www.thomsonreuters.com Open in urlscan Pro
2600:9000:2490:5a00:1b:b66f:bac0:93a1  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

• https://cm.everesttech.net/cm/dd?d_uuid=34884185424254924033423988194150162195 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4VRsQAAAF9P2QMx

Request Chain 82

• https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=7Kjl3O-qv9v3-eWM7aLwiLujvtz3o-uM46IcbPqT

Request Chain 85

• https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631801578419126318

Request Chain 88

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTRWUnNRQUFBRjlQMlFNeA== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WTRWUnNRQUFBRjlQMlFNeA==&google_tc=

Request Chain 89

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y4VRsQAAAF9P2QMx&expires=90

Request Chain 90

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4VRsQAAAF9P2QMx HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4VRsQAAAF9P2QMx&C=1

Request Chain 91

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=Y4VRsQAAAF9P2QMx HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY4VRsQAAAF9P2QMx

Request Chain 92

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4VRsQAAAF9P2QMx

Request Chain 93

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4VRsQAAAF9P2QMx

Request Chain 94

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y4VRsQAAAF9P2QMx&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y4VRsQAAAF9P2QMx&img=1&__user_check__=1&sync_id=76cdd82b-6f7c-11ed-99be-16a7f9820206

Request Chain 95

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y4VRsQAAAF9P2QMx&t=2592000&o=0

