urlscan.io logo urlscan.io
SecurityTrails logo

auth.thomsonreuters.com Open in urlscan Pro
2600:9000:2491:8400:1d:854:d2c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.thomsonreuters.com/en-us/profile
Effective URL: https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2d...
Submission: On August 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 6 countries across 24 domains to perform 60 HTTP transactions. The main IP is 2600:9000:2491:8400:1d:854:d2c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is auth.thomsonreuters.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on April 14th 2022. Valid for: a year.
This is the only time auth.thomsonreuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2600:9000:249... 16509 (AMAZON-02)
4 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
13 2600:9000:224... 16509 (AMAZON-02)
6 3.251.27.103 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
1 1 52.215.243.107 16509 (AMAZON-02)
1 52.49.242.9 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 151.101.195.9 54113 (FASTLY)
1 18.66.97.10 16509 (AMAZON-02)
2 52.4.206.194 14618 (AMAZON-AES)
1 35.244.174.68 15169 (GOOGLE)
1 99.86.4.22 16509 (AMAZON-02)
1 143.204.215.95 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
8 104.17.208.240 13335 (CLOUDFLAR...)
1 99.80.161.153 16509 (AMAZON-02)
1 18.66.112.19 16509 (AMAZON-02)
1 2 2600:9000:249... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 34.111.234.236 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 52.30.61.76 16509 (AMAZON-02)
5 5 151.101.194.49 54113 (FASTLY)
1 2 172.217.23.98 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 1 104.18.18.126 13335 (CLOUDFLAR...)
1 104.18.19.126 13335 (CLOUDFLAR...)
1 2 37.252.173.38 29990 (ASN-APPNEX)
1 34.98.64.218 15169 (GOOGLE)
1 108.138.25.46 16509 (AMAZON-02)
60 26
2    2600:9000:2490:7600:1b:b66f:bac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.thomsonreuters.com
4    2a02:26f0:ea:2a4::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
13    2600:9000:2240:a00:15:d837:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)
app-data.gcs.trstatic.net
6    3.251.27.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
dpm.demdex.net
westthomson.demdex.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
westthomsoncom.sc.omtrdc.net
1    52.215.243.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-243-107.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    52.49.242.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-242-9.eu-west-1.compute.amazonaws.com
westservicesinc.tt.omtrdc.net
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    151.101.195.9 (United States)

ASN54113 (FASTLY, US)
sdk.split.io
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
2    52.4.206.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-206-194.compute-1.amazonaws.com
auth.split.io
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    99.86.4.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-22.fra6.r.cloudfront.net
script.hotjar.com
1    143.204.215.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-95.fra53.r.cloudfront.net
vars.hotjar.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
8    104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net
vc.hotjar.io
2    2600:9000:2491:8400:1d:854:d2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
auth.thomsonreuters.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    52.30.61.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-61-76.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
5    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    108.138.25.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-25-46.fra56.r.cloudfront.net
cdn.auth0.com
Apex Domain
Subdomains		 Transfer
13 trstatic.net
app-data.gcs.trstatic.net — Cisco Umbrella Rank: 78894
1 MB
8 qualtrics.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1343
89 KB
6 split.io
sdk.split.io — Cisco Umbrella Rank: 3285
auth.split.io — Cisco Umbrella Rank: 3653
18 KB
6 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1423
sync-tm.everesttech.net — Cisco Umbrella Rank: 946
1 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 278
westthomson.demdex.net — Cisco Umbrella Rank: 91696
9 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 910
script.hotjar.com — Cisco Umbrella Rank: 1184
vars.hotjar.com — Cisco Umbrella Rank: 1253
in.hotjar.com — Cisco Umbrella Rank: 2278
69 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 492
115 KB
4 thomsonreuters.com
www.thomsonreuters.com — Cisco Umbrella Rank: 69418
auth.thomsonreuters.com
17 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 845
r.casalemedia.com — Cisco Umbrella Rank: 921
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 288
907 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1058
587 B
2 omtrdc.net
westthomsoncom.sc.omtrdc.net — Cisco Umbrella Rank: 347015
westservicesinc.tt.omtrdc.net — Cisco Umbrella Rank: 431927
1 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 13622
53 KB
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 656
273 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 472
239 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1107
380 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 2610
343 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 678
489 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3028
257 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 452
265 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 456
98 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
917 B
0 pubmatic.com Failed
image2.pubmatic.com Failed
60 24
Domain Requested by
13 app-data.gcs.trstatic.net www.thomsonreuters.com
app-data.gcs.trstatic.net
auth.thomsonreuters.com
7 siteintercept.qualtrics.com zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
siteintercept.qualtrics.com
5 sync-tm.everesttech.net 5 redirects
5 dpm.demdex.net assets.adobedtm.com
www.thomsonreuters.com
4 sdk.split.io app-data.gcs.trstatic.net
4 assets.adobedtm.com www.thomsonreuters.com
assets.adobedtm.com
2 ib.adnxs.com 1 redirects
2 cm.g.doubleclick.net 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 auth.thomsonreuters.com 1 redirects app-data.gcs.trstatic.net
2 auth.split.io app-data.gcs.trstatic.net
2 www.thomsonreuters.com app-data.gcs.trstatic.net
1 cdn.auth0.com auth.thomsonreuters.com
1 us-u.openx.net
1 r.casalemedia.com
1 dsum-sec.casalemedia.com 1 redirects
1 pixel.rubiconproject.com
1 bttrack.com
1 ml314.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com assets.adobedtm.com
1 match.adsrvr.org www.thomsonreuters.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 idsync.rlcdn.com www.thomsonreuters.com
1 static.hotjar.com www.thomsonreuters.com
1 fonts.googleapis.com client
1 westservicesinc.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 westthomsoncom.sc.omtrdc.net assets.adobedtm.com
1 westthomson.demdex.net assets.adobedtm.com
0 image2.pubmatic.com Failed
60 34

