqg;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N1384779.160898DIANOMI/B26754109.322672677;dc_pre=CKCGqK-P0fUCFcVW5QodeQUGqg;dc_trk_aid=515150301;dc_trk_cid=161079789;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame 77BE
Redirect Chain

https://ad2.adfarm1.adition.com/banner?sid=4478129&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_39}&kid=4943150&bid=15250628&wpt=C&ts=1643258613
https://imagesrv.adition.com/1x1.gif

68 B
178 B

68ms
19ms

Image
image/gif

217.79.188.60
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=6617&num_ads=12&cf=545.322.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6617-YfIi9K8GaYhPFAE6Wd52bwAAAAI0
Protocol: H2
Server: 217.79.188.60 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jan 2022 04:43:33 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 05:43:33 +0100
server: ADITIONSERVER v1.0
etag: 7057742001706632406
location: https://imagesrv.adition.com/1x1.gif
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/plain
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

B27002192.324576657;dc_pre=CPOHqK-P0fUCFS6R_QcdTy0FqQ;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent...
ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./ Frame 77BE
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B27002192.324576657;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B27002192.324576657;dc_pre=CPOHqK-P0fUCFS6R_QcdTy0FqQ;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_f...

42 B
64 B

67ms
43ms

Image
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B27002192.324576657;dc_pre=CPOHqK-P0fUCFS6R_QcdTy0FqQ;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?

Requested by

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N7861.576592DIANOMIINC./B27002192.324576657;dc_pre=CPOHqK-P0fUCFS6R_QcdTy0FqQ;dc_trk_aid=516993943;dc_trk_cid=164233509;ord=1643258613;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reuters.js Show response
tru.am/scripts/1/ 1 KB
1 KB 32ms
32ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/1/reuters.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfb1a28a47459f42aeba386db24a7ed646447869f5e2437d67ddc224548c2ebd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=q8DPRA==, md5=5hPVxFi69C69jYnEJFQofA==
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255256
x-guploader-uploadid: ADPycdtPTANYz_c12RXrIvUtnLQA-fCXDFPYaQCzVDXxcZPZmxpbz3oUAmhHZ3Cfe4SKZ0b5rGCltQ7dtRyCOom5X3yIaO-F3Q
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Jul 2021 07:53:47 GMT
server: cloudflare
etag: W/"e613d5c458baf42ebd8d89c42454287c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OATjVPaY3mVDHWk2nx5dGJAJ2U13GfToFE6UOKfXUO0iWGC3b0lwpMBcXLUpApPLtBYv%2B%2B0Zz3qDXqC2P9kKAxatx6%2FbvKrkSjp6ip7EenhpbzQb7pjFdqU0ceu9UQ3YPETfQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625817227166341
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1265
cf-ray: 6d3f521c2d3b68ec-FRA
expires: Mon, 24 Jan 2022 06:49:17 GMT

GET
H2 200 321x214.jpg
www.dianomi.com/img/a/sav2/170151/6/ Frame E75B 20 KB
20 KB 43ms
43ms Image
image/jpeg 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/sav2/170151/6/321x214.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc966037ee8b0a7b452634ae81508a813f38544c203cb40b69828b4e11b91ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101844
cf-polished: degrade=85, origSize=29378, status=webp_bigger
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20770
x-xss-protection: 1; mode=block
last-modified: Sun, 23 Jan 2022 06:30:07 GMT
server: cloudflare
etag: "72c2-5d639fbaa5031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 26 Feb 2022 14:43:33 GMT
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6d3f521c3aa99295-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame E75B 24 KB
24 KB 72ms
17ms Font
application/x-font-woff 65.9.61.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3352/92.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:43:31 GMT
content-encoding: gzip
age: 273602
x-cache: Hit from cloudfront
content-length: 24497
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: n-NAToeq5CD7yF0wwqTeA67ylmSkOTm0pVv0fi3AUJst9EcB1xvWpg==
expires: Mon, 31 Jan 2022 00:43:31 GMT

GET
H2 200 Knowledge-Regular.woff
static.reutersmedia.net/resources_v2/fonts/ Frame E75B 24 KB
24 KB 83ms
29ms Font
application/x-font-woff 65.9.61.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Regular.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3352/92.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:57:20 GMT
content-encoding: gzip
age: 103577
x-cache: Hit from cloudfront
content-length: 24249
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 9ACuDdnvjk4K65dHRPO5HHOw9QL2v69732EERHT7_yOOt-tjWjdsxg==
expires: Tue, 01 Feb 2022 23:57:16 GMT

GET
H2 200 Knowledge-Medium.woff
static.reutersmedia.net/resources_v2/fonts/ Frame 77BE 24 KB
24 KB 18ms
17ms Font
application/x-font-woff 65.9.61.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Medium.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3473/21.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 00:43:31 GMT
content-encoding: gzip
age: 273602
x-cache: Hit from cloudfront
content-length: 24497
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:23 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: Rc1zxj7xRLZfk1krnlafjatL1NefzfHpyKAxu1b9lStdojwOGXC2MQ==
expires: Mon, 31 Jan 2022 00:43:31 GMT

GET
H2 200 Knowledge-Regular.woff
static.reutersmedia.net/resources_v2/fonts/ Frame 77BE 24 KB
24 KB 21ms
20ms Font
application/x-font-woff 65.9.61.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.reutersmedia.net/resources_v2/fonts/Knowledge-Regular.woff
Requested by: Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/3473/21.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-37.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d

Request headers

Referer: https://www.dianomi.com/
Origin: https://www.dianomi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:57:20 GMT
content-encoding: gzip
age: 103577
x-cache: Hit from cloudfront
content-length: 24249
access-control-allow-origin: *
last-modified: Wed, 29 Mar 2017 00:52:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/x-font-woff
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: BeeXIRUFJCpv4epKqIaRqB_YxToPvPMImHttkxY_haTW-eGek4QTsw==
expires: Tue, 01 Feb 2022 23:57:16 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 36ms
35ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kdqkvU4KECv4erbHaj7Yfg==
age: 5577
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 21 Dec 2021 17:26:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f9338ff3-b01e-0066-02e2-106abc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6d3f521cbcc56961-FRA

GET
H3 200 reuters_pixel.ac4d8a.js Show response
tru.am/scripts/a/ 30 KB
10 KB 37ms
37ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/a/reuters_pixel.ac4d8a.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/1/reuters.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c85ebc6a8ec07b7503f99a175e3420507c50e26345b7e370fe7b794eec64d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=uWvVMg==, md5=gqosQmGBI4/wopxmwasHCA==
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93830
x-guploader-uploadid: ADPycdsfR-TVMdksy_LuyPsPCFjqAIVSnVcYH5YItVyEBSd_wcnGXIXNQ_VQLqfaDzjP3rRxOgUglmpPo6n_C775xFqhdJb-Ug
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Jul 2021 07:54:55 GMT
server: cloudflare
etag: W/"82aa2c426181238ff0a29c66c1ab0708"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPTQFeoflxmxTYI9xef5K0RoAZNDSzzk8N5pMhsOKDXPABnu1URlex0XdnlZSuYRP6TY2wsOTQ3tB%2F00qwUyjfiXGJWoKz6VTT4nkhMO6qvAsCzhyQdzZdj1z41lAW5jgk7%2Btw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625817295840555
content-type: text/javascript
cache-control: public, max-age=31536000
x-goog-stored-content-length: 30913
cf-ray: 6d3f521cbe4b68ec-FRA
expires: Wed, 26 Jan 2022 03:39:42 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=23384447&ns__t=1643258613229&ns_c=UTF-8&cv=3.5&c8=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&c7=https%3A%2F%2Fwww.r...
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1643258613229&ns_c=UTF-8&cv=3.5&c8=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&c7=https%3A%2F%2Fwww....

0
222 B

16ms
16ms

Image
text/plain

99.86.3.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1643258613229&ns_c=UTF-8&cv=3.5&c8=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&c9=
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Server: 99.86.3.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-3-75.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: L9GMl9voGcwvcJkUcAgBsM3fJmOP-tZTO25y_Cke-WN3tCG0YJwLQw==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 27 Jan 2022 04:43:33 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&ns__t=1643258613229&ns_c=UTF-8&cv=3.5&c8=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&c7=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&c9=
content-length: 306
x-amz-cf-id: qH92R9WSSNTAIe-ngyMtQUNxRbDrwgXTiDo6bwD39wAO-glmaX_9tA==

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 162 B
371 B 64ms
30ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d3f521d3a65698b-FRA

GET
H2 200 r_h_lg_rgb_ps_copy.png
cdn.cookielaw.org/logos/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/cff8cfa8-5e70-4579-becd-d599f7105bb0/766b8b37-94ff-47ad-9200-15ee74d5260a/ 5 KB
5 KB 21ms
21ms Image
image/png 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/cff8cfa8-5e70-4579-becd-d599f7105bb0/766b8b37-94ff-47ad-9200-15ee74d5260a/r_h_lg_rgb_ps_copy.png

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2966f4808cdde4d3878e5dcdee63eaed6844c23c8eb96f4ead3a1c86c7e14058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: d1bXiraWLYi1eW3sW0vtzQ==
age: 2774
vary: Accept-Encoding
content-length: 4900
x-ms-lease-status: unlocked
last-modified: Fri, 14 Aug 2020 08:28:05 GMT
server: cloudflare
etag: 0x8D8402BF7BA7DDC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: f4be65ac-e01e-0117-63e9-105ed0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d3f521d0d146961-FRA

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 29ms
29ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: LpuayL42jB78xRllx0vkOw==
age: 5407
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 25 Jan 2022 16:52:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 8435c1d3-f01e-012a-4d1f-12ebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6d3f521d0d1a6961-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 52ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tru.am
URL: https://tru.am/scripts/a/reuters_pixel.ac4d8a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: 6oXnb/CWLZat5L/BJz+EUed171d1aZM6aMFvc6y/xJlQB4scXXNq0jA1FFQ0okcOKgmnPpBDL/sAGPTFIFY5Jg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 27 Jan 2022 04:43:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 231683795448623 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 36ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/231683795448623?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