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pay Show response www.thomsonreuters.com/en-us/account/billing/guest/	5 KB 3 KB	239ms 103ms	Document text/html	2600:9000:2490:5a00:1b:b66f:bac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:5a00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 099aab8900be4b5e395a51788bb17e8baffd20337ec1be01410ffc6ec7718766 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=900 content-disposition inline content-encoding gzip content-length 1919 content-type text/html;charset=utf-8 date Tue, 29 Nov 2022 00:26:24 GMT etag "12f0-5ee85685d8561-gzip" expires Tue, 29 Nov 2022 00:41:24 GMT last-modified Mon, 28 Nov 2022 10:33:52 GMT server Apache strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding,User-Agent via 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront) x-amz-cf-id YdXlxn-c4ZxZTiiuOo51wP3oU45cw58tVngIXLxV3WSzQIWjz2kbMw== x-amz-cf-pop FRA56-P6 x-cache Miss from cloudfront x-content-type-options nosniff x-dispatcher dispatcher1useast1 x-frame-options SAMEORIGIN x-ua-compatible IE=edge x-vhost www.thomsonreuters.com
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 8 KB	29ms 12ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 bKkFjZE43AfZo3jm8gqLew== age 3855 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 7151 x-ms-lease-status unlocked last-modified Fri, 25 Nov 2022 09:17:45 GMT server cloudflare etag 0x8DACEC5E9C800F3 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 205f9382-f01e-0007-272b-012e63000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7717362ec8e09b22-FRA
GET H2	200	bootstrap.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/	184 KB 53 KB	161ms 8ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/bootstrap.js Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 055e81464c610a526a99b6a2dbd5192215b94833a232caed5b881025bd91eee4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:08 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:35 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58637 etag W/"ae81f94938291edd617e2c04fbb23a18" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id eEfRYy1xhlE05LCqxc2bCZt0XXAgEImC7h6vV_rnJ9KjcKKwSaqBJA==
GET H2	200	143d5191-c678-49f6-8ac0-376dfe324de7.json Show response cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/	5 KB 2 KB	34ms 19ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/143d5191-c678-49f6-8ac0-376dfe324de7.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 A9gHZn55h3f5NJaBoJG35A== age 48971 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1661 x-ms-lease-status unlocked last-modified Mon, 11 Jul 2022 12:46:07 GMT server cloudflare etag 0x8DA633B52D706CE vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b6f8a47d-801e-0143-4a3f-95b45a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7717362efa559136-FRA expires Wed, 30 Nov 2022 00:26:24 GMT
GET H2	200	launch-f185a872eb60.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/	326 KB 91 KB	86ms 24ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 0ec7fcc5a801028acf2d61045f3b0aeba397355e0ba82aec2ff2e788f7c7753b Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip last-modified Thu, 15 Sep 2022 18:52:28 GMT server AkamaiNetStorage etag "306e3b44df2929d6b7cbf18057366715:1663267948.484144" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * expires Tue, 29 Nov 2022 01:26:24 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	66 B 312 B	52ms 36ms	XHR application/json	2606:4700::6812:1a55 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:24 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 7717362f3930bbb5-FRA access-control-allow-headers Content-Type
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.16.0/	374 KB 83 KB	13ms 12ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 dGCXlveaBvO7BI0nfZKP+g== age 3818 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 85065 x-ms-lease-status unlocked last-modified Thu, 06 May 2021 19:31:04 GMT server cloudflare etag 0x8D910C57D52F14C vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 478a2812-101e-0120-2a59-03f27f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7717362f69eb9b22-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/	409 KB 65 KB	15ms 15ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 TscT8/g6J4N6PovEsmWNuQ== age 48969 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 66415 x-ms-lease-status unlocked last-modified Mon, 11 Jul 2022 12:46:32 GMT server cloudflare etag 0x8DA633B622C3708 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 412d5dae-701e-003f-543b-956f3a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 7717362f9b319136-FRA expires Wed, 30 Nov 2022 00:26:24 GMT
GET H/1.1	200 OK	id Show response dpm.demdex.net/	4 KB 2 KB	684ms 180ms	XHR application/json	52.213.58.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1669681584622 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.213.58.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-58-50.eu-west-1.compute.amazonaws.com Software / Resource Hash faa5b53e43d47398fa2da1b8f5ee53f75c4fc54d98e9e423d3683b3f07aa84c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-1-v045-0333db6ef.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID QCUNhSIPS8E= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.thomsonreuters.com Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1329 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	EXae70bb9edaa44c4ba5127bb69de145a6-libraryCode_source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/	45 KB 17 KB	22ms 21ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/EXae70bb9edaa44c4ba5127bb69de145a6-libraryCode_source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash fd924e7b3774a8fa2872a09019aa94a576f79d0ee24f14fb653a51f612e50d18 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip last-modified Thu, 15 Sep 2022 18:52:29 GMT server AkamaiNetStorage etag "77ee74d5bbc1c7685d9daae29d8cf862:1663267949.25603" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 16757 expires Tue, 29 Nov 2022 01:26:24 GMT
GET H2	200	AppMeasurement_Module_AudienceManagement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	25 KB 9 KB	14ms 13ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers unused62 8096267 date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "26a8cd142b539700557eb4710c3d56bd:1644856531.982003" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 8753 expires Tue, 29 Nov 2022 01:26:24 GMT
GET H2	200	852.6dc6fa74.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	1 MB 367 KB	12ms 11ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f9defa52605ab65c4ef02b3eb558140299c540a5f87250be1cc22f1440cc3575 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:09 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:50 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58636 etag W/"28e72e7d72e4211b2e1b234ca90f020e" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id WZIrNanT6w-FreanIDN2L8vfVxlumTMAAmkh_Obbo9pcZKn0ITvb0Q==
GET H2	200	app-main.e758d86c.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/	375 KB 55 KB	59ms 58ms	Stylesheet text/css	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 04b4ba9d913a98dbd7de5018434adafde45694e84bff44d5f9e7d19487168348 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:09 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58636 etag W/"2202f3aa3bab8bd05fdb7be88e06ef92" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css cache-control max-age=86400,immutable x-amz-cf-id u1o6ZWXSKxttI_I1rpo03KdsFjA2n32VmGJvd15iHFIMxs2o7k22Qw==
GET H2	200	app-main.7961402a.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	655 KB 126 KB	65ms 65ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/app-main.7961402a.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ed17e36cb2a9430c195897b24aafe941327f3ac12d04a7e640655ef8d91a51a8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:09 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:53 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58636 etag W/"44e96117bdb2da229a6aeb28b8b347c6" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id dbiq12iZPCvO9Z0xFObYdIBVVHdYVt1ZJUjRQJAaA6ApnQNh84i1Bw==