This site contains links to these domains. Also see Links.

Domain
www.thomsonreuters.com
Subject Issuer Validity Valid
www.thomsonreuters.com
COMODO RSA Organization Validation Secure Server CA		 2022-06-27 -
2023-06-27		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
app-data.gcs.trstatic.net
COMODO RSA Organization Validation Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-11 -
2022-10-03		 3 months crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-04 -
2023-05-04		 a year crt.sh
*.hotjar.io
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
auth.thomsonreuters.com
COMODO RSA Organization Validation Secure Server CA		 2022-04-14 -
2023-04-14		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.auth0.com
Amazon		 2022-03-26 -
2023-04-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk
Frame ID: 4F8B9A86FE478C59B8F7477B6830EE76
Requests: 44 HTTP requests in this frame

Frame: https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: F4DE9FBCACE320BE857D8410F9BF095B
Requests: 14 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: 0FB27A941C6D56BE3EB42C057D5862A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to Thomson Reuters Account | Thomson Reuters

Page URL History Show full URLs

  1. https://www.thomsonreuters.com/en-us/profile Page URL
  2. https://auth.thomsonreuters.com/authorize?audience=895c910f-29fe-4dd6-8438-cbf7a68792d5&scope=openid%20profi... HTTP 302
    https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

60
Requests

80 %
HTTPS

19 %
IPv6

24
Domains

34
Subdomains

26
IPs

6
Countries

1508 kB
Transfer

6263 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.thomsonreuters.com/en-us/profile Page URL
  2. https://auth.thomsonreuters.com/authorize?audience=895c910f-29fe-4dd6-8438-cbf7a68792d5&scope=openid%20profile%20email%20https%3A%2F%2Fapi.thomsonreuters.com%2Fauth%2Fciam.cis.users.read.self%20https%3A%2F%2Fapi.thomsonreuters.com%2Fauth%2Fciam.cis.users.write.self&client_id=tgE6enN7qNEeVcArfr8vVnxtPWF66029&redirect_uri=https%3A%2F%2Fwww.thomsonreuters.com%2Fen-us%2Fprofile&response_type=code&response_mode=query&state=STJvZENZdUVKckd6SHYtaTM3LnN3eDI4OE9SWmtQYk5tQlFBZlN5QU9lcg%3D%3D&nonce=Ty4telBVLX5GOTFGOWJZNlNVb2tObmFzanlaY2RMazBtUFZTVTZuYmFofg%3D%3D&code_challenge=oz7nWoN7AmFj1rMeri3zYnmG6DYzsR1T0WEkkL2ZMDE&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMS45LjAifQ%3D%3D HTTP 302
    https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://cm.everesttech.net/cm/dd?d_uuid=56112440386236750352845660381678341439 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yul_1QAAAHeNYwN6
Request Chain 35
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=DukXyg--FsUV6EvKCehfy17uSscV40OSW-oq8eqr
Request Chain 36
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629060299435278389
Request Chain 38
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=56112440386236750352845660381678341439?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=56112440386236750352845660381678341439?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Request Chain 39
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXVsXzFRQUFBSGVOWXdONg== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXVsXzFRQUFBSGVOWXdONg==&google_tc=
Request Chain 41
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yul_1QAAAHeNYwN6&expires=90
Request Chain 43
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yul_1QAAAHeNYwN6 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yul_1QAAAHeNYwN6&C=1
Request Chain 44
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=Yul_1QAAAHeNYwN6 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYul_1QAAAHeNYwN6
Request Chain 51
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yul_1QAAAHeNYwN6
Request Chain 52
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yul_1QAAAHeNYwN6