455372fc80b89b749b6e4dc7f52a72ab537221925ab89dbaaee63a137eb09942

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89026
x-xss-protection: 0
pragma: public
x-fb-debug: dzv28foaT9J4JfC5Ucxoks9lzf0Zk41hVdWG9mUqon8JACp2CCgyy3u4dOeWsf5lFrhQQhHnGoOcltepgV8lkQ==
x-frame-options: DENY
date: Thu, 27 Jan 2022 04:43:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
142 B 553ms
177ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:33 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
141 B 720ms
350ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H/1.1 200
OK svrGP Show response
s1319934923.t.eloqua.com/visitor/v200/ 79 B
581 B 345ms
126ms Script
application/javascript 209.167.231.17
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://s1319934923.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=1319934923&ms=821

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.167.231.17 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

e017.en25.com

Software

Resource Hash

95d045637194e2cf561c94a509e782b5699fe680237a4b19a90662b5cc66b1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Thu, 27 Jan 2022 04:43:33 GMT
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 106
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 57ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4119
date: Thu, 27 Jan 2022 03:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 27 Jan 2022 05:34:54 GMT

GET
H3 200 312961195854690 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/312961195854690?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83a4ea58fa6dbd607e1ee905d0e95460afb43b8c33e3675a3098b52f6ff60a05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89582
x-xss-protection: 0
pragma: public
x-fb-debug: ihblOrYXV3m8zmGz7+PRfyb3JocnTuttgQlrEfaIUBdJla5MMRGIg8FjAtMOB8iN1GivymaoWuOkGF7DhI26Iw==
x-frame-options: DENY
date: Thu, 27 Jan 2022 04:43:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 1643258613;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Fworld_@2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26_@2F;;; Show response
ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/ 750 B
1 KB 133ms
133ms Script
text/html 209.234.236.20
WALLSTREET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/1.0.async/1643258613;0,0,0;1600x1200x1;https%3A_@2F_@2Fwww.reuters.com_@2Fworld_@2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26_@2F;;;
Requested by: Host: ad.wsod.com
URL: https://ad.wsod.com/site/dc54d4678e62010da03e468039cfe826/0.0.async
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.234.236.20 , United States, ASN7334 (WALLSTREET, US),
Reverse DNS
Software: nginx / PHP/5.4.16
Resource Hash: c964a119df1de2b0f43b0ec3d241a56a91246b535ff80de29b17005f86374212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jan 2022 04:43:33 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.16
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sophi.min.js Show response
cdn.sophi.io/latest/ 120 KB
42 KB 467ms
405ms Script
application/javascript 65.9.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/sophi.min.js
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/pf/resources/dist/reuters/js/index.js?d=69
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bfc44039c36dd275b360e61673c760eafc880b5374e93b40b2f5bf09a07798a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: bBiKDPaR9zp_wsZ_AER7fdhyQ6rI_82K
content-encoding: gzip
etag: W/"d3372f19a04914dad0bc228d6edc1164"
last-modified: Thu, 20 Jan 2022 19:07:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cache-control: max-age=0
date: Thu, 27 Jan 2022 04:43:34 GMT
x-amz-cf-id: Yd9rtrctmxjSxB81XnMkPzOEcgemBq0kEfk-lgbIpLvi6IbN3mlJ9Q==

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
141 B 693ms
351ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 insights.bin Show response
ins.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/3/ Frame FDD8 164 B
236 B 61ms
16ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aaa227b06291a195af0c1104fd9c2e6ebe4c8e8821b2d5c661a4d72fb0181c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:41:42 GMT
age: 60062
etag: "83514b4455e311e2ee5849b67cf516ba"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 150

GET
H2 200 insights.bin Show response
ins.connatix.com/9836f8fc-6257-466a-9b7a-5db739e15b85/3/ Frame FDD8 92 B
192 B 61ms
16ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/9836f8fc-6257-466a-9b7a-5db739e15b85/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f408988b3494dd5f48e40669fc4a8ae500d34df363bcda1638d3d6aebc943c3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:40:56 GMT
age: 60062
etag: "419de7c2054e70205e4a6ec353abd153"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 107

GET
H2 200 insights.bin Show response
ins.connatix.com/1e41a837-effe-4565-8640-28b28e1440c4/3/ Frame FDD8 164 B
235 B 60ms
16ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/1e41a837-effe-4565-8640-28b28e1440c4/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83370007052e2c177a2d1fed65528b60d76331558b4922e1253349d2cbeecdbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:33:05 GMT
age: 60061
etag: "0d39bb8c30ba97ea7d4494d6ca651415"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 149

GET
H2 200 insights.bin Show response
ins.connatix.com/313d8bd9-92a6-4fb4-97fe-26ccd2c25585/3/ Frame FDD8 155 B
218 B 60ms
15ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/313d8bd9-92a6-4fb4-97fe-26ccd2c25585/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c672b831e35267354c50b40b9ed6ec9d0a72204536cf84f85acd8bb462bb4c22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:15:30 GMT
age: 60061
etag: "ac14744b11a932ac40de005e6aef70d2"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 128

GET
H2 200 insights.bin Show response
ins.connatix.com/d0d5551c-c422-476d-802a-2583f7204064/3/ Frame FDD8 65 B
314 B 59ms
15ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/d0d5551c-c422-476d-802a-2583f7204064/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7350a454f7ab09fab322283b711fd5710786aab4ae8a996aba57c666483384dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:39:28 GMT
age: 60062
etag: "b5f85e5d59733b64e5d86829cd655c40"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 78

GET
H2 200 insights.bin Show response
ins.connatix.com/3c4900df-bc8c-4958-8b16-a6e183081d5e/3/ Frame FDD8 101 B
189 B 61ms
17ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/3c4900df-bc8c-4958-8b16-a6e183081d5e/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5da9f8b76dd02ec052fec4ce05b95e7f97e7b5bf5001c840d0eb1ac6799ff50d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:27:40 GMT
age: 60061
etag: "4674e72e6b2e6949e9441c674904cce0"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 104

GET
H2 200 insights.bin Show response
ins.connatix.com/f5cbf09e-c50b-42fe-b8d4-a6fa518a121d/3/ Frame FDD8 92 B
190 B 61ms
17ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/f5cbf09e-c50b-42fe-b8d4-a6fa518a121d/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e6b0e0247f8ad09ea857f4cf16fdf3db48c89a6dd049aa61e518adbc06e27e60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:43:29 GMT
age: 60061
etag: "122deec47d309b2b3c99204fc85f9b48"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 105

GET
H2 200 insights.bin Show response
ins.connatix.com/fccc600e-2e26-4b83-852e-f3b9d42542e2/3/ Frame FDD8 119 B
199 B 72ms
28ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/fccc600e-2e26-4b83-852e-f3b9d42542e2/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 88b9500ffd2c20492c4b3d9b37c91d33c3c261869eff0904bad42cf973ea768f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:45:32 GMT
age: 60062
etag: "cf31e468889a61cd164816ca15fb0518"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 109

GET
H2 200 insights.bin Show response
ins.connatix.com/5a4e5adf-22a5-4e1b-ac3d-7160c9017fc7/3/ Frame FDD8 164 B
239 B 72ms
28ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/5a4e5adf-22a5-4e1b-ac3d-7160c9017fc7/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2ea3a633a289509de132eec82b694cfdd3206658bd5e61464fe44b8e6d897a48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:47:15 GMT
age: 60061
etag: "50b99b88e2e2ec0f981967ba78816291"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 149

GET
H2 200 insights.bin Show response
ins.connatix.com/46399772-420a-415e-a45c-51cfba65357f/3/ Frame FDD8 47 B
148 B 61ms
18ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/46399772-420a-415e-a45c-51cfba65357f/3/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c98a9407aa6ce90ad5defb63049c1b072e35824a1a963ccc9f7c4fb3b51ee58b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:40:11 GMT
age: 60062
etag: "c46987c2d363c6a46277b197e9c08a9f"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 63

GET
H2 200 blockedDomains_19.bin Show response
lit.connatix.com/08d73c4a-1f08-bb8e-5601-47e4bef1e155/ Frame FDD8 6 KB
3 KB 65ms
15ms XHR
application/octet-stream 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lit.connatix.com/08d73c4a-1f08-bb8e-5601-47e4bef1e155/blockedDomains_19.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: beb4ca133a3db18fa219eb8864b96423f719fc765cd4e901a65afbc726c7c46c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 21:04:34 GMT
age: 7854126
etag: "277c5105306c5e9793b5c577c80fd532"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 2992

GET
H2 200 insights.bin Show response
ins.connatix.com/efbe03984028522cb553f969b4eb8031/ Frame FDD8 1 KB
987 B 73ms
31ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ins.connatix.com/efbe03984028522cb553f969b4eb8031/insights.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17a840652b17956a15ed08dff30891e66581d61db4eb80f5aa9cf9b8dfd75eec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 13:40:04 GMT
age: 50249
etag: "40e26610d7ff9b2747eea41106701f1e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 803

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 96ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

fbfb05af1bc279eaa1e2dd91520555bc9d2118868e1f1bb035baab94c760688e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
x-xss-protection: 0
server: sffe
etag: "1114 / 554 of 1000 / last-modified: 1643238406"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jan 2022 04:43:33 GMT

GET
H2 200 3_media.bin Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 823 B
796 B 39ms
26ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b77de466b797fbd555325f1c043c042fcdd071d7a6c62808016a4c8d3b1659b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:41:41 GMT
age: 60061
etag: "4c503a5c45d1ed9f902c2a3ffdda179a"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 565

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FDD8 376 KB
125 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127061
x-xss-protection: 0
expires: Thu, 27 Jan 2022 04:43:33 GMT

GET
H2 200 3_media.bin Show response
vid.connatix.com/9836f8fc-6257-466a-9b7a-5db739e15b85/ Frame FDD8 789 B
613 B 22ms
22ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/9836f8fc-6257-466a-9b7a-5db739e15b85/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d543afd6d4022eda522375c0fc8bacfa037fd69312e70a8d42ec4e7d90e3575a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:40:56 GMT
age: 60061
etag: "2c8e11abba7ffdb4e5e259cd38ffd78e"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 551

GET
H2 200 3_media.bin Show response
vid.connatix.com/1e41a837-effe-4565-8640-28b28e1440c4/ Frame FDD8 819 B
667 B 22ms
21ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/1e41a837-effe-4565-8640-28b28e1440c4/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a424a87a0a86cfc43671713b4c590bf2fe07acc4e201c208a6b99c3d3dc474b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:33:04 GMT
age: 60061
etag: "4ce36c6a0c26ec783923e154def70bd3"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 582