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.16.0/assets/	12 KB 3 KB	20ms 18ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 DKM3/i+7h7Fs8cEMor3s2A== age 76094 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2938 x-ms-lease-status unlocked last-modified Thu, 06 May 2021 19:30:47 GMT server cloudflare etag 0x8D910C572DA86E8 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 9de90fd5-601e-00e7-3a86-18c8eb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 771736308c379136-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.16.0/assets/	62 KB 15 KB	20ms 20ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 29 Nov 2022 00:26:24 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 YaY1oSnUSTaZJLZwfr9VDQ== age 84987 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14978 x-ms-lease-status unlocked last-modified Thu, 06 May 2021 19:30:47 GMT server cloudflare etag 0x8D910C5734D5AA0 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 2251dced-a01e-001f-7abe-4f03f6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 771736308c3b9136-FRA
GET H2	200	hotjar-1846625.js Show response static.hotjar.com/c/	9 KB 4 KB	76ms 39ms	Script application/javascript	18.66.97.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1846625.js?sv=6 Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-37.fra56.r.cloudfront.net Software / Resource Hash 60c4565f2e258d5909c6c95c17017be18b7c7585049de9ace26a23c56b8509d7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:24 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/851283cbbdb0cbaffef2c9b50d2f26e2 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id NLSz0PfHi18-8e_8gDnkPiowxnIhfUl9anEzemGpmHALeSKtPSDEyw==
GET H2	200	knowledge2017-black-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	39 KB 39 KB	21ms 7ms	Font binary/octet-stream	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 09 May 2022 09:13:37 GMT via 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 17593968 x-cache Hit from cloudfront content-length 39444 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "3327c2a7977db98e49b5369fcafc658c" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id -9Sy6MbHbyWbx2pzQUcoly2FmO-aCXXDzpICO_h2-oXEyl-yC_Ovtw==
GET H2	200	knowledge2017-regular-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	27ms 13ms	Font binary/octet-stream	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221 Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Wed, 01 Jun 2022 20:42:58 GMT via 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 15565407 x-cache Hit from cloudfront content-length 39408 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "de994d71a311e3119703dd67ef632f04" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id OMrGn4OgQiMR7aFXuc2uGtuVyVZJIzu-wpRuDo-QNnE1H4LCu3ocqA==
OPTIONS H2	200	anonymous sdk.split.io/api/mySegments/ Frame	0 0	32ms 6ms	Preflight	151.101.3.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.3.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,splitsdkversion Access-Control-Request-Method GET Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-allow-origin https://www.thomsonreuters.com access-control-max-age 7200 allow HEAD,GET,OPTIONS,POST,PUT,DELETE content-length 37 date Tue, 29 Nov 2022 00:26:24 GMT retry-after 0 server Varnish vary Cookie via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-hhn4030-HHN x-timer S1669681585.974243,VS0,VE0
OPTIONS H2	200	splitChanges sdk.split.io/api/ Frame	0 0	10ms 6ms	Preflight	151.101.3.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.3.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,splitsdkversion Access-Control-Request-Method GET Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-allow-origin https://www.thomsonreuters.com access-control-max-age 7200 allow HEAD,GET,OPTIONS,POST,PUT,DELETE content-length 37 date Tue, 29 Nov 2022 00:26:24 GMT retry-after 0 server Varnish vary Cookie via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-hhn4030-HHN x-timer S1669681585.974326,VS0,VE0
GET H2	200	anonymous Show response sdk.split.io/api/mySegments/	17 B 451 B	8ms 7ms	Fetch application/json	151.101.3.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.3.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 SplitSDKVersion javascript-10.19.1 Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip via 1.1 varnish, 1.1 varnish date Tue, 29 Nov 2022 00:26:24 GMT age 142111 x-cache HIT, HIT content-length 37 x-request-id 2dl8kbn3om6 x-served-by cache-iad-kcgs7200106-IAD, cache-hhn4030-HHN x-timer S1669681585.982120,VS0,VE1 etag "1000002--gzip" vary Origin, Accept-Encoding, Authorization content-type application/json trace cache-iad-kcgs7200106-IAD-02adbdaa-0f73-4888-b4a0-11490b484d43; cache-hhn4028-HHN-03960006-3d39-4e08-8c34-217e5c8b7434 access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 accept-ranges bytes x-cache-hits 17, 1
GET H2	200	splitChanges Show response sdk.split.io/api/	947 KB 210 KB	98ms 97ms	Fetch application/json	151.101.3.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.3.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1d2168011440c0aadafffaef1466627ab4f87c8ac15a0eeb1c83a0713b8b4c40 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 SplitSDKVersion javascript-10.19.1 Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip via 1.1 varnish, 1.1 varnish date Tue, 29 Nov 2022 00:26:25 GMT age 1 x-cache HIT, MISS content-length 214469 x-request-id 2dnl68ykzts x-served-by cache-iad-kiad7000096-IAD, cache-hhn4030-HHN last-modified Mon, 28 Nov 2022 08:39:22 GMT x-timer S1669681585.982207,VS0,VE91 etag "-649484078--gzip" vary Origin, Accept-Encoding, Authorization content-type application/json trace cache-iad-kiad7000129-IAD-ab6a270e-958f-4887-8a76-1dd4487e484c; cache-hhn4030-HHN-9a5c393b-0593-4a42-a045-4ce79b7f97e2 access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 accept-ranges bytes x-cache-hits 2, 0
GET H2	200	pendo.js Show response cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/	390 KB 130 KB	178ms 126ms	Script application/javascript	2600:9000:223f:4c00:1f:aa31:7740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:4c00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash 1c68985bda5ee3c51346bf1a254bf16315fafabf963db98a42ee7194c5c87174 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:25 GMT content-encoding gzip via 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 x-guploader-uploadid ADPycdt9EmLbjcXtbxGVk0bgBM8hqRbE-L-XltkVU5XnmQLcK_19kX1TEwGtKMuGDMrT6LJCmqwZtWnozG0QNA5MXHk8dQ x-cache RefreshHit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 132156 last-modified Mon, 28 Nov 2022 20:15:53 GMT server UploadServer etag "d772e24158e35109f96ab9c21f134124" vary Accept-Encoding x-goog-generation 1669666553543081 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=8nw+pQ==, md5=13LiQVjjUQn5arnCHxNBJA== access-control-expose-headers * cache-control max-age=450 x-goog-stored-content-length 132156 accept-ranges bytes x-amz-cf-id ITPCTOAS-5gr2-_ZAknYKJh2FchcpIZfDCM8VvKDztOwl62XrIG64Q== expires Tue, 29 Nov 2022 00:33:55 GMT
GET H2	200	1.5bb694cf.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	24 KB 7 KB	7ms 7ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/1.5bb694cf.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b051cafbf7f49310e9a47062b915ec14f84f56ef16346738ec87982f46d5ff0c Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"35f27888a5ec47e83c7fb8b6ba2d39ae" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id DxQWM2WnxMJQsRGOfnBFkXlQGLjrgBwjEgIiUhktdFBWh_-vUqjjmQ==
GET H2	200	2.e6bc637a.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	28 KB 10 KB	7ms 7ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/2.e6bc637a.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 054088d282c91a4be4472faaf08ae77784872d826bcc0d64fbca2fe7f0df9b12 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:40 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"2d7392b3012c99087f1132234188c50d" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id ew91AD9ahC5bbkSIzENz1gnFq73FAT7gVjqz5VeR-Fkt6jPahW3qZQ==