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
profile
www.thomsonreuters.com/en-us/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thomsonreuters.com/en-us/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7600:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
d64c42b27ca40615e9cdd832879f8335d4e9d2a0485b4751dbbe5d2cc9de2a56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-disposition
inline
content-encoding
gzip
content-length
884
content-type
text/html;charset=utf-8
date
Tue, 02 Aug 2022 19:45:25 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id
SusECKDJhHPu4KE4b2AzDrVXhUD-vCXRd0aMu5ALk_PbtjvFyWQ1LA==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dispatcher
dispatcher1useast1
x-dxml-correlation-id
21d0affd-bb89-4081-9908-54ac059af54b
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-vhost
www.thomsonreuters.com
launch-f185a872eb60.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ 		317 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:08 GMT
server
AkamaiNetStorage
etag
"d352069223c4b31c3d2f628b829b8a1b:1649342348.617182"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
90003
expires
Tue, 02 Aug 2022 20:45:25 GMT
bootstrap.js
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/ 		4 MB
893 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb85af18f186df4b1764f4e4922cd2d00d1f2bc0d68cf1aea9ad05eab5a9f485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 07:25:37 GMT
content-encoding
br
last-modified
Thu, 30 Jun 2022 06:10:34 GMT
server
AmazonS3
age
44389
etag
W/"3e6910b6a98ef5886529703fa4151c5b"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
d20VGULDya2oLrtF1vYbxj4LXGllxCatoUVtAv_FHZYNoqvSBdPw6A==
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1659469522811
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
65388a741abb8c652cf62499f572913ada8429b4134bec69344141f9470b59c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v037-0377310b5.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
W1j5HrzKRJk=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thomsonreuters.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1316
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:09 GMT
server
AkamaiNetStorage
etag
"60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16755
expires
Tue, 02 Aug 2022 20:45:25 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"66be6e24d6b0c77126d28b9abcd4eb38:1634593036.81505"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8761
expires
Tue, 02 Aug 2022 20:45:25 GMT
dest5.html
westthomson.demdex.net/ Frame F4DE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://westthomson.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v037-0fb9a4e61.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
F3oboYheQYY=
content-encoding
gzip
date
Tue, 2 Aug 2022 19:45:25 GMT
last-modified
Thu, 21 Jul 2022 19:45:02 GMT
vary
accept-encoding
id
westthomsoncom.sc.omtrdc.net/ 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=55986176392298466052814957196794772457&ts=1659469522969
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-4k5n9
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Yul_1QAAAHeNYwN6
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=56112440386236750352845660381678341439
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yul_1QAAAHeNYwN6
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yul_1QAAAHeNYwN6
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/profile
Protocol
HTTP/1.1
Server
3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v043-00b928c6f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JCOiDZwDQX8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yul_1QAAAHeNYwN6
Date
Tue, 02 Aug 2022 19:45:25 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
westservicesinc.tt.omtrdc.net/rest/v1/ 		358 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=d2d4e3940add417685e02b39206609ab&version=2.7.0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.242.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-242-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thomsonreuters.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
9dcd4ceeb40a517133869db383f6cc5e
main.2ef98bdc.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/ 		342 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
last-modified
Thu, 30 Jun 2022 06:10:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
W/"a60d26d726d158a69429f4df4f0ca74a"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-id
iftAB3ghjvKUSwXuHCk3KBGmk9GHnwp95ZRJ16SYrk8qNDSltWedTQ==
css
fonts.googleapis.com/ 		2 KB
917 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 18:26:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 02 Aug 2022 19:45:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Aug 2022 19:45:25 GMT
UserProfilePage.6286eb6e.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/js/UserProfilePage.6286eb6e.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 07:25:39 GMT
content-encoding
br
last-modified
Thu, 30 Jun 2022 06:10:34 GMT
server
AmazonS3
age
44387
etag
W/"a2e2cac25e397fab6bb6465a1b1eab36"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Yu1ErKjTpgxVaIfCzkdX37sVYvaxscc8wKHg_OQDNDKoTnWDdNjZlw==
users
sdk.split.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/users
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Tue, 02 Aug 2022 19:45:25 GMT
retry-after
0
server
Varnish
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4081-HHN
x-timer
S1659469526.844870,VS0,VE0
splitChanges
sdk.split.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Tue, 02 Aug 2022 19:45:25 GMT
retry-after
0
server
Varnish
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4081-HHN
x-timer
S1659469526.844733,VS0,VE0
users
sdk.split.io/api/mySegments/ 		17 B
451 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/mySegments/users
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.17.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
101899
x-cache
HIT, HIT
content-encoding
gzip
content-length
37
x-request-id
28x0icqrrv4
x-served-by
cache-iad-kiad7000142-IAD, cache-hhn4081-HHN
x-timer
S1659469526.853104,VS0,VE2
date
Tue, 02 Aug 2022 19:45:25 GMT
vary
Origin, Accept-Encoding, Authorization
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200096-IAD-3f87ca53-61d7-436e-adf9-c230f8237c36; cache-hhn4055-HHN-7c182dc0-14df-47af-a7f1-0739e5732d0d