GET
H2 200 3_media.bin Show response
vid.connatix.com/313d8bd9-92a6-4fb4-97fe-26ccd2c25585/ Frame FDD8 704 B
564 B 21ms
21ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/313d8bd9-92a6-4fb4-97fe-26ccd2c25585/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5afe32170dcff4ec95c4b3b913c96c2b6550e972d330e2783221f8a2839f6c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:15:30 GMT
age: 60061
etag: "f1beeac840822b055d5f52246a5fe011"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 502

GET
H2 200 3_media.bin Show response
vid.connatix.com/d0d5551c-c422-476d-802a-2583f7204064/ Frame FDD8 742 B
608 B 21ms
20ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/d0d5551c-c422-476d-802a-2583f7204064/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bb321f8a336512e15038b6162588a288384c18463de7d60af4a04c6d950b2248

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:39:27 GMT
age: 60061
etag: "31f426577172bf5e3b2279344175c0d4"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 522

GET
H2 200 3_media.bin Show response
vid.connatix.com/3c4900df-bc8c-4958-8b16-a6e183081d5e/ Frame FDD8 702 B
563 B 20ms
20ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/3c4900df-bc8c-4958-8b16-a6e183081d5e/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7f0a757886d4e5f0a65aba918fa0c14037f4bec4221075a0973e3c2365a411c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:27:40 GMT
age: 60061
etag: "ddb414a65306f5ae8e68da0a4d02f2a2"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 501

GET
H2 200 3_media.bin Show response
vid.connatix.com/f5cbf09e-c50b-42fe-b8d4-a6fa518a121d/ Frame FDD8 785 B
603 B 20ms
19ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/f5cbf09e-c50b-42fe-b8d4-a6fa518a121d/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 50d59062593b0b884fa49924ac66884d15b26f2457dfeba651be9e26eab07e10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:43:29 GMT
age: 60061
etag: "ffcbcb257c1b20cc130df2332643aad8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 541

GET
H2 200 3_media.bin Show response
vid.connatix.com/fccc600e-2e26-4b83-852e-f3b9d42542e2/ Frame FDD8 805 B
647 B 25ms
24ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/fccc600e-2e26-4b83-852e-f3b9d42542e2/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 06190b79a97d5b982e9f9f1c74725ca5b3eb4c0d0344a690ba544d070a10ccfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:45:32 GMT
age: 60061
etag: "bf3e5e92ed7599f1d21f520d77e6a0e6"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 585

GET
H2 200 3_media.bin Show response
vid.connatix.com/5a4e5adf-22a5-4e1b-ac3d-7160c9017fc7/ Frame FDD8 877 B
682 B 24ms
24ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/5a4e5adf-22a5-4e1b-ac3d-7160c9017fc7/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a0e55ebe68f0c7e98f4c33f8eef488a0713988555f79f5f5e25b3046d5de3822

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:47:15 GMT
age: 60061
etag: "2e60b8f5de43f70c3c5fdb4f8b2c2766"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 619

GET
H2 200 3_media.bin Show response
vid.connatix.com/46399772-420a-415e-a45c-51cfba65357f/ Frame FDD8 727 B
554 B 24ms
23ms XHR
application/octet-stream 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/46399772-420a-415e-a45c-51cfba65357f/3_media.bin?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4604f581eb8864f5f8e3d6a4b7233c790b329806652d4d0bb16ae2aab9474b2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:40:11 GMT
age: 60061
etag: "6978164140492d91e8b4f5f036bb2a45"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 491

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame FDD8 592 B
715 B 536ms
203ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: d6ac4a3b8c35118c650b323b1e7ec163dbc7fe6b8f0f664486668cdc1191bb8c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 418

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
356 B 336ms
107ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081147&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=1a887bbd-c944-4444-80d6-1c1e7b976342&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 1_th.jpg
img.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ 18 KB
18 KB 29ms
15ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1_th.jpg?crop=832:468,smart&width=832&height=468&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4fd776726bd423d137cf6ad737f786282024cb1cf3ff7c33861e72afe42dbbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "VZX6saxuO2Kc8BEPbYDdaYBAmNiE/Opk1q51nzsz6s8"
access-control-max-age: 86400
fastly-io-info: ifsz=84781 idim=2562x1440 ifmt=jpeg ofsz=18551 odim=832x468 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 18015

GET
H2 200 1_th.jpg
img.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ 20 KB
19 KB 31ms
17ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1_th.jpg?crop=1008:468,smart&width=1008&height=468&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de64cce431e006aee387b3a96a94ae3891de8bc466bd40373b605ad1ae048a60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "ucWKLibv5bbI/qBXIDvOnkUypyWqFHcZjpfBlCG/zEg"
access-control-max-age: 86400
fastly-io-info: ifsz=84781 idim=2562x1440 ifmt=jpeg ofsz=20226 odim=1008x468 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 19698

GET
H2 200 1_th.jpg
img.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ 3 KB
2 KB 30ms
16ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 64a68ff30a084306f0748da59c095a6a3a1b2f255dd7b9e528a5e30d3d23145a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "sUUZyVsx3RdlQDxwqkgEkjoEUuOkfQSX8VlkS7cS8yI"
access-control-max-age: 86400
fastly-io-info: ifsz=84781 idim=2562x1440 ifmt=jpeg ofsz=2657 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2187

GET
H2 200 1_th.jpg
img.connatix.com/9836f8fc-6257-466a-9b7a-5db739e15b85/ 4 KB
3 KB 26ms
15ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/9836f8fc-6257-466a-9b7a-5db739e15b85/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6cdcc8303b1ec0129c4a53d087130bbb23881f983813c3f9db769968dd64359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64363
etag: "foSNSWR7ZvXICuFXWUKidqKPG4XeNvisD/gVWhhQdK4"
access-control-max-age: 86400
fastly-io-info: ifsz=113904 idim=2562x1440 ifmt=jpeg ofsz=3597 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3107

GET
H2 200 1_th.jpg
img.connatix.com/1e41a837-effe-4565-8640-28b28e1440c4/ 4 KB
4 KB 24ms
16ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/1e41a837-effe-4565-8640-28b28e1440c4/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 43fdd9a3f7e71eccd6371fc2bfaff9f7b67cd43d9679df17d62d3106df9711f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "J4aK5rfgO70KjA6nzDwfFnVa9vJzgeWgnx8GTO9dRZI"
access-control-max-age: 86400
fastly-io-info: ifsz=127385 idim=2562x1440 ifmt=jpeg ofsz=4202 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 3738

GET
H2 200 1_th.jpg
img.connatix.com/313d8bd9-92a6-4fb4-97fe-26ccd2c25585/ 3 KB
2 KB 23ms
16ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/313d8bd9-92a6-4fb4-97fe-26ccd2c25585/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a5612a36e4bcdf3465892ae73f49b659c750e1b2f22bae3df7ba293eb6fe90f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 60072
etag: "3QvAU6+ly6Vz+tSMqFZDyoEe7EsNP6xIZkkaHDmZrnU"
access-control-max-age: 86400
fastly-io-info: ifsz=94975 idim=2562x1440 ifmt=jpeg ofsz=2597 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2136

GET
H2 200 1_th.jpg
img.connatix.com/d0d5551c-c422-476d-802a-2583f7204064/ 2 KB
2 KB 20ms
18ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/d0d5551c-c422-476d-802a-2583f7204064/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 04e356eb2d90d21d7bc8615f25e38ab29d06c041750e83cda2012dac93cc396b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "4VozjBtLfRJecIC79vUTRjloi/qRrfQGDPSKY8Kn1vk"
access-control-max-age: 86400
fastly-io-info: ifsz=46403 idim=2562x1440 ifmt=jpeg ofsz=2097 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 1622

GET
H2 200 1_th.jpg
img.connatix.com/3c4900df-bc8c-4958-8b16-a6e183081d5e/ 3 KB
2 KB 21ms
19ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/3c4900df-bc8c-4958-8b16-a6e183081d5e/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: edef98e5064e4b208a52704bbd332714cd35547a020d7892b694f1386de7e7dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "BWhS2vXzL7WN3FJG3qGbWzfWNhO1s4Kvy9bajw8cSwc"
access-control-max-age: 86400
fastly-io-info: ifsz=63980 idim=2562x1440 ifmt=jpeg ofsz=2661 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2227

GET
H2 200 1_th.jpg
img.connatix.com/f5cbf09e-c50b-42fe-b8d4-a6fa518a121d/ 3 KB
3 KB 21ms
19ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/f5cbf09e-c50b-42fe-b8d4-a6fa518a121d/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0fbf6b20ca8f68612f1098f441a82d074e8849005aa0582cea54e4331dc7e253

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "tWZv2/LdqFkkr96YgNT0ZqW13XjD6UkGOBWESPetQRo"
access-control-max-age: 86400
fastly-io-info: ifsz=100660 idim=2562x1440 ifmt=jpeg ofsz=3154 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 2729

GET
H2 200 1_th.jpg
img.connatix.com/fccc600e-2e26-4b83-852e-f3b9d42542e2/ 4 KB
4 KB 22ms
20ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/fccc600e-2e26-4b83-852e-f3b9d42542e2/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1ac1e5c65815a9f5783fa8ea9b83dcbeeb75933ac72207346b30b525860f3d5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "JTjXymH6SgaFMVCxFZ1rScZhb2ySUINRlxnBm8NLz60"
access-control-max-age: 86400
fastly-io-info: ifsz=133437 idim=2562x1440 ifmt=jpeg ofsz=4499 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4083

GET
H2 200 1_th.jpg
img.connatix.com/5a4e5adf-22a5-4e1b-ac3d-7160c9017fc7/ 5 KB
4 KB 21ms
20ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/5a4e5adf-22a5-4e1b-ac3d-7160c9017fc7/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: afc17d399c958df54a4095fe9f043a13b336391c26432b28a68dda21e9bc09c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "xxkWa+5Vrua7NNY7OE+ciw/LIqMqhmRQdNCIqUj7ZAY"
access-control-max-age: 86400
fastly-io-info: ifsz=171927 idim=2562x1440 ifmt=jpeg ofsz=4798 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4404