GET H2	200	3.2f0a68a6.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	13 KB 4 KB	8ms 7ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/3.2f0a68a6.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fe09db11f6573376c9911366f8c5130bf22baeebc8cf5b05e5ab2fa5ac40d180 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:42 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"fa7a199d7b64a4b62df44e7f3af489c0" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id K82TYERK9UFujuXQjBTpcNPY7wM0gbItJ8sSy2d2GqaBJncIvzWBfA==
GET H2	200	873.64937b66.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	3 MB 603 KB	9ms 9ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/873.64937b66.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8c358ffb75e8880303b45329098b1af20b6392ee4acf534cb934559f8127f2d7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"e70381c6304b0d6d9d71664ddf43a5aa" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id txYHXHFE7KtlKQKZwmlYBCFvejKh00tyaarApdiFHqs2l-S49rfBAg==
GET H2	200	components-app.035f84bf.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/	10 KB 3 KB	7ms 7ms	Stylesheet text/css	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/components-app.035f84bf.chunk.css Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1d2509e57963294f7d66da17bebb5e9a775fb8f607f2944322de5dfa9036abf6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"7726b2640af3eefb1dbbfd60d02e210a" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css cache-control max-age=86400,immutable x-amz-cf-id xAQMfyz8v9RkCD2Idb6MmzfYhgvsBYrYTofwUJeGB0Bj4-mEFsPCBg==
GET H2	200	components-app.c99263b1.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	115 KB 27 KB	43ms 43ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/components-app.c99263b1.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 847ccf460fc55a7a421d131430e73f9bb87ba4bfdf49284b85770feadc421f16 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:53 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"36c45f7151935df11c71628e87412db4" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id P1uZm7aA5s5ap4Yh5RArDLFfqLWtWdLEcCyrS9grIMG9UIS1zKs0UA==
GET H2	200	interact-localizaion-provider.315c7bc4.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	3 KB 2 KB	53ms 53ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/interact-localizaion-provider.315c7bc4.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 02156280ad808f246e2467f0b45f8525a9e5a5dfe994f508e3933e9be745e06c Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:53 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"19834edc7d32e64957be0db71dac73f8" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id S5v0uxuB5WbVCsdg3G4zBRsPybdenF1-wVdg_oLzhFEfER5OazHoxA==
GET H2	200	979.072f10ce.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	2 KB 1 KB	53ms 53ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/979.072f10ce.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf138241a388003ab67def109d1c83bbbb86e9aaafdca32b47f33c4b90da23ff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:53 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"2ce2482a5c1c828ef202bd352d3a4c43" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id amB1qI_F9BCC-4-Fu-yRG8p478xemWxJEio2v3KVZez5sJRv1QXXww==
GET H2	200	973.ae75f629.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	8 KB 4 KB	52ms 51ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/973.ae75f629.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fa7f6d31d527e7258a9da3c658ce1804ed31847465e89e4c87db3536514e5eeb Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:52 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"97557727ae6436afc583ad8dd19ff352" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id O4thTmV0OOP2wXIl_1iLJuHtQvA48yk7l_dj-a_E79Eu1ypb2O1HUg==
GET H2	200	978.e5087dca.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	2 KB 1 KB	52ms 52ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/978.e5087dca.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3f8bd887c1d2de00e7ed0cdae1df783e65d5be4c7f6cbb1eed8211a5df8e29f6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:53 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"564177a6451b38387ca713414962e323" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id sAOeNCuHx9Ydr8M8zrj80ZlHKF0jHigQFHLi8kHHJzTCWIEz2UXiZw==
GET H2	200	972.abafe16f.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	2 KB 1 KB	51ms 51ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/972.abafe16f.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b0ca3c2a21ab5fdd3234c6e0ec4c57a72e585c3d3befe45e22c4c043e6dde53a Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:10 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:52 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"146f29c4eeaa22af252d5d63170a596a" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id 4QRI6JZcddTjiUVJ6ssWJyukm4Hgu6iZBWj4OmVht8vUYqBurPKzHw==
GET H2	200	modules.e1bdbadbcc63daea6270.js Show response script.hotjar.com/	263 KB 68 KB	31ms 7ms	Script application/javascript	52.222.236.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e1bdbadbcc63daea6270.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-74.fra56.r.cloudfront.net Software / Resource Hash 92d302a80bb49dc2b379f3a4996f276d8ca392c07435557c06e55d5ba876daaa Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Thu, 24 Nov 2022 08:09:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 404239 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68720 last-modified Thu, 24 Nov 2022 08:08:08 GMT etag "53db6c810ee48127f87a9c79e206fc67" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id C46cU-3SEpDbyGB_Rw4wK0Ut0hCaFKN5TG-pMVNwY2SdHCZ_RxSXMQ==
OPTIONS H/1.1	200 OK	auth auth.split.io/api/v2/ Frame	0 0	412ms 102ms	Preflight application/json	54.157.194.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/v2/auth?users=anonymous Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.157.194.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-194-5.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type,splitsdkversion Access-Control-Request-Method GET Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Connection keep-alive Content-Length 4 Content-Type application/json; charset=utf-8 Date Tue, 29 Nov 2022 00:26:25 GMT access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion access-control-allow-methods GET, OPTIONS access-control-allow-origin https://www.thomsonreuters.com strict-transport-security max-age=15770000; includeSubdomains
GET H/1.1	200 OK	auth Show response auth.split.io/api/v2/	696 B 1 KB	102ms 102ms	Fetch application/json	54.157.194.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/v2/auth?users=anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.157.194.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-194-5.compute-1.amazonaws.com Software / Resource Hash b531a5d08fde4f0c3066c806577e10a4c3059fa698e641261a4278d44cbe10ee Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 SplitSDKVersion javascript-10.19.1 Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/json Response headers Date Tue, 29 Nov 2022 00:26:25 GMT strict-transport-security max-age=15770000; includeSubdomains access-control-allow-methods GET, OPTIONS Content-Type application/json; charset=utf-8 access-control-allow-origin https://www.thomsonreuters.com access-control-allow-credentials true Connection keep-alive access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion Content-Length 696
GET H2	200	box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response vars.hotjar.com/ Frame 376B	2 KB 1 KB	31ms 6ms	Document text/html	18.66.147.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-113.fra60.r.cloudfront.net Software / Resource Hash cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://www.thomsonreuters.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 472579 cache-control max-age=31536000 content-encoding br content-length 1035 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 23 Nov 2022 13:10:06 GMT etag "e0652b84b7b3b650769c759fc520c3f8" last-modified Wed, 23 Nov 2022 13:09:18 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront) x-amz-cf-id t6Ins-djXMFdUYr4W8mnjsmR9q0XbARxcsQyfy2jCybHGgnjJ8dSWQ== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-robots-tag none
GET H2	200	css fonts.googleapis.com/	2 KB 917 B	39ms 15ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 29 Nov 2022 00:26:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 29 Nov 2022 00:26:25 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 29 Nov 2022 00:26:25 GMT