accept-ranges
bytes
x-cache-hits
1, 1
splitChanges
sdk.split.io/api/ 		252 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.17.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
content-encoding
gzip
etag
"-674647491--gzip"
age
1756
x-cache
HIT, MISS
content-length
16608
via
1.1 varnish, 1.1 varnish
x-request-id
28yo4rb3eup
x-served-by
cache-iad-kiad7000024-IAD, cache-hhn4081-HHN
last-modified
Tue, 02 Aug 2022 17:00:50 GMT
x-timer
S1659469526.853135,VS0,VE100
date
Tue, 02 Aug 2022 19:45:25 GMT
vary
Origin, Accept-Encoding, Authorization
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200105-IAD-9f1e102f-04fa-4609-94d3-2decc81f9279; cache-hhn4081-HHN-8cb3a938-66a1-4c95-a03d-fe3dba2b73dc
accept-ranges
bytes
x-cache-hits
3, 0
hotjar-1846625.js
static.hotjar.com/c/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1846625.js?sv=6
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA56-P2
etag
W/256cec8f899e43815912033f879cc3e9
strict-transport-security
max-age=86400; includeSubDomains
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-amz-cf-id
78clZjlFR_3AUVl3e_A_u3m8vMYP-_HudVje0GS5Y455eYhs87xJkA==
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
auth
auth.split.io/api/v2/ 		696 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?users=users
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.206.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-206-194.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.17.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
strict-transport-security
max-age=15770000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thomsonreuters.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length
696
auth
auth.split.io/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.split.io/api/v2/auth?users=users
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.206.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-206-194.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
content-length
4
content-type
application/json; charset=utf-8
date
Tue, 02 Aug 2022 19:45:26 GMT
strict-transport-security
max-age=15770000; includeSubdomains
365868.gif
idsync.rlcdn.com/ Frame F4DE 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=56112440386236750352845660381678341439
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
modules.bb562e057a78838c3c4b.js
script.hotjar.com/ 		248 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bb562e057a78838c3c4b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1846625.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-22.fra6.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 13:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
21258
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64869
access-control-allow-origin
*
last-modified
Tue, 02 Aug 2022 13:50:25 GMT
etag
"5ca53ec7c34af0fd5f63975c6cf4eced"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
rDkoQ-3SuXGYYhMymeL6NrE7LmI5fo5SyLymsjq4ZZKN7pVtNlZoyA==
box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
vars.hotjar.com/ Frame 0FB2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1846625.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
107838
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 13:48:07 GMT
etag
"b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified
Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-id
hufee6dwjvCsAh3F7tkqTNc5iuTuksiycA5NducEZ5IxmExn0i4k_Q==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 20:42:58 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5353348
x-cache
Hit from cloudfront
content-length
39408
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"de994d71a311e3119703dd67ef632f04"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
irpw2RVdEAXmqcg-GrJnlUvcobQdT-KPVrJBIZUdsAIqjfi0xmRVBA==
UserProfilePage.6286eb6e.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/js/UserProfilePage.6286eb6e.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 07:25:39 GMT
content-encoding
br
last-modified
Thu, 30 Jun 2022 06:10:34 GMT
server
AmazonS3
age
44387
etag
W/"a2e2cac25e397fab6bb6465a1b1eab36"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
lPieM61psMvHu3sgyvFeLKftiLDbjrHFeGhU-xV6iREh4YBFB6XSCA==
translations.ciam.en_us.json
www.thomsonreuters.com/content/ue-settings/endpointsMapping/ 		23 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.ciam.en_us.json
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7600:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/en-us/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dxml-correlation-id
ba268542-70fa-4210-97c2-12b0346585d6
x-amz-cf-pop
FRA56-P6
x-vhost
www.thomsonreuters.com
x-cache
Miss from cloudfront
vary
Accept-Encoding,User-Agent
content-length
6221
x-ua-compatible
IE=edge
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
via
1.1 0e37105a96e87c22ff4981659a6dc176.cloudfront.net (CloudFront)
x-amz-cf-id
guANON1LJnqfWkznpv-ob2mRQ_MYXrCKz23QAK3BBecBiQA1fiDKxA==
generic
match.adsrvr.org/track/cmf/ Frame F4DE 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/ 		818 B
746 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:2a4::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:09 GMT
server
AkamaiNetStorage
etag
"60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
476
expires
Tue, 02 Aug 2022 20:45:26 GMT
/
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
edge-control
max-age=604800
vary
Accept-Encoding
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"20f3-CMMhJnXT5jIcMtDJb7gcUs5OEAo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7349505a68299064-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
visit-data
in.hotjar.com/api/v2/client/sites/1846625/ 		148 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bb562e057a78838c3c4b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1846625
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1846625?s=0.25&r=0.1049207615940222
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.bb562e057a78838c3c4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-19.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
via
1.1 cf2071a2896a4f71dbfdbc521d554362.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
jTw2Xq0F7NsRDI6a4bwcODAdLSQ5hkIoFphyavfhYczV9FegEt7JOA==
Primary Request identifier