GET
H2 200 1_th.jpg
img.connatix.com/46399772-420a-415e-a45c-51cfba65357f/ 5 KB
5 KB 21ms
21ms Image
image/jpeg 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/46399772-420a-415e-a45c-51cfba65357f/1_th.jpg?crop=160:90,smart&width=160&height=90&format=jpeg&quality=60&fit=crop
Requested by: Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 65c974a8488baa298fc5e279a6c6bdb088d462f11703f7538b0fb29b9d56d384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: br
age: 64364
etag: "EJXgebLSMHufqTwhlF9KIkGbKPGWyUicCXe9bFQ4ET0"
access-control-max-age: 86400
fastly-io-info: ifsz=162029 idim=2562x1440 ifmt=jpeg ofsz=4871 odim=160x90 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 4451

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 40ms
16ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Jan 2022 05:17:24 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame E75B 77 B
138 B 53ms
52ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=223700&smartad_variant_id=8931&device_type=computer&geo_state=thueringen&impression_id=YfIi9L_LOje_LabbJxIYoQAAAAo&adgroup_variant_ids=223700,175545,170151,244195&geo_ccod=de&geo_dma=&smartad_id=6616

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6d3f521fbe5e9295-FRA
expires: Wed, 26 Jan 2022 04:43:33 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame E75B 77 B
265 B 51ms
51ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=170151&smartad_variant_id=8931&device_type=computer&geo_state=thueringen&impression_id=YfIi9L_LOje_LabbJxIYoQAAAAo&adgroup_variant_ids=223700,175545,170151,244195&geo_ccod=de&geo_dma=&smartad_id=6616

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6d3f521fbe609295-FRA
expires: Wed, 26 Jan 2022 04:43:33 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame E75B 77 B
138 B 56ms
55ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=175545&smartad_variant_id=8931&device_type=computer&geo_state=thueringen&impression_id=YfIi9L_LOje_LabbJxIYoQAAAAo&adgroup_variant_ids=223700,175545,170151,244195&geo_ccod=de&geo_dma=&smartad_id=6616

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6d3f521fbe629295-FRA
expires: Wed, 26 Jan 2022 04:43:33 GMT

GET
H2 200 pixeltrack.pl Show response
www.dianomi.com/cgi-bin/ Frame E75B 77 B
350 B 50ms
50ms XHR
image/gif 104.18.22.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dianomi.com/cgi-bin/pixeltrack.pl?initial_load=true&ad_group_variant_id=244195&smartad_variant_id=8931&device_type=computer&geo_state=thueringen&impression_id=YfIi9L_LOje_LabbJxIYoQAAAAo&adgroup_variant_ids=223700,175545,170151,244195&geo_ccod=de&geo_dma=&smartad_id=6616

Requested by

Host: www.dianomi.com
URL: https://www.dianomi.com/js/viewability8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.22.230 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.dianomi.com/smartads.epl?id=6616&num_ads=4&cf=545.321.Reuters&url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&unitId=dianomi-6616-YfIi9JDPFlN8vDnkrZ7vXgAAAA41
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-FORWARDED-PROTO
content-type: image/gif; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 6d3f521fbe639295-FRA
expires: Wed, 26 Jan 2022 04:43:33 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 97B5 0
220 B 49ms
17ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Thu, 27 Jan 2022 04:43:33 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 91C9 0
31 B 61ms
28ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Thu, 27 Jan 2022 04:43:33 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame F4D6 0
31 B 59ms
28ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Thu, 27 Jan 2022 04:43:33 GMT

GET
H2 200 playlist.m3u8 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 309 B
272 B 14ms
13ms XHR
application/x-mpegurl 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/playlist.m3u8?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bee09fef7ab18fb3388be07f89250b896ded47f3340b1b2f699ccccf2d23c24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:06:18 GMT
age: 60073
etag: "b45f5a4af4a6c573e783f3561bacf7d8"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 164

GET
H3 200 pubads_impl_2022012503.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
118 KB 41ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012503.js?31064555

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

0df32c790bf3e270685bc509c332943cd48fb6fb60cb8bce8d2ce0c33782fa91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:33:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120954
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 18:45:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 26 Jan 2023 17:33:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 492 B
214 B 47ms
23ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.reuters.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ea3fe162acf833eeaa8d69af18bbf42dc274cd3cd76a4f2199a8fb404915a38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0
expires: Thu, 27 Jan 2022 04:43:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 76ms
23ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-24152976-22&cid=860738656.1643258614&jid=212280073&gjid=1181831990&_gid=1230464935.1643258614&_u=aGBAgEAjAAAAAE~&z=2140878698

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 27 Jan 2022 04:43:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.reuters.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Registration&ea=registration.prompt.seen&el=Prompt%20Visible&ev=0&_u=aGBAgEAj~&jid=212280073&gjid=1181831990&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&z=1749537100

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32615
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=article.content.bottom.visible&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&cm26=1&z=1240134028

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32615
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
17ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Article&ea=sophi.attached&el=story&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&cm26=1&cd102=2&z=2072674105

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32615
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.m3u8 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 832 B
420 B 20ms
20ms XHR
application/x-mpegurl 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/0.m3u8?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 584dc568516312ff88d6e4fc47ed3e294039a27a900b4be7e92dcf1ac247eea4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60071
etag: "bcaba7de1f263399a0ebccd78cded837"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 330

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C7C1 601 KB
195 KB 39ms
15ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 22:01:36 GMT
expires: Sat, 21 Jan 2023 22:01:36 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 21 Jan 2022 21:59:24 GMT
content-type: text/html
age: 456117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FDD8 44 KB
17 KB 64ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 27 Jan 2022 04:43:33 GMT

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6227 601 KB
195 KB 23ms
17ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 22:01:36 GMT
expires: Sat, 21 Jan 2023 22:01:36 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 21 Jan 2022 21:59:24 GMT
content-type: text/html
age: 456117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1EF7 601 KB
195 KB 29ms
29ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Jan 2022 22:01:36 GMT
expires: Sat, 21 Jan 2023 22:01:36 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 21 Jan 2022 21:59:24 GMT
content-type: text/html
age: 456117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 206 0.mp4 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 1 KB
1 KB 14ms
13ms XHR
video/mp4 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/0.mp4?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b980c69e63b9107e3e3b6be86791376927c84e91f3c77aaba0d29c8f9afe5f0b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-1332

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60062
etag: "8a8db3e51b4fbb24e389e22c82518ada"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1332/7344657
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1333

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 67ms
28ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24152976-22&cid=860738656.1643258614&jid=212280073&_u=aGBAgEAjAAAAAE~&z=311004247

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 67ms
27ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-24152976-22&cid=860738656.1643258614&jid=212280073&_u=aGBAgEAjAAAAAE~&z=311004247

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 25D5 37 KB
13 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:56:34 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8DDC 37 KB
13 KB 52ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:56:34 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B56B 37 KB
13 KB 64ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 03:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 27 Jan 2022 04:56:34 GMT

GET
H2 206 0.mp4 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 726 KB
726 KB 15ms
14ms XHR
video/mp4 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/0.mp4?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37ecbfbbae76b691b860b15f2e5088c50cf3b88566c80fc63fb393f47573275c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=1333-744367

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60063
etag: "8a8db3e51b4fbb24e389e22c82518ada"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1333-744367/7344657
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 743035

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 108ms
107ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=3c957e66-60dd-4b9f-a922-651b6d0e59a8&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
141 B 201ms
201ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/i
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 106ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=40f837cd-5fa5-45e1-beb9-fcadff700653&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

OPTIONS
H2 200 tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 348ms
104ms Preflight 15.197.164.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.164.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab5547fe103db6c64.awsglobalaccelerator.com
Software: sophi /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 5
date: Thu, 27 Jan 2022 04:43:34 GMT
server: sophi
vary: Accept-Encoding
content-length: 0

GET
H2 200 config_reuters.min.js Show response
cdn.sophi.io/latest/ 26 KB
10 KB 402ms
401ms Script
application/javascript 65.9.61.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sophi.io/latest/config_reuters.min.js
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d2c46c066f467075f660ce433454604cc47e8af960e10f640373c39baafc69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: p78R2LP810CCxnShrkPJTwwjt4AVnrcz
content-encoding: gzip
etag: W/"469ebed6ae79a0487971a4c25a3a9599"
last-modified: Thu, 20 Jan 2022 19:07:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cache-control: max-age=0
date: Thu, 27 Jan 2022 04:43:35 GMT
x-amz-cf-id: tvhejdQSmHsOH5V--ZQlAUiFUztmkm_ZSNwhadSHa9dF5eP2FmZerA==

POST
H2 200 tp2 Show response
collector.sophi.io/com.snowplowanalytics.snowplow/ 2 B
264 B 325ms
109ms XHR
text/plain 15.197.164.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.164.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab5547fe103db6c64.awsglobalaccelerator.com
Software: sophi /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
server: sophi
vary: Accept-Encoding
p3p: policyref="", CP="This is not a P3P policy"
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2

GET
H2 200 1.m3u8 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 848 B
536 B 14ms
14ms XHR
application/x-mpegurl 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1.m3u8?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b36329673a3e530d3fb838f00b44995b9ca6f56c1b078a3d7204f2cf6d5c1902

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60060
etag: "ff06acacd8e9455806c45dd3dfe2e11a"
vary: Accept-Encoding
content-type: application/x-mpegURL
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 340

POST
H/1.1 200
OK mq Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/mq?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 222ms
110ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:33 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4409 0
18 B 35ms
17ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 27 Jan 2022 04:43:34 GMT

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 108ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081151&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=f4ec6729-6804-4273-ab6e-4fa5b49effea&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 106ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=7d04d0fb-e420-49b6-8383-a98d9db10f0c&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 107ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=cad45bef-450b-4dd1-8989-2b95565e6bc6&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 / Show response
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/ 7 KB
4 KB 88ms
29ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcdd9d4534fb16565988178546594a53075b2ceabe280b0932930f5e8bd5e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154848
cf-polished: origSize=8435
cf-ray: 6d3f522528b091e1-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-nOm+QNC/nrXUnvk6iAMuNXs7ytQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H2 404 pixel
us-central1-octane-216112.cloudfunctions.net/ 0
0 187ms
122ms Ping
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-octane-216112.cloudfunctions.net/pixel
Requested by: Host: tru.am
URL: https://tru.am/scripts/a/reuters_pixel.ac4d8a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=utf-8