GET H2	200	1084.f2a6f142.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	199 KB 44 KB	7ms 7ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/1084.f2a6f142.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aa363a2a11546aca585296bad7ebc30f5b8fd8529375ed318ed5229afe965707 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:11 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:38 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58635 etag W/"6f03dce01f0258992ecaa84018fd312f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id GgyF2Lf-Rq_Y7EcMzVXa9jSDi7t1x92OgiWmdovzykUC6K7wet3JKQ==
GET H2	200	0.44cbf62c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	21 KB 6 KB	7ms 7ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/0.44cbf62c.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2f54059f92b0205baa8a5d941babf1e2c631016e569a432266615ca7c6f24858 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 08:09:13 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 58633 etag W/"98cb718cc8bd7252417885c5499de2af" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id rFU30HxHetcnoXLgosF5NymZ0KLaq-XbCgouu5knR42QOQCBGBvZ_g==
GET H2	200	6.a7bfff4d.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	189 KB 45 KB	8ms 8ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/6.a7bfff4d.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3f6099e1128bd93bfc6fc31c306ed49a0070cca9ab043f6987ad6019de58acfa Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 09:11:54 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:47 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 54872 etag W/"72ec67d54855296f28252d0592868a1f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id dN5RBeFDQ2pZ8JgBbmClyRDWa3Ej4dTHuh7Bkv2jI5hh6p9bO5da5Q==
GET H2	200	951.c3d8dc29.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	21 KB 8 KB	20ms 19ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/951.c3d8dc29.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7a64f03ff6994a27a23e5f3f40793315aea5bdfa7f5dc3bcb6467ee822bcfd92 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 16:24:43 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:52 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 28903 etag W/"2585e03bb8e2b0be2488f9526f7af9a4" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id a_1b4OHrLtVPVKyEmznxvEhjRgnJMgDAngclGuKLlEm65vMorylXlg==
GET H2	200	880.44ce16e3.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/	6 KB 2 KB	11ms 11ms	Stylesheet text/css	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/880.44ce16e3.chunk.css Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2816893277bc7559cf4413dad843cd6a1f28302abfacbb775216d6b6f1ba6c00 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 16:24:43 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:35 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 28903 etag W/"a55fabc8c2ae3e0e1663868eaf743f28" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css cache-control max-age=86400,immutable x-amz-cf-id 8ywOvhgnkQJS61696w65fEFpNAl6rh2_M6LsTaHCKeySAb-8xD210w==
GET H2	200	880.30f21517.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/	37 KB 11 KB	21ms 20ms	Script application/javascript	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/880.30f21517.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash aaa8cd56fd17bdfd3d78b67c19347627b53955a26f44b440fab9a3a066e16ad2 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 16:24:43 GMT content-encoding br via 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 16:18:51 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 28903 etag W/"cf5f0508f99eb30f26f0759efe79127d" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id DtCQk06QShBS6ezzmInlSScIwbeaC5a2eyWh0a8kUmr8kf2snzrXwg==
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	974 B 1 KB	40ms 20ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 65c6d748c086bbde2a32b3746398ad413b86b25ab4a7338c8e4662bc74906521 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 616 x-xss-protection 1; mode=block expires Tue, 29 Nov 2022 00:26:25 GMT
GET H/1.1	200 OK	dest5.html Show response westthomson.demdex.net/ Frame A9E6	7 KB 3 KB	933ms 350ms	Document text/html	3.248.121.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomson.demdex.net/dest5.html?d_nsid=0 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.248.121.63 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-248-121-63.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.thomsonreuters.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID watVTZZaQKY= content-encoding gzip date Tue, 29 Nov 2022 00:26:26 GMT last-modified Fri, 28 Oct 2022 11:02:57 GMT vary accept-encoding
GET H2	200	id Show response westthomsoncom.sc.omtrdc.net/	2 B 272 B	634ms 229ms	XHR application/x-javascript	15.188.95.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=34599514501220263413452324342141364677&ts=1669681585450 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-188-95-229.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 29 Nov 2022 00:26:25 GMT x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://www.thomsonreuters.com p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=Y4VRsQAAAF9P2QMx dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=34884185424254924033423988194150162195 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4VRsQAAAF9P2QMx	42 B 942 B	163ms 163ms	Image image/gif	52.213.58.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4VRsQAAAF9P2QMx Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol HTTP/1.1 Server 52.213.58.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-58-50.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-0305a06ee.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID Ify4GbgvThE= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y4VRsQAAAF9P2QMx Date Tue, 29 Nov 2022 00:26:25 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response westservicesinc.tt.omtrdc.net/rest/v1/	358 B 723 B	129ms 50ms	XHR application/json	63.32.162.101 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=2a2a6f7dada54526aac411e519852287&version=2.9.0 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.162.101 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-162-101.eu-west-1.compute.amazonaws.com Software / Resource Hash 1df43ff4c425084db66a22247a288bfdbf3b7487879a333fdfbbec0f85ad667d Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type text/plain Response headers date Tue, 29 Nov 2022 00:26:25 GMT content-encoding gzip accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://www.thomsonreuters.com access-control-allow-credentials true timing-allow-origin * x-request-id 8add2375c176c28d68df3096dd2d625c
GET H2	200	translations.interact.en_us.json Show response www.thomsonreuters.com/content/ue-settings/endpointsMapping/	226 KB 64 KB	143ms 143ms	Fetch application/json	2600:9000:2490:5a00:1b:b66f:bac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:5a00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 4ad0f7be1da8b04f030ac314428902a7633cbc178371c2d4a313e530cec22d8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://www.thomsonreuters.com/en-us/account/billing/guest/pay adrum isAjax:true accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-dispatcher dispatcher2useast1 date Tue, 29 Nov 2022 00:26:25 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip via 1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 x-vhost www.thomsonreuters.com x-cache Miss from cloudfront content-length 64873 x-ua-compatible IE=edge server Apache x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/json;charset=utf-8 x-amz-cf-id 5hDFWpXxLyKGpbiShWuxi9sy2GD5JttEHFDvrMxP9_uYm0ema641zw==
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1846625/	148 B 322 B	109ms 36ms	XHR application/json	52.49.194.206 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.194.206 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-194-206.eu-west-1.compute.amazonaws.com Software / Resource Hash 0eb7d9a1f5452a5b174b1daf1c4882948fc73867c86733b5cd340ed6345f2be8 Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Tue, 29 Nov 2022 00:26:25 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/	402 KB 162 KB	27ms 6ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.thomsonreuters.com/ Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 22:32:13 GMT content-encoding gzip x-content-type-options nosniff age 6852 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164812 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Nov 2023 22:32:13 GMT