auth.thomsonreuters.com/u/login/
Redirect Chain
  • https://auth.thomsonreuters.com/authorize?audience=895c910f-29fe-4dd6-8438-cbf7a68792d5&scope=openid%20profile%20email%20https%3A%2F%2Fapi.thomsonreuters.com%2Fauth%2Fciam.cis.users.read.self%20htt...
  • https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVu...
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8400:1d:854:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
bbe74a3e25d2aab4d5d43418296bc4e56f39a573f95676ffa7d2b595dca2d332
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, max-age=0, no-transform
content-encoding
gzip
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Tue, 02 Aug 2022 19:45:27 GMT
etag
W/"58a0-ccLEKSFK7+eheMpJOr3m3NK+5n4"
expires
Tue, 02 Aug 2022 19:45:27 GMT
pragma
no-cache
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-id
rmMX1EJ3mSp_NBSWMAGFAfEzdtpsnFdCYOP9DuuPa0wI6_5NtD4xOg==
x-amz-cf-pop
FRA56-P7
x-auth0-requestid
68a4e2ac82abc6740e42
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
deny
x-robots-tag
noindex, nofollow noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-store, max-age=0, no-transform
content-length
446
content-type
text/html; charset=utf-8
date
Tue, 02 Aug 2022 19:45:26 GMT
location
/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-id
m78MhXPG9yxjij0VjvaQUT3Ov2s8vbwWl7pL9oVuNt5eIygUmtezXQ==
x-amz-cf-pop
FRA56-P7
x-auth0-requestid
0b2966caac7d8db008f4
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow, nosnippet, noarchive
knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 08 May 2022 20:37:18 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7427289
x-cache
Hit from cloudfront
content-length
39336
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"9423006fb52301a35a4ce76f99e114af"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
NTD1atD31j2HAscJIUrgVkpr-l-sdgAfpSBf0iVoe1-Cd5a5Hi2AIw==
knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/v1.49.0/static/css/main.2ef98bdc.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 28 May 2022 08:11:10 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5744057
x-cache
Hit from cloudfront
content-length
39304
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"20dca63d8ee3254b712c7171ae987713"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
gfQ4OYH0XFka6bWaZ608ESlB7IiAOxm9WJw8SrXFkOgmBWyX4rQIwQ==
ibs:dpid=1175&&dpuuid=DukXyg--FsUV6EvKCehfy17uSscV40OSW-oq8eqr
dpm.demdex.net/ Frame F4DE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=DukXyg--FsUV6EvKCehfy17uSscV40OSW-oq8eqr
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=DukXyg--FsUV6EvKCehfy17uSscV40OSW-oq8eqr
Protocol
HTTP/1.1
Server
3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0f72bd179.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tw55GMeFRjw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=DukXyg--FsUV6EvKCehfy17uSscV40OSW-oq8eqr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ibs:dpid=22052&dpuuid=3629060299435278389
dpm.demdex.net/ Frame F4DE
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629060299435278389
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629060299435278389
Protocol
HTTP/1.1
Server
3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0fb9a4e61.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/dhUqtGISH4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:25 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629060299435278389
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Wed, 03 Aug 2022 15:45:26 GMT
user
bttrack.com/dmp/adobe/ Frame F4DE 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/dmp/adobe/user?dd_uuid=56112440386236750352845660381678341439
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Tue, 02 Aug 2022 19:44:51 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame F4DE
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=56112440386236750352845660381678341439?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=56112440386236750352845660381678341439?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Protocol
HTTP/1.1
Server
3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-27-103.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-02f215fd6.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300,104
X-TID
U8X2iAcQQig=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires
0
cache-control
no-cache
x-server
10.45.26.245
content-length
0
x-consent
absent
pixel
cm.g.doubleclick.net/ Frame F4DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXVsXzFRQUFBSGVOWXdONg==
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXVsXzFRQUFBSGVOWXdONg==&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXVsXzFRQUFBSGVOWXdONg==&google_tc=
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXVsXzFRQUFBSGVOWXdONg==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
11.43a1a428a12277de24be.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Requested by
Host: zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
URL: https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
580809
cf-polished
origSize=62687
cf-ray
7349505d7cf09064-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"f4df-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
tap.php
pixel.rubiconproject.com/ Frame F4DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yul_1QAAAHeNYwN6&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yul_1QAAAHeNYwN6&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1659469527.665669,VS0,VE0
x-served-by
cache-hhn4020-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yul_1QAAAHeNYwN6&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
b9866d55f26c6c2e
cf-ray
7349505dddb99064-FRA
rum
r.casalemedia.com/ Frame F4DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yul_1QAAAHeNYwN6
  • https://r.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yul_1QAAAHeNYwN6&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yul_1QAAAHeNYwN6&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
7349505f781e997b-FRA
pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Is-Traffic-Usersync, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKPeO5uLAWA4Eto5XaYyqWrGfa4UL0lpFvjTtD0zeiBSNJFw0JwdNTZKbYyoTCvJojCEGPqGqojlyH%2Bj1%2F0Pp8X6fgq56MJm5micS4HdqnlGEEonLrcMGWvxtyIaOkrKOpu%2F"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0