Response headers

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
16ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=231683795448623&ev=ViewContent&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&rl=&if=false&ts=1643258614522&cd[content_ids]=%5B%222746649369%22%5D&cd[content_type]=product&cd[currency]=USD&cd[product_catalog_id]=227623085888646&cd[value]=1&cd[content_category]=&cd[te]=0&cd[lc7]=0&cd[pv7]=0&cd[pv15]=0&cd[pv30]=0&cd[sd]=0&cd[dur]=0&cd[ls]=19019&cd[s1]=1&cd[dv7]=1&cd[dv30]=1&cd[dv]=1&cd[n]=1&cd[l]=0&cd[pp]=0.2952755905511811&cd[top]=0&cd[lc]=0&cd[ujl]=1&cd[ppjl]=0&sw=1600&sh=1200&v=2.9.51&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1643258613653.2106692258&it=1643258613365&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 27 Jan 2022 04:43:34 GMT

POST
H2 204 /
684dd327.akstat.io/ 0
202 B 56ms
55ms Ping
image/gif 2a02:26f0:1700:391::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd327.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GUXHP-DSJ3S-GQA6N-F2B3E-4TCYW

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:1700:391::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:34 GMT
content-type: image/gif
access-control-allow-origin: https://www.reuters.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 27 Jan 2022 04:43:34 GMT

GET
H2 200 11.99ce60fd565cd1336d67.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 57 KB
18 KB 31ms
31ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.99ce60fd565cd1336d67.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Requested by

Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cabc422402741aa05fbdefbb1c6863711b022a87a04746161126287968bb512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154880
cf-polished: origSize=58885
cf-ray: 6d3f522558f491e1-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Jan 2022 00:24:51 GMT
server: cloudflare
etag: W/"e605-17e5b1f6438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 3 KB
2 KB 133ms
132ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_8qfK42aZO5fsR2R&Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.99ce60fd565cd1336d67.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d122f2f868c149102baf4d821a302209b9509956af855b93c0bd369e1f5b8c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 8
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.reuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 66ac4e6b2e91da79
cf-ray: 6d3f5225994c91e1-FRA

GET
H2 200 articles-by-section-alias-or-id-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 50 KB
11 KB 42ms
41ms Fetch
application/json 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/articles-by-section-alias-or-id-v1?query=%7B%22called_from_a_component%22%3Atrue%2C%22fetch_type%22%3A%22collection_or_section%22%2C%22orderby%22%3A%22last_updated_date%3Adesc%22%2C%22section_id%22%3A%22%2Fworld%22%2C%22size%22%3A6%2C%22sophi_page%22%3A%22article_*%22%2C%22sophi_widget%22%3A%22section%22%2C%22website%22%3A%22reuters%22%7D&d=69&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

2b1ca472c359d556dce9b3e257f1fabd0891613f3e9651cbe742a3257971bf4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10322
last-modified: Thu, 27 Jan 2022 04:43:01 GMT
server: openresty
etag: W/"c939-9YvJp5mPx5BheAQdKo7XPt1XbbQ"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=267
x-amz-cf-id: zzTR-MBnZGA5AWEJttweX_nB0aRUVLhkJ5lsRtd12v1b5QhDzYhU2g==
expires: Thu, 27 Jan 2022 04:48:01 GMT

GET
H2 200 articles-by-section-alias-or-id-v1 Show response
www.reuters.com/pf/api/v3/content/fetch/ 317 KB
55 KB 42ms
42ms Fetch
application/json 65.9.61.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reuters.com/pf/api/v3/content/fetch/articles-by-section-alias-or-id-v1?query=%7B%22called_from_a_component%22%3Atrue%2C%22fetch_type%22%3A%22section%22%2C%22section_id%22%3A%22%2Fworld%22%2C%22size%22%3A40%2C%22sophi_page%22%3A%22article_*%22%2C%22sophi_widget%22%3A%22related%22%2C%22website%22%3A%22reuters%22%7D&d=69&_website=reuters

Requested by

Host: www.reuters.com
URL: https://www.reuters.com/pf/dist/engine/react.js?d=69

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.61.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-61-9.fra56.r.cloudfront.net

Software

openresty /

Resource Hash

e03ef8aef58bb12768576907c85dcf62f190cca47d033d3e09b1e9253c2c45c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/world/chinese-hackers-target-german-pharma-tech-firms-2022-01-26/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 55673
last-modified: Thu, 27 Jan 2022 04:39:08 GMT
server: openresty
etag: W/"4f2b4-JTzOpawUxO9UMohmZVzJApiTpug"
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
cache-control: max-age=34
x-amz-cf-id: Q8TQAZWyi31QQ-7oDIx36mlpgPi0iWYdzXz3Dw9e6TOWdnfM0LST3A==
expires: Thu, 27 Jan 2022 04:44:08 GMT

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
141 B 177ms
177ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=event&ni=1&_s=4&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB%20Test&ea=sophi.widget.load&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&cm26=1&cd102=2&cd99=direct&cd100=none&cd129=arc&cd130=arc&cd135=section&cd136=article_*&cd137=NA&cd138=NA&cd139=true&cd140=Arc%20selected%20by%20optimize%20but%20Arc%20already%20identified%20due%20to%20timeout&z=1881300849

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame FFC5 0
15 B 17ms
17ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 27 Jan 2022 04:43:34 GMT

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
141 B 176ms
176ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=event&ni=1&_s=5&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms%20%7C%20Reuters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AB%20Test&ea=sophi.widget.load&ev=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&cm26=1&cd102=2&cd99=direct&cd100=none&cd129=arc&cd130=arc&cd135=related&cd136=article_*&cd137=NA&cd138=NA&cd139=true&cd140=Arc%20selected%20by%20optimize%20but%20Arc%20already%20identified%20due%20to%20timeout&z=649096127

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
32 KB 32ms
32ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.99ce60fd565cd1336d67.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2355a4068537264e1c7f0e308f92cd3200ef2ffe9b3cd18604d0da5749952e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154879
cf-polished: origSize=104073
cf-ray: 6d3f52269af791e1-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Jan 2022 00:24:51 GMT
server: cloudflare
etag: W/"19689-17e5b1f6438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

POST
H3 200 / Show response
www.facebook.com/tr/ Frame ED0A 0
15 B 17ms
17ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 27 Jan 2022 04:43:34 GMT

OPTIONS
H2 200 tp2
collector.sophi.io/com.snowplowanalytics.snowplow/ Frame 0
0 105ms
105ms Preflight 15.197.164.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.164.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab5547fe103db6c64.awsglobalaccelerator.com
Software: sophi /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.reuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.reuters.com
access-control-max-age: 5
date: Thu, 27 Jan 2022 04:43:34 GMT
server: sophi
vary: Accept-Encoding
content-length: 0

POST
H2 200 tp2 Show response
collector.sophi.io/com.snowplowanalytics.snowplow/ 2 B
114 B 108ms
108ms XHR
text/plain 15.197.164.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.sophi.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn.sophi.io
URL: https://cdn.sophi.io/latest/sophi.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.164.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab5547fe103db6c64.awsglobalaccelerator.com
Software: sophi /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
server: sophi
vary: Accept-Encoding
p3p: policyref="", CP="This is not a P3P policy"
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
content-length: 2

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
141 B 176ms
176ms XHR
application/json 34.210.41.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/IEWBqQ8VWHijTQxb7lEBGFGS9uIJzigZ/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.41.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-41-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:34 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
17ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=312961195854690&ev=PageView&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&rl=&if=false&ts=1643258614813&sw=1600&sh=1200&v=2.9.51&r=stable&a=seg&ec=6&o=30&fbp=fb.1.1643258613653.2106692258&it=1643258613365&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&exp=p0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Thu, 27 Jan 2022 04:43:34 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=pageview&_s=6&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&dp=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&cm26=1&cd102=2&cd99=direct&cd100=none&cd129=arc&cd130=arc&cd135=related&cd136=article_*&cd137=NA&cd138=NA&cd139=true&cd140=Arc%20selected%20by%20optimize%20but%20Arc%20already%20identified%20due%20to%20timeout&cd8=0&cd19=Page%20Load&z=476322576

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1838375470&t=timing&_s=7&dl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&dp=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&ul=en-us&de=UTF-8&dt=World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2737&pdt=3&dns=125&rrt=0&srt=157&tcp=32&dit=600&clt=792&_gst=1669&_gbt=1834&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=860738656.1643258614&tid=UA-24152976-22&_gid=1230464935.1643258614&cm8=0&cd2=World&cd11=GERMANY-CHINA%2FCYBER%20(PIX)&cd4=Article-News&cd32=2022-01-26T13%3A32%3A51Z&cd10=gallery&cd9=%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&cd7=Desktop&cd6=U.S.&cd5=Article&cd31=Registration%20Prompt&cd17=Reuters&cd3=World&cd1=World&cd13=140&cd18=Chinese%20hackers%20target%20German%20pharma%20and%20tech%20firms&cd37=TQ6TS5EGOJOZFB6FW3ZYG7N2QI&cd40=World&cd41=%2F4735792%2Freuters.com%2Fworld%2Farticle&cd42=L8N2U63CY&cd44=1&cd51=GERMANY%2CCHINA%2FCYBER%20(PIX)&cd52=MTPIX%2CCLJ%2CCMPNY%2CCRIM%2CFRAUD1%2CGEN%2CGOVACT%2CHACK%2CHECA%2CJUDIC%2CPHAR%2CPHAR08%2CPHMR%2CPUBL%2CPXP%2CSOCI%2CSWIT%2CTCOM%2CTECH%2CTECH08%2CTMT%2CWLES%2CWLES1%2CWWW%2CCEEU%2CWEU%2CEASIA%2CEUROP%2CTW%2CEZC%2CASXPAC%2CDE%2CEMRG%2CCN%2CASIA%2CTOPNWS%2CFIN&cd56=leaderboard%2C%20right%20rail%2C%20sponsored&cd57=regular-article&cd58=Rcom2021&cd59=2022-01-26T23%3A10%3A15.085Z&cd77=Antitrust%2CIntellectual%20Property%2CData%20Privacy%2CHealth&cd78=Asia%20Pacific%20Telecom%20Co%20Ltd&cd79=Reuters&cd127=Anonymous&cd128=none&cd131=Register%20now%20for%20FREE%20unlimited%20access%20to%20Reuters.com&cd132=Article%20Bottom&cm26=1&cd102=2&cd99=direct&cd100=none&cd129=arc&cd130=arc&cd135=related&cd136=article_*&cd137=NA&cd138=NA&cd139=true&cd140=Arc%20selected%20by%20optimize%20but%20Arc%20already%20identified%20due%20to%20timeout&cd8=0&cd19=Page%20Load&z=489102694