GET H2	200	knowledge2017-light-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	7ms 7ms	Font binary/octet-stream	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sun, 08 May 2022 20:37:18 GMT via 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 17639348 x-cache Hit from cloudfront content-length 39336 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "9423006fb52301a35a4ce76f99e114af" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 9G4Mf1eOkJURtp80AiM1_FAWGChr5eiJEd3_nbwhzpw8jmCKIs0kXA==
GET H2	200	knowledge2017-medium-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	8ms 8ms	Font binary/octet-stream	2600:9000:2240:ba00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2240:ba00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/css/app-main.e758d86c.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 28 May 2022 08:11:10 GMT via 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 15956116 x-cache Hit from cloudfront content-length 39304 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "20dca63d8ee3254b712c7171ae987713" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id DqpAA2PiQBeeqW3lt6oYcRk9HvGuDz27ZvsApYkpmbDYfQx9jDIcqA==
POST H2	200	content Show response ws38.hotjar.com/api/v2/sites/1846625/recordings/	66 B 262 B	314ms 136ms	XHR application/json	34.251.155.155 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws38.hotjar.com/api/v2/sites/1846625/recordings/content Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.251.155.155 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-155-155.eu-west-1.compute.amazonaws.com Software / Resource Hash df4d61c542e0890eb51df0589a67b04edcd0bf0ee7676b71ef05c3bc66381087 Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Tue, 29 Nov 2022 00:26:25 GMT content-encoding br vary Accept-Encoding access-control-max-age 86400 content-type application/json access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 9424	42 KB 22 KB	42ms 41ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 017c99d113f048e544d751a7f14f8a75af014966ff15cfde0ed0dcf8b0051fef Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-U9T6n7a51AHW7hQfBlQDXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.thomsonreuters.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22567 content-security-policy script-src 'report-sample' 'nonce-U9T6n7a51AHW7hQfBlQDXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 29 Nov 2022 00:26:25 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 9424	52 KB 24 KB	21ms 6ms	Stylesheet text/css	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 14:09:41 GMT content-encoding gzip x-content-type-options nosniff age 37004 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Nov 2023 14:09:41 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 9424	402 KB 161 KB	24ms 10ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 22:32:13 GMT content-encoding gzip x-content-type-options nosniff age 6852 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 164812 x-xss-protection 0 last-modified Mon, 14 Nov 2022 03:01:59 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Nov 2023 22:32:13 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 9424	2 KB 2 KB	6ms 6ms	Image image/png	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Thu, 24 Nov 2022 19:40:09 GMT x-content-type-options nosniff age 362776 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 01 Dec 2022 19:40:09 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9424	15 KB 16 KB	28ms 7ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Fri, 25 Nov 2022 11:55:05 GMT x-content-type-options nosniff age 304280 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 25 Nov 2023 11:55:05 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9424	15 KB 15 KB	30ms 8ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 22:21:19 GMT x-content-type-options nosniff age 7506 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 28 Nov 2023 22:21:19 GMT
GET H3	200	webworker.js www.google.com/recaptcha/enterprise/ Frame 9424	102 B 134 B	16ms 16ms	Other text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 29 Nov 2022 00:26:25 GMT
POST H3	200	reload Show response www.google.com/recaptcha/enterprise/ Frame 9424	33 KB 19 KB	59ms 59ms	XHR application/json	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 09043c28b7d11369701fd1b0e7de53cf8c13ca95ebd86430a8c26de4489f2d77 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=mmagecdj0fzr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/x-protobuffer Response headers date Tue, 29 Nov 2022 00:26:26 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19444 x-xss-protection 1; mode=block expires Tue, 29 Nov 2022 00:26:26 GMT
POST H2	200	verifyCaptcha Show response api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/	22 B 1 KB	151ms 150ms	Fetch application/json	2600:9000:223c:aa00:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:aa00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55 Request headers Accept application/json, text/plain, */* Referer https://www.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 Authorization Bearer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-Type application/json Response headers accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 authorization Bearer sec-fetch-dest empty cloudfront-viewer-country DE x-tr-cloudfront-api-gateway d1uy6ivt6fb41q cloudfront-forwarded-proto https pragma no-cache host api.thomsonreuters.com cloudfront-viewer-asn 9009 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD content-type application/json access-control-allow-origin * accept application/json, text/plain, */* referer https://www.thomsonreuters.com/ cache-control no-cache access-control-allow-headers sec-fetch-mode cors date Tue, 29 Nov 2022 00:26:26 GMT via 1.1 1eca0fc6deec291a70c219ab41893762.cloudfront.net (CloudFront), 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront) origin https://www.thomsonreuters.com cloudfront-is-desktop-viewer true x-amz-cf-pop FRA56-P2 x-forwarded-for 2001:ac8:20:3b00:1012:fdb9:c998:aa56, 64.252.86.180 x-cache Miss from cloudfront x-forwarded-proto https content-length 22 cloudfront-is-smarttv-viewer false x-tr-verify-origin u3u1uDpLmlfzgwB-7fDlG cloudfront-is-mobile-viewer false user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 access-control-max-age 3628800 cloudfront-is-tablet-viewer false sec-fetch-site same-site x-forwarded-port 443 x-amz-cf-id yMLgtY0MkP0epuNcpRRUObrXhzyxVl153F-rn3oZav0np09mY0lECw==
OPTIONS H2	200	verifyCaptcha api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame	0 0	156ms 32ms	Preflight	2600:9000:223c:aa00:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:aa00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers accept */* accept-encoding gzip, deflate, br access-control-allow-credentials true access-control-allow-headers authorization, content-type access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3628800 access-control-request-headers authorization,content-type access-control-request-method POST cache-control no-cache cloudfront-forwarded-proto https cloudfront-is-desktop-viewer true cloudfront-is-mobile-viewer false cloudfront-is-smarttv-viewer false cloudfront-is-tablet-viewer false cloudfront-viewer-asn 9009 cloudfront-viewer-country DE content-length 0 date Tue, 29 Nov 2022 00:26:26 GMT host api.thomsonreuters.com origin https://www.thomsonreuters.com pragma no-cache referer https://www.thomsonreuters.com/ sec-fetch-dest empty sec-fetch-mode cors sec-fetch-site same-site user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 via 1.1 4fa4765c8a8d0124d4b3a574aaa336d0.cloudfront.net (CloudFront), 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront) x-amz-cf-id 25FVIUzTQtt93qj_MMYqgJgS0MbYpx_AByu_nYv7IhDsQQAEOcYgHA== x-amz-cf-pop FRA56-P2 x-cache Miss from cloudfront x-forwarded-for 2001:ac8:20:3b00:1012:fdb9:c998:aa56, 64.252.88.44 x-forwarded-port 443 x-forwarded-proto https x-tr-cloudfront-api-gateway d1uy6ivt6fb41q x-tr-verify-origin u3u1uDpLmlfzgwB-7fDlG