Redirect headers

cf-ray
7349505edb179128-FRA
pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pE9%2FyxBZnO0TumuRz%2FQnQc3XN%2FAzbgOinsKTVrpyt63%2FpEIAahJGqpMXAPotf6CYgc5l3V8Ca%2ByxvVfc0S9w4H4ghAFywARvS%2B6WAxtDryYBaNOJs1RCkszIJ4aEU1BdvfVD1Pf6XO%2BV5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://r.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yul_1QAAAHeNYwN6&C=1
cache-control
no-cache
content-type
text/html; charset=iso-8859-1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
bounce
ib.adnxs.com/ Frame F4DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=Yul_1QAAAHeNYwN6
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYul_1QAAAHeNYwN6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYul_1QAAAHeNYwN6
Protocol
HTTP/1.1
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Aug 2022 19:45:26 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
152e2d22-8a7c-417a-81b2-e5075ace6990
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Aug 2022 19:45:26 GMT
X-Proxy-Origin
185.213.155.166; 185.213.155.166; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
20823fdd-6ae4-43da-9317-0702c39776a4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYul_1QAAAHeNYwN6
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
580634
cf-polished
origSize=105087
cf-ray
7349505f1fa39064-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"19a7f-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
4.c4c4311e93af68a7390f.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.c4c4311e93af68a7390f.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
URL: https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
580811
cf-polished
origSize=2539
cf-ray
7349505f78109064-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"9eb-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.04bbbcfbec571d58289d.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.04bbbcfbec571d58289d.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
URL: https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
580808
cf-polished
origSize=29269
cf-ray
7349505f78129064-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"7255-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
579409
cf-polished
origSize=66436
cf-ray
7349505f78139064-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"10384-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=22&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:45:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 02 Aug 2022 19:45:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 30 Jul 2032 19:45:27 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7349505faaa15c0e-FRA
servershortname
sd
us-u.openx.net/w/1.0/ Frame F4DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yul_1QAAAHeNYwN6
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yul_1QAAAHeNYwN6
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:45:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1659469527.969350,VS0,VE0
x-served-by
cache-hhn4020-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yul_1QAAAHeNYwN6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame F4DE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yul_1QAAAHeNYwN6
0
0
h0r58thg
sync-tm.everesttech.net/upi/pid/ Frame F4DE 		0
0
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.56.28/css/ 		227 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.auth0.com/ulp/react-components/1.56.28/css/main.cdn.min.css
Requested by
Host: auth.thomsonreuters.com
URL: https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.25.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-25-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
719d580bf3d1a20daf0ef556e8074072669d1dc32b6ac48939b36099cb3268bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
zb1PHS4p6Blg9gllvgUt3kJcvAU4rNyl
content-encoding
gzip
last-modified
Tue, 24 Aug 2021 21:55:00 GMT
server
AmazonS3
age
41676
etag
W/"c1a14f9d0b3749900719aa6c2539251c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cache-control
max-age=2628000,public
date
Tue, 02 Aug 2022 08:13:51 GMT
x-amz-replication-status
FAILED
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
fA3Mo1vOPI4xV7BGxhZFfo-2OnUxforkIDoMd61OeW0n9uZqyN8AaA==
tr-ciam-210823.css
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
Requested by
Host: auth.thomsonreuters.com
URL: https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08a7ead5396f6d217611df3d931a9777f8d388617ad7993b4ad2badfd4d4dd7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 16:46:44 GMT
content-encoding
br
last-modified
Tue, 02 Aug 2022 15:48:59 GMT
server
AmazonS3
age
10724
etag
W/"e72ab1c3f0c28f2eb77c59724235a9d6"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
BG1gwD7BM3bz-17pwtJu-Wq8JGppipakQT7GANDgWYn8N4HuWLtU0A==
tr_h_lg_rgb_ps.svg
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/ 		25 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/tr_h_lg_rgb_ps.svg
Requested by
Host: auth.thomsonreuters.com
URL: https://auth.thomsonreuters.com/u/login/identifier?state=hKFo2SBWb3ZhNnNjaHc5Q1AzeVd3QUtWQmt3RjlwQ1QwbzdJT6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIG1xSENqbGl4ZVBFb0FNR1RuWGJkNnNZelZsYndFT2Zpo2NpZNkgdGdFNmVuTjdxTkVlVmNBcmZyOHZWbnh0UFdGNjYwMjk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c492d424131e950100a4f58a535fee7857190809339d88008f0fd9db1b605de0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 15:59:57 GMT
content-encoding
br
last-modified
Tue, 02 Aug 2022 15:48:59 GMT
server
AmazonS3
age
13531
etag
W/"a2e9e815f140f092141533e10c728dd6"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
825bIPpGx66wSGnN_CXwBDIScyw9-9i1cPE3JBBUxPpdxIM5suzKUQ==
background-left.svg
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/background-left.svg
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92d18f85f2a29f1068d5a36173e90f151ca94ba6f3ed8682aac410d24d68e832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 15:59:57 GMT
content-encoding
br
last-modified
Tue, 02 Aug 2022 15:48:59 GMT
server
AmazonS3
age
13531
etag
W/"da4645ecc760a45563b5f83d44a357d2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
PWzBQUW8nEUNhXYY5skV3kZ64-u9cGvLRupG0JaR5zH_dhpS4EzYAA==
background_right.svg
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/background_right.svg
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa048a6da09bce0ec83b58f09868f1e70fee80c1df8d63cabe105eae41e60927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 15:59:57 GMT
content-encoding
br
last-modified
Tue, 02 Aug 2022 15:48:59 GMT
server
AmazonS3
age
13531
etag
W/"2074e51ca4a56669d33df650f74bacdf"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
P9bsiNIlHQQw2iHx19sZNzF_6BrjeRG0uWw6E2dtKe-hc9YX1RUrPA==
tr-logo_reversed.svg
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/ 		25 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/img/tr-logo_reversed.svg
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7333b6f9761f343deccb63949eadfbd7cd3b8fe33509191d51d5e66ca2a0c863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 15:59:57 GMT
content-encoding
br
last-modified
Tue, 02 Aug 2022 15:48:59 GMT
server
AmazonS3
age
13531
etag
W/"1432370a42672c6cc9c1ca78dc2d441d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
eBpuNn3taVsbbxqB6xHWqIoSeTnSVhhR3ieKUTc4VVQoMleFPoATyA==
knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/fonts/knowledge2017-regular-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-profile/bundle-profile-assets/css/tr-ciam-210823.css
Origin
https://auth.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 16:46:44 GMT
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 15:48:59 GMT
server
AmazonS3
age
10724
etag
"de994d71a311e3119703dd67ef632f04"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
39408
x-amz-cf-id
eKfNU2NVd4DMDvAsu-vT3LoP08JRuY-YrHWnkV3uRZcsmV3SMo7IgQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
siteintercept.qualtrics.com
URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=27&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yul_1QAAAHeNYwN6
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| docReady function| hideSignupLink function| loadRegionalizedFooter function| loadProductSupport