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 19:39:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32616
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4.2e5f51b0c9ab80bf1167.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
907 B 29ms
29ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.2e5f51b0c9ab80bf1167.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abf7008c3f179c1383ce51fd23d1f8580d6f07954f1784337bd587c102015b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154878
cf-polished: origSize=2539
cf-ray: 6d3f5226eb7591e1-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 3
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Jan 2022 00:24:51 GMT
server: cloudflare
etag: W/"9eb-17e5b1f6438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.dee2bbcacb8e0ac476d0.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
6 KB 32ms
32ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.dee2bbcacb8e0ac476d0.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
URL: https://zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_8qfK42aZO5fsR2R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e49e4d13510429151041b908394e442687568866cc2a0861b6f7aa5e43d01ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154879
cf-polished: origSize=29269
cf-ray: 6d3f5226eb7691e1-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Jan 2022 00:24:51 GMT
server: cloudflare
etag: W/"7255-17e5b1f6438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
23 KB 33ms
33ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.99ce60fd565cd1336d67.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 154878
cf-polished: origSize=66052
cf-ray: 6d3f5226eb7891e1-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 4
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 15 Jan 2022 00:24:51 GMT
server: cloudflare
etag: W/"10204-17e5b1f6438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1023 B
686 B 74ms
39ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_7TzTPCwT5Py0QUl&Version=15&Q_ORIGIN=https://www.reuters.com&Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.99ce60fd565cd1336d67.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddbe1df4de4f027d7c9e59ad7969c836a21d37c843fcab1c09b18340cfc1bc95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 163231
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 25 Jan 2022 07:23:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Fri, 23 Jan 2032 07:23:03 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6d3f52271c5c6903-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 70ms
36ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9YcuSxbz7r7Av5j&Version=14&Q_InterceptID=SI_7TzTPCwT5Py0QUl&Q_ORIGIN=https://www.reuters.com&Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.99ce60fd565cd1336d67.chunk.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=www.reuters.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90ae59b37ebef8f14d2421e3ed4e3017fc343c4691f10bc41171cac3854e63aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 526207
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 14
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 21 Jan 2022 02:33:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Mon, 19 Jan 2032 02:33:27 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6d3f52271c5d6903-FRA
servershortname

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
227 B 35ms
35ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_9YcuSxbz7r7Av5j&Q_SIID=SI_7TzTPCwT5Py0QUl&Q_ASID=AS_18129256&Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&r=1643258614940

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.65.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.reuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.reuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 6d3eff8a09a31f7a
cf-ray: 6d3f52276cb36903-FRA

POST
H3 200 / Show response
www.facebook.com/tr/ Frame ED09 0
15 B 17ms
17ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.reuters.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 27 Jan 2022 04:43:35 GMT

GET
H2 206 1.mp4 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 1 KB
1 KB 14ms
14ms XHR
video/mp4 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1.mp4?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e81027df4d0e236b01a3776696f45219529cc1d037a470be9375cb302899095

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-1333

Response headers

date: Thu, 27 Jan 2022 04:43:35 GMT
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60061
etag: "7ca996f3c322e28463e79adae21f515a"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 0-1333/16035850
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1334

GET
H2 206 1.mp4 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 1 MB
1 MB 29ms
29ms XHR
video/mp4 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1.mp4?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 23af55ce627e4ff3796080f7c1d10204604e7a2d00228dbe34b5da55b305d6df

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=1572365-3041239

Response headers

date: Thu, 27 Jan 2022 04:43:35 GMT
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60060
etag: "7ca996f3c322e28463e79adae21f515a"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 1572365-3041239/16035850
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1468875

GET
H2 200 tag Show response
pandg.tapad.com/ Frame D81C 415 B
922 B 79ms
25ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=CPTdV2TPTdV2TAcABBENB_CgAAAAAH_AACiQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAASAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA&referrer_url=&page_url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&owner=P%26G&bp_id=freestar

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

81c8303f7f9ca00248d3a3a95a6ce3b28305b227c46c1efe2a1e292c91947838

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.reuters.com/

Response headers

date: Thu, 27 Jan 2022 04:43:35 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 415
via: 1.1 google
alt-svc: clear

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:34 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D81C 70 B
265 B 134ms
43ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=97d19490-fa47-402a-95f2-2b4796b4fe24&gdpr=1&gdpr_consent=CPTdV2TPTdV2TAcABBENB_CgAAAAAH_AACiQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAASAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA
Requested by: Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=1&gdpr_consent=CPTdV2TPTdV2TAcABBENB_CgAAAAAH_AACiQAAARDAJMNS8gC7MscGTaNKoUQIwrCQ6AUAFFAMLRFYQOrgp2VwE-oIWACE1ATgRAgxBRgwCAAASAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgKkWignsrEEoO9jTCEMs8CKBR_RUICNZogWBkJCwcxwBICXiyQPMUL5AAAAA.YAAAD_gAAAAA&referrer_url=&page_url=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&owner=P%26G&bp_id=freestar
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jan 2022 04:43:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H/1.1 200
OK sv Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sv?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:35 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:38 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 107ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081147&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=beabd242-f1ca-4210-b94a-4e23b35a7b18&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 106ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081146&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=1d18b48f-6969-4a49-a73c-43b367e8b4e7&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 106ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081149&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=dbbabc40-2403-4ee1-a177-a62acea45bb2&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 107ms
106ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081151&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=5f909870-a8ac-403a-9a1f-ea66f80646db&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 107ms
107ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081150&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=ca1c84ce-eb22-4a39-9ac1-d3f1790fa861&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:39 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 ad Show response
ssp.lkqd.net/ Frame FDD8 168 B
355 B 107ms
107ms XHR
application/xml 146.20.132.148
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.lkqd.net/ad?pid=593&sid=1081148&output=svpaid&support=html5&execution=any&placement=&playinit=auto&volume=0&width=832&height=468&dnt=%5Bdo_not_track%5D&gdpr=1&gdprcs=undefined&ip=217.114.215.131&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&pageurl=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&contentid=%5Bcontent_id%5D&contenttitle=Tonga%20eruption%20could%20offer%20clues%20on%20planet%20formation&contentlength=118&contenturl=%5Bcontent_url%5D&rnd=22917d97-86f2-4cd6-8434-f73e6e767c3b&us_privacy=
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.148 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://www.reuters.com
date: Thu, 27 Jan 2022 04:43:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 168
content-type: application/xml; charset=UTF-8

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame FDD8 0
316 B 111ms
111ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame FDD8 197 B
479 B 231ms
231ms XHR
application/x-protobuf 18.222.235.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=147588
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.235.185 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-235-185.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: dce6a92924752103e78e60ec50f1e352ebe3094fb7fa9c274a37b611da97d61a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Thu, 27 Jan 2022 04:43:43 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.reuters.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 182

GET
H2 206 1.mp4 Show response
vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/ Frame FDD8 1 MB
1 MB 16ms
15ms XHR
video/mp4 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/19b44c24-ce2a-451a-8c4e-0517cc00f957/1.mp4?playerId=0245e3a1-43c3-489c-8708-2e641bbc1608
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 415f723b766616b96c7f3e763a211e43def4e6b4c9f42560b3bb477fe17dbc78

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=3041240-4251961

Response headers

date: Thu, 27 Jan 2022 04:43:45 GMT
last-modified: Wed, 26 Jan 2022 10:06:17 GMT
age: 60053
etag: "7ca996f3c322e28463e79adae21f515a"
access-control-max-age: 86400
content-type: video/mp4
Content-Range: bytes 3041240-4251961/16035850
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 1210722

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dianomi.com
URL: https://www.dianomi.com/img/a/sav2/170151/6/321x214.jpg