GET H2	200	RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/	818 B 748 B	16ms 16ms	Script application/x-javascript	2a02:26f0:3500:591::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash f0908b5d060ffd0a2a143b6eff456a30d7ad388b8eaae960af83e83c321ff347 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT content-encoding gzip last-modified Thu, 15 Sep 2022 18:52:29 GMT server AkamaiNetStorage etag "77ee74d5bbc1c7685d9daae29d8cf862:1663267949.25603" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 478 expires Tue, 29 Nov 2022 01:26:26 GMT
GET H2	200	/ Show response zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/	7 KB 4 KB	72ms 24ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aa4dc6153964ede6ac16bc2434f30c17e4aa3d50ae677869232cde98e79046f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 23734 cf-polished origSize=8487 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"2127-SvxNtz7cw1To09OdFIY1ORPsz/s" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363b3e1f9b95-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	451	365868.gif idsync.rlcdn.com/ Frame A9E6	0 98 B	38ms 16ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/365868.gif?partner_uid=34884185424254924033423988194150162195 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	adrum-ext.54a9a330b6d789bd61edecd89332c15b.js Show response cdn.appdynamics.com/	51 KB 20 KB	32ms 7ms	Script application/javascript	143.204.89.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum-ext.54a9a330b6d789bd61edecd89332c15b.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.24 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-24.fra50.r.cloudfront.net Software nginx/1.16.1 / Resource Hash d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Thu, 03 Nov 2022 06:13:21 GMT content-encoding gzip via 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 age 2225585 x-cache Hit from cloudfront last-modified Fri, 11 Dec 2020 18:05:04 GMT server nginx/1.16.1 etag W/"5fd3b4d0-cc03" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=2678400, s-max-age=14400 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id hziyB2e-hyurUGbfdEmhaLBoJtSkCnbBfFngOzK9LEMeSbzksb5aoQ==
GET H2	200	11.6d6c5ef8794769da04fd.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	61 KB 19 KB	24ms 23ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bbd322d5b22764f29e7ff91003f0a7a25af17af76cbee3ff46e95a3d4d80b4f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 583124 cf-polished origSize=63601 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 07 Nov 2022 19:14:18 GMT cf-bgj minify server cloudflare etag W/"f871-1845383cf10" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363b6e4f9b95-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	8 KB 2 KB	124ms 124ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b398b6e15fc8fd7b2c36e82ea28aebe22c8718ef448df9ee93f127751397c63d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin https://www.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 76bcbc381162f9cb cf-ray 7717363b9e989b95-FRA timing-allow-origin *
GET H3	451	365868.gif idsync.rlcdn.com/ Frame A9E6	0 9 B	29ms 15ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/365868.gif?partner_uid=34884185424254924033423988194150162195 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame A9E6	70 B 265 B	101ms 31ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.thomsonreuters.com&ttd_tpi=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Tue, 29 Nov 2022 00:26:26 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	102 KB 32 KB	29ms 29ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20ee45b17985faa6172dc3930d47bb56303e3e9f4452e72e2c0feb9d562a081d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 583038 cf-polished origSize=105331 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 07 Nov 2022 19:14:18 GMT cf-bgj minify server cloudflare etag W/"19b73-1845383cf10" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363c6f809b95-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	4.a5c0de52a5fc4b1cbc4b.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	2 KB 915 B	25ms 24ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/4.a5c0de52a5fc4b1cbc4b.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 656b507a55c361579615069ae025d160099bac360642eaba44bd2331f7fad4c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 583124 cf-polished origSize=2539 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 07 Nov 2022 19:14:18 GMT cf-bgj minify server cloudflare etag W/"9eb-1845383cf10" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363cbfd99b95-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	1.8ce69394dfc154e65174.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	28 KB 7 KB	25ms 24ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90ca1ec69de35eb28fcd7f3dfe0215a56127cacf6b15b24780bb8b2478578d33 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 583124 cf-polished origSize=29568 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 07 Nov 2022 19:14:18 GMT cf-bgj minify server cloudflare etag W/"7380-1845383cf10" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363cbfda9b95-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	FeedbackButtonModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	64 KB 24 KB	27ms 27ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b5aceeabb3acd528746d88da082a178e77658bbeea164b0f382469c6e23b8de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 582374 cf-polished origSize=66295 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Mon, 07 Nov 2022 19:14:18 GMT cf-bgj minify server cloudflare etag W/"102f7-1845383cf10" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363cbfdb9b95-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 737 B	71ms 52ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=32&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfdb130c44a2ba73e21684b8aaea8796414c572ef74c1a9225798f98b6dac9da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers servershortname date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 29 Nov 2022 00:26:26 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363cdc6868f8-FRA expires Fri, 26 Nov 2032 00:26:26 GMT
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 1 KB	68ms 50ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=27&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c0b0f41c886852db222c01c8e72e333a8163b051b16d40a8d240cf7f965b02 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers servershortname date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 29 Nov 2022 00:26:26 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false permissions-policy camera=(), geolocation=(), microphone=() cf-ray 7717363cdc6a68f8-FRA expires Fri, 26 Nov 2032 00:26:26 GMT
GET H/1.1	200 OK	ibs:dpid=1175&&dpuuid=7Kjl3O-qv9v3-eWM7aLwiLujvtz3o-uM46IcbPqT dpm.demdex.net/ Frame A9E6 Redirect Chain https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=7Kjl3O-qv9v3-eWM7aLwiLujvtz3o-uM46IcbPqT	42 B 942 B	169ms 166ms	Image image/gif	52.213.58.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=7Kjl3O-qv9v3-eWM7aLwiLujvtz3o-uM46IcbPqT Protocol HTTP/1.1 Server 52.213.58.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-58-50.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID nUuWlXgtSN4= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=7Kjl3O-qv9v3-eWM7aLwiLujvtz3o-uM46IcbPqT cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
POST H2	200	/ Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 220 B	128ms 127ms	XHR text/plain	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=webAdobeLaunch&r=1669681586758 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v14.2.2/static/js/852.6dc6fa74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin cf-cache-status DYNAMIC content-encoding br x-content-type-options nosniff server cloudflare vary Accept-Encoding content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 99ba91eefe26c0e9 cf-ray 7717363d3cd468f8-FRA