32 Cookies

Domain/Path Name / Value
.thomsonreuters.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 56112440386236750352845660381678341439
.thomsonreuters.com/ Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yul_1QAAAHeNYwN6
.thomsonreuters.com/ Name: mbox
Value: session#d2d4e3940add417685e02b39206609ab#1659471384|PC#d2d4e3940add417685e02b39206609ab.37_0#1722714324
.dpm.demdex.net/ Name: dpm
Value: 56112440386236750352845660381678341439
.thomsonreuters.com/ Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19207%7CMCMID%7C55986176392298466052814957196794772457%7CMCAAMLH-1660074322%7C6%7CMCAAMB-1660074322%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1659476723s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19214%7CvVersion%7C5.3.0
.thomsonreuters.com/ Name: _hjSessionUser_1846625
Value: eyJpZCI6IjM0NmU3MGRlLWNkNzEtNTk2Yi1iYTU2LTdjMGY4ODRhZjMwMCIsImNyZWF0ZWQiOjE2NTk0Njk1MjM1MzksImV4aXN0aW5nIjpmYWxzZX0=
.thomsonreuters.com/ Name: _hjFirstSeen
Value: 1
www.thomsonreuters.com/ Name: _hjIncludedInSessionSample
Value: 0
.thomsonreuters.com/ Name: _hjSession_1846625
Value: eyJpZCI6ImZmOTljYmJmLWJmOTktNGEyMC04ZDUyLWI3Nzg4ODg0YzllNCIsImNyZWF0ZWQiOjE2NTk0Njk1MjM1NzEsImluU2FtcGxlIjpmYWxzZX0=
www.thomsonreuters.com/ Name: _hjIncludedInPageviewSample
Value: 1
.thomsonreuters.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
www.thomsonreuters.com/ Name: AWSALB
Value: qpeHdrG7Iv8kCo+bfpzScigjCQ2uTrPbHu+YOAv7k+zrWu2Qmxp9m6pgk9/+WZmmSiubXtNp7R/9CNKpSIQIaDzFkIixXNNo9QbIjxPDfynZF9bPKEBDLSpXedys
www.thomsonreuters.com/ Name: AWSALBCORS
Value: qpeHdrG7Iv8kCo+bfpzScigjCQ2uTrPbHu+YOAv7k+zrWu2Qmxp9m6pgk9/+WZmmSiubXtNp7R/9CNKpSIQIaDzFkIixXNNo9QbIjxPDfynZF9bPKEBDLSpXedys
.quantserve.com/ Name: d
Value: EK0BDAHhJrmvYA
.quantserve.com/ Name: mc
Value: 62e97ed6-39913-8f584-81ac1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
auth.thomsonreuters.com/ Name: did
Value: s%3Av0%3Aa8045340-129b-11ed-8c0e-53c55de88418.A%2FXPCSlVUMxiR3bvDxysx%2FlXUfX0VjHovVqQdAMVU%2Bs
auth.thomsonreuters.com/ Name: auth0
Value: s%3AOGuJVtXOErI3AD-2ZPuKsO9GxRvImJl3.h6kVkoindukV9AuO9aUFfaTQAB2QvEDaYBmTQ%2F6aZ8g
auth.thomsonreuters.com/ Name: did_compat
Value: s%3Av0%3Aa8045340-129b-11ed-8c0e-53c55de88418.A%2FXPCSlVUMxiR3bvDxysx%2FlXUfX0VjHovVqQdAMVU%2Bs
auth.thomsonreuters.com/ Name: auth0_compat
Value: s%3AOGuJVtXOErI3AD-2ZPuKsO9GxRvImJl3.h6kVkoindukV9AuO9aUFfaTQAB2QvEDaYBmTQ%2F6aZ8g
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMID
Value: Yul.1hy4xtb9n2Sitxr9swAA
.casalemedia.com/ Name: CMPS
Value: 1199
.adnxs.com/ Name: uuid2
Value: 5786311339332872371
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2GVMu__kd!]tbPl1MwL(!R7qUY$*v>>y$1YWJWW[fF?MX>-P(cMyO5<QG=%9sk?bIRwi:w9Ld1IgSWB17Mco/y@Yw#u#^u*d9XL