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.reuters.com/	1969-12-31 23:59:59	Name: reuters-geo Value: {"country":"DE", "region":"-"}
.reuters.com/	1970-01-20 00:37:43	Name: RT Value: "z=1&dm=reuters.com&si=eyixbsmkpuv&ss=kywhr04k&sl=0&tt=0"
www.reuters.com/	1970-01-20 09:56:26	Name: _cb_ls Value: 1
.reuters.com/	1970-01-20 00:37:43	Name: cleared-onetrust-cookies Value: Thu, 13 Jan 2022 20:33:40 GMT
www.reuters.com/	1969-12-31 23:59:59	Name: fsbotchecked Value: true
.reuters.com/	1970-01-20 09:13:14	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Jan+27+2022+04%3A43%3A33+GMT%2B0000+(GMT)&version=6.25.0&hosts=&landingPath=https%3A%2F%2Fwww.reuters.com%2Fworld%2Fchinese-hackers-target-german-pharma-tech-firms-2022-01-26%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2CSTACK42%3A0
.adfarm1.adition.com/	1970-01-20 02:37:18	Name: UserID1 Value: 7057742001706566870
.adfarm1.adition.com/	1970-01-20 00:27:40	Name: lv_4943150 Value: w=4478129\|t=1643258612
.adform.net/	1970-01-20 01:12:17	Name: C Value: 1
.scorecardresearch.com/	1970-01-20 17:44:26	Name: UID Value: 18E2e3d5f6682a331f67f751643258613
.adform.net/	1970-01-20 01:53:59	Name: uid Value: 632639666140873558
.doubleclick.net/	1970-01-20 00:27:39	Name: test_cookie Value: CheckForPermission
.eloqua.com/	1970-01-20 09:57:53	Name: ELOQUA Value: GUID=4740D92B63EA44D2BD033A1B5E339EE4
.eloqua.com/	1970-01-20 09:57:53	Name: ELQSTATUS Value: OK
www.reuters.com/	1970-01-20 09:13:14	Name: usprivacy Value: 1---
.swissquote.com/	1970-01-20 09:13:14	Name: tc_cj_v2 Value: %29%7B%2F%241%20ZZZ~%24%7B%29%2A%28%24ZZZKPNMLORPKMJJJZZZpc_q
.swissquote.com/	1970-01-20 09:13:14	Name: tc_cj_v2_cmp Value: -%20.%20%7B-%7D%23
.swissquote.com/	1970-01-20 09:13:14	Name: tc_cj_v2_med Value: %29%7B%2F%241%20
.swissquote.com/	1969-12-31 23:59:59	Name: TC_CHECK_COOKIES_SUPPORT Value: 1
.reuters.com/	1970-01-20 09:13:14	Name: ajs_anonymous_id Value: %223072054d-6cc4-4f11-bb7f-27a275ede59c%22
.mix-phoenix.commander1.com/	1970-01-20 09:13:14	Name: tc_cj_v2 Value: %29%7B%2F%241%20ZZZ~%24%7B%29%2A%28%24ZZZKPNMLORPKMJJJZZZpc_q
.mix-phoenix.commander1.com/	1970-01-20 09:13:14	Name: tc_cj_v2_cmp Value: -%20.%20%7B-%7D%23
.mix-phoenix.commander1.com/	1970-01-20 09:13:14	Name: tc_cj_v2_med Value: %29%7B%2F%241%20
.commander1.com/	1970-01-20 09:13:14	Name: TCID Value: 202201270543331115366597
.swissquote.com/	1970-01-20 09:13:14	Name: CAID Value: 202201270543333037540414
.wsod.com/	1970-01-20 01:12:17	Name: f77 Value: !!!!!!0:1643258613
.reuters.com/	1970-01-20 17:58:50	Name: _ga Value: GA1.2.860738656.1643258614
.reuters.com/	1970-01-20 00:29:05	Name: _gid Value: GA1.2.1230464935.1643258614
.reuters.com/	1970-01-20 02:37:14	Name: _fbp Value: fb.1.1643258613653.2106692258
.reuters.com/	1970-01-20 00:27:38	Name: _gat Value: 1
.reuters.com/	1970-01-20 00:27:40	Name: sophiTagses.23dd Value: *
.reuters.com/	1970-01-20 17:58:50	Name: _sp_duid Value: b609e3f6-ce1b-480e-bb45-f916f194aeab
.reuters.com/	1970-01-20 17:58:50	Name: ta-octane.id Value: d4963f12-2d96-4445-b72c-454b3e67d831\|dc504a8a-b4c1-4358-9e66-b1e0c1c5ee8f\|1643258614525\|
.reuters.com/	1970-01-20 17:58:50	Name: sophiTagid.23dd Value: b609e3f6-ce1b-480e-bb45-f916f194aeab.1643258614.1.1643258615.1643258614.43de6807-9be4-4579-a14c-7eda46254c84
.tapad.com/	1970-01-20 01:54:02	Name: TapAd_TS Value: 1643258615206
.tapad.com/	1970-01-20 01:54:02	Name: TapAd_DID Value: 97d19490-fa47-402a-95f2-2b4796b4fe24