GET H2	200	wr-dialog-close-btn-black.png siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	256 B 551 B	29ms 29ms	Image image/png	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers expires Thu, 26 Feb 2032 16:15:51 GMT date Tue, 29 Nov 2022 00:26:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 23616635 cf-polished origSize=757 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" x-envoy-upstream-service-time 6 content-length 256 referrer-policy strict-origin-when-cross-origin last-modified Wed, 23 Feb 2022 00:33:55 GMT cf-bgj imgq:85,h2pri server cloudflare vary Accept-Encoding content-type image/png cache-control max-age=315360000, public accept-ranges bytes cf-ray 7717363d38859b95-FRA trace-id 0f438752c2e165b3 servershortname
GET H/1.1	200 OK	ibs:dpid=22052&dpuuid=3631801578419126318 dpm.demdex.net/ Frame A9E6 Redirect Chain https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631801578419126318	42 B 942 B	257ms 173ms	Image image/gif	52.213.58.50 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631801578419126318 Protocol HTTP/1.1 Server 52.213.58.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-213-58-50.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID xdgmncwZR2g= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Tue, 29 Nov 2022 00:26:26 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html; charset=utf-8 location https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3631801578419126318 p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 185 expires 0,Tue, 29 Nov 2022 19:26:26 GMT
GET H2	200	user bttrack.com/dmp/adobe/ Frame A9E6	35 B 263 B	341ms 137ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/dmp/adobe/user?dd_uuid=34884185424254924033423988194150162195 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers x-servername Track002-iad pragma no-cache date Tue, 29 Nov 2022 00:26:25 GMT x-aspnetmvc-version 5.2 server Microsoft-IIS/8.5 x-aspnet-version 4.0.30319 content-type image/gif p3p CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" cache-control private,no-cache content-length 35 expires -1
GET H2	404	tpid=34884185424254924033423988194150162195 sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame A9E6	49 B 265 B	105ms 32ms	Image image/gif	52.19.187.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=34884185424254924033423988194150162195?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.19.187.82 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-187-82.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.31.62 content-length 49 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTRWUnNRQUFBRjlQMlFNeA== https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WTRWUnNRQUFBRjlQMlFNeA==&google_tc=	170 B 188 B	31ms 17ms	Image image/png	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WTRWUnNRQUFBRjlQMlFNeA==&google_tc= Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WTRWUnNRQUFBRjlQMlFNeA==&google_tc= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 345 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y4VRsQAAAF9P2QMx&expires=90	0 239 B	80ms 7ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y4VRsQAAAF9P2QMx&expires=90 Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 4b510f0cc5fcbc9800016ef543086418 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-hhn4077-HHN pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT via 1.1 varnish server Varnish x-timer S1669681587.211081,VS0,VE0 x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y4VRsQAAAF9P2QMx&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4VRsQAAAF9P2QMx https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4VRsQAAAF9P2QMx&C=1	43 B 766 B	7ms 7ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y4VRsQAAAF9P2QMx&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 29 Nov 2022 00:26:27 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Tue, 29 Nov 2022 00:26:27 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=88&external_user_id=Y4VRsQAAAF9P2QMx&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=Y4VRsQAAAF9P2QMx https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY4VRsQAAAF9P2QMx	43 B 1 KB	13ms 13ms	Image image/gif	185.83.142.19 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY4VRsQAAAF9P2QMx Protocol HTTP/1.1 Server 185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Tue, 29 Nov 2022 00:26:27 GMT AN-X-Request-Uuid 427dcf02-bd13-4aeb-946f-b3bb0530def6 Server nginx/1.21.3 Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 45.141.152.68; 45.141.152.68; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 29 Nov 2022 00:26:27 GMT AN-X-Request-Uuid d27e00f1-eac2-4f47-b875-4f01f65eaeb4 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY4VRsQAAAF9P2QMx Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 45.141.152.68; 45.141.152.68; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4VRsQAAAF9P2QMx	43 B 273 B	34ms 14ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4VRsQAAAF9P2QMx Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers x-served-by cache-hhn4077-HHN pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT via 1.1 varnish server Varnish x-timer S1669681588.514622,VS0,VE0 x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y4VRsQAAAF9P2QMx cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4VRsQAAAF9P2QMx	1 B 451 B	93ms 21ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4VRsQAAAF9P2QMx Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Tue, 29 Nov 2022 00:26:27 GMT cache-control no-store, no-cache, private server nginx content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers x-served-by cache-hhn4077-HHN pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT via 1.1 varnish server Varnish x-timer S1669681588.611975,VS0,VE0 x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y4VRsQAAAF9P2QMx cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y4VRsQAAAF9P2QMx&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y4VRsQAAAF9P2QMx&img=1&__user_check__=1&sync_id=76cdd82b-6f7c-11ed-99be-16a7f9820206	43 B 548 B	16ms 16ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y4VRsQAAAF9P2QMx&img=1&__user_check__=1&sync_id=76cdd82b-6f7c-11ed-99be-16a7f9820206 Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Tue, 29 Nov 2022 00:26:27 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 87 Connection keep-alive Content-Length 43 Redirect headers Date Tue, 29 Nov 2022 00:26:27 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Location /partner?adv_id=6409&uid=Y4VRsQAAAF9P2QMx&img=1&__user_check__=1&sync_id=76cdd82b-6f7c-11ed-99be-16a7f9820206 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 106 Connection keep-alive Content-Length 0
GET H2	200	b.php www.facebook.com/fr/ Frame A9E6 Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y4VRsQAAAF9P2QMx&t=2592000&o=0	43 B 558 B	68ms 40ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y4VRsQAAAF9P2QMx&t=2592000&o=0 Protocol H2 Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Mon, 28 Nov 2022 16:26:27 PST content-encoding br x-content-type-options nosniff strict-transport-security max-age=15552000; preload document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 pragma public x-fb-debug y9Rqw2B/eLLK5e+fj3YDHflPk/97fIv8OfiIfDK9poriYH+B/kzqws4NSIoMmG8V9DvmMXIBIp3snPkLwnwtog== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type image/gif cache-control public, max-age=0 priority u=3,i expires Mon, 28 Nov 2022 16:26:27 PST Redirect headers x-served-by cache-hhn4077-HHN pragma no-cache date Tue, 29 Nov 2022 00:26:27 GMT via 1.1 varnish server Varnish x-timer S1669681588.819336,VS0,VE0 x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y4VRsQAAAF9P2QMx&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 NO CONTENT	/ partner.mediawallahscript.com/ Frame A9E6	0 232 B	159ms 32ms	Image text/html	52.209.55.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=34884185424254924033423988194150162195&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.209.55.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-209-55-67.eu-west-1.compute.amazonaws.com Software nginx/1.22.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Expires 0 Pragma no-cache Date Tue, 29 Nov 2022 00:26:28 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx/1.22.0 Connection keep-alive Content-Type text/html; charset=UTF-8