.casalemedia.com/ Name: CMTS
Value: 1203
.casalemedia.com/ Name: CMPRO
Value: 1164
.casalemedia.com/ Name: CMST
Value: Yul+1mLpftYA
.casalemedia.com/ Name: CMRUM3
Value: 5862e97ed62760Yul_1QAAAHeNYwN6
.demdex.net/ Name: dextp
Value: 60-1-1659469523315|477-1-1659469523416|903-1-1659469523550|1175-1-1659469523651|22052-1-1659469523754|49276-1-1659469523855|121998-1-1659469523957|144230-1-1659469524058|144231-1-1659469524159|144232-1-1659469524261|144233-1-1659469524362|144234-1-1659469524463|144235-1-1659469524564|144236-1-1659469524665

1 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=56112440386236750352845660381678341439
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-data.gcs.trstatic.net
assets.adobedtm.com
auth.split.io
auth.thomsonreuters.com
bttrack.com
cdn.auth0.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
ml314.com
pixel.quantserve.com
pixel.rubiconproject.com
r.casalemedia.com
script.hotjar.com
sdk.split.io
siteintercept.qualtrics.com
static.hotjar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
westservicesinc.tt.omtrdc.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
www.thomsonreuters.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
image2.pubmatic.com
siteintercept.qualtrics.com
sync-tm.everesttech.net
104.17.208.240
104.18.18.126
104.18.19.126
108.138.25.46
143.204.215.95
15.188.95.229
15.197.193.217
151.101.194.49
151.101.195.9
172.217.23.98
18.66.112.19
18.66.97.10
192.132.33.46
2600:9000:2240:a00:15:d837:3240:93a1
2600:9000:2490:7600:1b:b66f:bac0:93a1
2600:9000:2491:8400:1d:854:d2c0:93a1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:82a::200a
2a02:26f0:ea:2a4::1e80
3.251.27.103
34.111.234.236
34.98.64.218
35.244.174.68
37.252.173.38
52.215.243.107
52.30.61.76
52.4.206.194
52.49.242.9
69.173.144.138
99.80.161.153
99.86.4.22
08a7ead5396f6d217611df3d931a9777f8d388617ad7993b4ad2badfd4d4dd7a
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f
65388a741abb8c652cf62499f572913ada8429b4134bec69344141f9470b59c1
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33
719d580bf3d1a20daf0ef556e8074072669d1dc32b6ac48939b36099cb3268bf
7333b6f9761f343deccb63949eadfbd7cd3b8fe33509191d51d5e66ca2a0c863
92d18f85f2a29f1068d5a36173e90f151ca94ba6f3ed8682aac410d24d68e832
bbe74a3e25d2aab4d5d43418296bc4e56f39a573f95676ffa7d2b595dca2d332
c492d424131e950100a4f58a535fee7857190809339d88008f0fd9db1b605de0
cb85af18f186df4b1764f4e4922cd2d00d1f2bc0d68cf1aea9ad05eab5a9f485
d64c42b27ca40615e9cdd832879f8335d4e9d2a0485b4751dbbe5d2cc9de2a56
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
fa048a6da09bce0ec83b58f09868f1e70fee80c1df8d63cabe105eae41e60927