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://us-central1-octane-216112.cloudfunctions.net/pixel Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd327.akstat.io
a.pub.network
ad.doubleclick.net
ad.wsod.com
ad2.adfarm1.adition.com
api-reuters-reuters-prod.cdn.arcpublishing.com
api.segment.io
beacon.tru.am
c.go-mpulse.net
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.segment.com
cdn.sophi.io
cds.connatix.com
collector.sophi.io
connect.facebook.net
d.pub.network
geo.moatads.com
geolocation.onetrust.com
imagesrv.adition.com
imasdk.googleapis.com
img.connatix.com
img.en25.com
ins.connatix.com
lit.connatix.com
mab.chartbeat.com
match.adsrvr.org
mb.moatads.com
mix-phoenix.commander1.com
mixcommander.swissquote.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
s.go-mpulse.net
s0.2mdn.net
s1319934923.t.eloqua.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
ssp.lkqd.net
static.adsafeprotected.com
static.chartbeat.com
static.reutersmedia.net
stats.g.doubleclick.net
track.adform.net
tru.am
us-central1-octane-216112.cloudfunctions.net
vid.connatix.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.se
www.googleoptimize.com
www.googletagmanager.com
www.reuters.com
z.moatads.com
zn8qfk42azo5fsr2r-trdigital.siteintercept.qualtrics.com
www.dianomi.com
104.17.209.240
104.18.22.230
104.89.22.29
142.250.184.226
142.250.185.166
146.20.132.148
15.197.164.148
15.197.193.217
151.101.130.137
151.101.66.137
18.222.235.185
2.18.235.40
2001:4860:4802:36::36
209.167.231.17
209.234.236.20
217.79.188.21
217.79.188.60
2600:9000:214f:d400:8:48e:53c0:93a1
2600:9000:223c:1c00:18:1fcd:34f:cdc1
2606:4700:10::6814:b844
2606:4700:20::681a:18b
2606:4700:20::681a:374
2606:4700::6810:9540
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c08::9c
2a02:26f0:1700:391::11a6
2a02:26f0:64::214:84a9
2a02:26f0:7100:594::11a6
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::714
3.9.133.15
34.210.41.193
34.254.48.82
35.181.29.184
35.181.77.138
35.201.71.192
35.227.248.159
35.241.45.217
37.157.4.28
65.9.61.37
65.9.61.47
65.9.61.9
99.86.0.85
99.86.3.75
04e356eb2d90d21d7bc8615f25e38ab29d06c041750e83cda2012dac93cc396b
06190b79a97d5b982e9f9f1c74725ca5b3eb4c0d0344a690ba544d070a10ccfa
06e0054acdff4e3b3e92d08ba8fe66b74560725776b0779d1f853c5d212d15f9
0863882f1d6ce836e3dcf7123e95e2c188fd7d4eda775c696ded7e1d82c61080
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
0a07b798c12b3129fceda1ad39416f2e147d5bf54af9217f12f71a1f44f0162a
0df32c790bf3e270685bc509c332943cd48fb6fb60cb8bce8d2ce0c33782fa91
0fbf6b20ca8f68612f1098f441a82d074e8849005aa0582cea54e4331dc7e253
102c8237713d95e20f30d154acf0ea18beb3d14904e2634cc829ed650288a1e2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f2394f38f5bc5c65c4d2efd29ec4ecdfa849e4222236730d048b9946cebcfc
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
15ff6ca9adda6b1c8dc42c28e85a8380595c5ba36dd6c90d6e640c729a02553b
17a840652b17956a15ed08dff30891e66581d61db4eb80f5aa9cf9b8dfd75eec
1ac1e5c65815a9f5783fa8ea9b83dcbeeb75933ac72207346b30b525860f3d5d
1b81bfa5da5d34039ae6813d48de677c6cafcafc84cc769538121488ff52afda
1bfc44039c36dd275b360e61673c760eafc880b5374e93b40b2f5bf09a07798a
1cc9f616bd372ae964eec0a11061ac73c070372be1f6442dda535b69b12cb28d
1e49e4d13510429151041b908394e442687568866cc2a0861b6f7aa5e43d01ae
21a3b531897649925c45149884f37d46c134870ec77e44ce0879ff142eb64d25
22fa83bbda6b50948410d7f09e2e2d0ebe1b093514e8d207d57c48203b463b49
23af55ce627e4ff3796080f7c1d10204604e7a2d00228dbe34b5da55b305d6df
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2966f4808cdde4d3878e5dcdee63eaed6844c23c8eb96f4ead3a1c86c7e14058
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b1ca472c359d556dce9b3e257f1fabd0891613f3e9651cbe742a3257971bf4c
2c2355a4068537264e1c7f0e308f92cd3200ef2ffe9b3cd18604d0da5749952e
2c592c34b2e4a372219ac6d33bda6828183ee534a0219d221ece5be22d80e29f
2ea3a633a289509de132eec82b694cfdd3206658bd5e61464fe44b8e6d897a48
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2fb46fbb3363d97fbeb90b5f84bd30e2b7e8b5cfb53403386f3f398252ccafde
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
37ecbfbbae76b691b860b15f2e5088c50cf3b88566c80fc63fb393f47573275c
3bee09fef7ab18fb3388be07f89250b896ded47f3340b1b2f699ccccf2d23c24
3c05ede94f8f8bd2339247ce0a13c3fa22a310604d3eb9c81dede81bf9ccdc03
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3def8d84e6ac1244f07fa20d497643ca8189cdd120cf2c0235c3173dc94e1685
3e81027df4d0e236b01a3776696f45219529cc1d037a470be9375cb302899095
415f723b766616b96c7f3e763a211e43def4e6b4c9f42560b3bb477fe17dbc78
439cb5cd41dee3561901e445e01241fb296bc83579cec2dc81807b0be26c76d7
43fdd9a3f7e71eccd6371fc2bfaff9f7b67cd43d9679df17d62d3106df9711f5
455372fc80b89b749b6e4dc7f52a72ab537221925ab89dbaaee63a137eb09942
45610b21279531a97f9566b0f0f8a1d287a45ae4bc6bc545971af5cd7e393cc6
45ff25cf64a14e1b0982a1d7ea8e50b230907766c979c6c30cd6625ee05e0046
4604f581eb8864f5f8e3d6a4b7233c790b329806652d4d0bb16ae2aab9474b2b
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4c5053477ae2a18539b3495c34109ef0d3a288e105381135352d4226a30465ca
4e3ed59a70785f64143100a87991612569cb025d2d10a6d2cabe6ffba30b7eff
4e75f5bbf505e72bd2fc760536a94e16ee82202ec60757a8815a0273dc5ae85d
50d59062593b0b884fa49924ac66884d15b26f2457dfeba651be9e26eab07e10
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
584dc568516312ff88d6e4fc47ed3e294039a27a900b4be7e92dcf1ac247eea4
5afe32170dcff4ec95c4b3b913c96c2b6550e972d330e2783221f8a2839f6c41
5b143bb278312eb3934774742a6f0af08a1bef2f0fdcd93931b72e110c84c43b
5b61037f2a0dc4226ad7b44b7333db248f57c50813399cd778bba889e9568456
5cabc422402741aa05fbdefbb1c6863711b022a87a04746161126287968bb512
5da9f8b76dd02ec052fec4ce05b95e7f97e7b5bf5001c840d0eb1ac6799ff50d
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
64a68ff30a084306f0748da59c095a6a3a1b2f255dd7b9e528a5e30d3d23145a
64dbf56729c9134ca42cb606dcd084d436c059c7a1a673a66a614c1a2465b0fe
65c974a8488baa298fc5e279a6c6bdb088d462f11703f7538b0fb29b9d56d384
67d99f2a20922f66f7fcad4b52ead2be54e02c83a705103400137bf4c239a508
68fdb8366b06fbd02f5cd29a38a8aaea10bd514bfba8cf175efb700576099ab5
6a3187faa5db2e775c2e66b02056783833e2b5378efd3f396f7595dba1065010
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
70503c92bcbb8105d95ec4de2012f23098c3383586e95323e4b3384b56af4beb
7350a454f7ab09fab322283b711fd5710786aab4ae8a996aba57c666483384dd
777ab0cb5c6ffd6b2d455918b8df70fdb4c74ecb18d62f54be1afdaf3733c10d
7b05f5839fe2717da5588b517c4498ae0ce5541e259ed9ec1309f1957c4d4681
7f0a757886d4e5f0a65aba918fa0c14037f4bec4221075a0973e3c2365a411c3
81c8303f7f9ca00248d3a3a95a6ce3b28305b227c46c1efe2a1e292c91947838
83370007052e2c177a2d1fed65528b60d76331558b4922e1253349d2cbeecdbc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a4ea58fa6dbd607e1ee905d0e95460afb43b8c33e3675a3098b52f6ff60a05
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
88b9500ffd2c20492c4b3d9b37c91d33c3c261869eff0904bad42cf973ea768f
8a5612a36e4bcdf3465892ae73f49b659c750e1b2f22bae3df7ba293eb6fe90f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbc3f1a033b6733e96a5af1bc89d6f8ab68a5d533dcad72d56bd019e3b5b6b5
8f9bc2cc5328c33c00511f82ff2d0354ea2cbb6fffceb0fa0d68569b2edb7e1e
90244bc1d0cfff3b142043e18428d00f04f745b5227d8d50b151177f84f56f43
90ae59b37ebef8f14d2421e3ed4e3017fc343c4691f10bc41171cac3854e63aa
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95d045637194e2cf561c94a509e782b5699fe680237a4b19a90662b5cc66b1e1
99781410070a5dd4d753fdb8a46f4272082b5be64541dcfcb1b2d3c4aea09c6c
9ae656c21ca50980a3788579628230e49808f5c8003e6d45393fb4c6cc5d0f64
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
a0e55ebe68f0c7e98f4c33f8eef488a0713988555f79f5f5e25b3046d5de3822
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d9a53ebb5c78c3620d13ac02267d0df89e3d62778c29d303d2ce01b842e036
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a424a87a0a86cfc43671713b4c590bf2fe07acc4e201c208a6b99c3d3dc474b0
a4f18b05f1a917f84cd32db7732188648896066051d776248adbe9a17956bf11
a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc
a9a4093129209ee8df38f9441bc8ea31317ea9103b2feb86bab6003e989d7ee5
aaa227b06291a195af0c1104fd9c2e6ebe4c8e8821b2d5c661a4d72fb0181c58
ab1da217654d2b2ef63ae0ea7a221b6f68df2f3434a440bfe44e65a023f9d7e2
abf7008c3f179c1383ce51fd23d1f8580d6f07954f1784337bd587c102015b9c
ad3b323f96182145a458a80a3855cb17c0f5f9e2704fbbbc0a1f5429601ae9fa
ae62fb7dca96004b13d628bf9deaa48d592259489d50369e6998929cfafe590f
afc17d399c958df54a4095fe9f043a13b336391c26432b28a68dda21e9bc09c1
b2ab840a8734ebd6a051c7611539037da47878ac8c1f240f685fd45e1d091ca8
b2c85ebc6a8ec07b7503f99a175e3420507c50e26345b7e370fe7b794eec64d6
b34e6b19ee1bbe26115cfbc6d52f84729c5c473ca88a78a2ef3e46b51b486f22
b36329673a3e530d3fb838f00b44995b9ca6f56c1b078a3d7204f2cf6d5c1902
b38fa982220b795bbe89209661fa157d83fd866a2b57acc0bb95151633689b96
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b4fd776726bd423d137cf6ad737f786282024cb1cf3ff7c33861e72afe42dbbc
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b6cdcc8303b1ec0129c4a53d087130bbb23881f983813c3f9db769968dd64359
b77de466b797fbd555325f1c043c042fcdd071d7a6c62808016a4c8d3b1659b4
b980c69e63b9107e3e3b6be86791376927c84e91f3c77aaba0d29c8f9afe5f0b
bb321f8a336512e15038b6162588a288384c18463de7d60af4a04c6d950b2248
bc966037ee8b0a7b452634ae81508a813f38544c203cb40b69828b4e11b91ed2
beb4ca133a3db18fa219eb8864b96423f719fc765cd4e901a65afbc726c7c46c
bfb1a28a47459f42aeba386db24a7ed646447869f5e2437d67ddc224548c2ebd
c01300a23176847ad225adc6cdc81fa2ad9d1dcabbdc1aabc198c2d91ea1d70a
c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd
c08295827748b1348ed0268d4127449073ff72f11a4afd9606437bb584a18ef2
c20a84a091dc60f36ffe0ac3d4d1e61275a6202ac19f40aca619eb95a99f77eb
c3c8211684174b460c199953981803ff87bcf44aa2fa112dae39255e8a34d6ae
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c672b831e35267354c50b40b9ed6ec9d0a72204536cf84f85acd8bb462bb4c22
c7596225b83ec93e7848a667146f52a7cd839400633482eb88efc6c732ea656b
c7644f1bd3b04c1b6fb00354cdc363258a48044d85946bd2ce287c7fbfb0aed3
c7e2bafe67ddc0b94430f6bc1a6dd3e97093163241d92d9481345d25730fc6c1
c964a119df1de2b0f43b0ec3d241a56a91246b535ff80de29b17005f86374212
c98a9407aa6ce90ad5defb63049c1b072e35824a1a963ccc9f7c4fb3b51ee58b
cdcdd9d4534fb16565988178546594a53075b2ceabe280b0932930f5e8bd5e7e
d09167f00ed578dbc7bcb03da8989986aa6b3da43aecc815fe2fbd572617e638
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d122f2f868c149102baf4d821a302209b9509956af855b93c0bd369e1f5b8c7d
d145a12e7210db6dabb1dda4d8940c8a6c7f0db1366c9dca62e7ee1ddb0e2862
d254f3fb008970024bb224b71eb172ddce9cc5ba18814d98c55bf25e69af7f14
d34c07eaa830fc05ed9bc3482d721ce5e8f813b8a5a082fe77927ea7be195503
d3e228dfa98127bc8dfa5cfd300316ab16440248ed0159e034c86d290a172a40
d4fa79afcf5a5cc5a0f12dedaf825f11530e6397d723fe7044cd37ba3c248e57
d543afd6d4022eda522375c0fc8bacfa037fd69312e70a8d42ec4e7d90e3575a
d6ac4a3b8c35118c650b323b1e7ec163dbc7fe6b8f0f664486668cdc1191bb8c
d6f9bc648e2f554c2e5f6c26537349896c863d4a637402ab2abef0023bf84aff
d7d62426c6b87d35cef5c2c873355aa44edffcf4a7f927f1c51b10694ea4f6ed
dce6a92924752103e78e60ec50f1e352ebe3094fb7fa9c274a37b611da97d61a
ddbe1df4de4f027d7c9e59ad7969c836a21d37c843fcab1c09b18340cfc1bc95
de64cce431e006aee387b3a96a94ae3891de8bc466bd40373b605ad1ae048a60
dfeb7783a538aaf85df056bf149c808937dccdb3e3af5714d6fba017054e2f94
e03ef8aef58bb12768576907c85dcf62f190cca47d033d3e09b1e9253c2c45c7
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f02e9d367192c2c79c674f41b7eae83bcfe93c4e6fcfc5e7d1e34cfa2b7d00
e5909a70b2b37f734dba6ff8fa478371f28c2ea57650e104065b99bd5a59dfef
e6b0e0247f8ad09ea857f4cf16fdf3db48c89a6dd049aa61e518adbc06e27e60
e9d2c46c066f467075f660ce433454604cc47e8af960e10f640373c39baafc69
ea3fe162acf833eeaa8d69af18bbf42dc274cd3cd76a4f2199a8fb404915a38a
edef98e5064e4b208a52704bbd332714cd35547a020d7892b694f1386de7e7dc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5c003a8eb338c3606499ed78b6a879b129f448b5645eadd3dc6754ec0afacc
f01d25f7a76e0682a7a43230c32bef653eaf28b8a6f7a683ebb88bf8c6aa4f50
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f35a279e1ae0044ad0f8eab1c3d0569e707f13a2894f43b15e0de447098bee44
f40324c6a937e60837502f141fdcfc56523259d80549379354d061a03f43cd08
f408988b3494dd5f48e40669fc4a8ae500d34df363bcda1638d3d6aebc943c3e
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f4a22ff571291a394a6222d7b4579e03f154421c5df7c826fec69ba181299256
f78d85809ffe7e247ba551d99c3bd14c8b677055409d98ae05fd0d0a768dc554
fbfb05af1bc279eaa1e2dd91520555bc9d2118868e1f1bb035baab94c760688e
fc9cd1ee28cd0b7187f0e73923d799e13027697e01ff217c2007fffdd4c0b873
fe035b6ff2394b9fc9b4dad0acc9050d633269a5efa7cfeac7e6b8fdc12b7065

www.reuters.com Open in urlscan Pro 65.9.61.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

237 Requests

95 %HTTPS

42 %IPv6

42 Domains

59 Subdomains

50 IPs

8 Countries

7225 kBTransfer

15812 kBSize

36 Cookies

30 Outgoing links

Redirected requests

237 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.reuters.com Open in urlscan Pro
65.9.61.9 Public Scan

Screenshot
Live screenshot

Full Image

237
Requests

95 %
HTTPS

42 %
IPv6

42
Domains

59
Subdomains

50
IPs

8
Countries

7225 kB
Transfer

15812 kB
Size

36
Cookies

237 HTTP transactions
0 data transactions