Submitted URL: http://www.tmf-group.com/
Effective URL: https://www.tmf-group.com/
Submission: On December 03 via api from RU — Scanned from CH

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 46 HTTP transactions. The main IP is 2606:4700:4400::6812:25b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tmf-group.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 11th 2024. Valid for: a year.
This is the only time www.tmf-group.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
4 142.250.185.195 15169 (GOOGLE)
1 162.159.138.60 13335 (CLOUDFLAR...)
10 2606:4700:440... 13335 (CLOUDFLAR...)
1 142.250.185.98 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2 142.250.184.194 15169 (GOOGLE)
2 20.50.88.238 8075 (MICROSOFT...)
46 11
Apex Domain
Subdomains
Transfer
20 tmf-group.com
www.tmf-group.com
771 KB
10 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 4920
188 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
437 KB
4 gstatic.com
fonts.gstatic.com
73 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
ade.googlesyndication.com — Cisco Umbrella Rank: 341
802 B
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 801
200 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2102
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 597
56 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
46 10
Domain Requested by
20 www.tmf-group.com 1 redirects www.tmf-group.com
10 cdn-ukwest.onetrust.com www.googletagmanager.com
js.monitor.azure.com
cdn-ukwest.onetrust.com
www.tmf-group.com
5 www.googletagmanager.com www.tmf-group.com
www.googletagmanager.com
4 fonts.gstatic.com fonts.googleapis.com
2 dc.services.visualstudio.com js.monitor.azure.com
2 ade.googlesyndication.com 1 redirects www.tmf-group.com
1 region1.google-analytics.com js.monitor.azure.com
1 pagead2.googlesyndication.com www.googletagmanager.com
1 player.vimeo.com www.tmf-group.com
1 js.monitor.azure.com www.tmf-group.com
1 fonts.googleapis.com www.tmf-group.com
46 11

This site contains links to these domains. Also see Links.

Domain
app.convercent.com
www.linkedin.com
www.onetrust.com
Subject Issuer Validity Valid
tmf-group.com
Sectigo RSA Organization Validation Secure Server CA
2024-01-11 -
2025-01-10
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 04
2024-11-19 -
2025-05-18
6 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
vimeo.com
WE1
2024-11-23 -
2025-02-21
3 months crt.sh
onetrust.com
WE1
2024-11-23 -
2025-02-22
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 03
2024-11-22 -
2025-05-21
6 months crt.sh

This page contains 3 frames:

Primary Page: https://www.tmf-group.com/
Frame ID: 650DE926704E9FA5BA061F28C9669E4C
Requests: 43 HTTP requests in this frame

Frame: https://player.vimeo.com/video/874101831
Frame ID: A117A7A2BDC9F6CC78910803DCFE42CD
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.tmf-group.com
Frame ID: 5F69FA952BD349098B163D50CEC53F3D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

TMF Group | Global compliance and governance experts

Page URL History Show full URLs

  1. http://www.tmf-group.com/ HTTP 307
    https://www.tmf-group.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

46
Requests

96 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

11
IPs

4
Countries

1527 kB
Transfer

3833 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.tmf-group.com/ HTTP 307
    https://www.tmf-group.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px-Jamestown.jpg HTTP 301
  • https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px-jamestown.jpg
Request Chain 40
  • https://ade.googlesyndication.com/ddm/activity/src=9795584;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9190725216z86281779za201zb6281779;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.tmf-group.com%2F HTTP 302
  • https://ade.googlesyndication.com/ddm/activity/src=9795584;dc_pre=CNP6ssy9jIoDFRDLOwIdiIw8KA;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9190725216z86281779za201zb6281779;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.tmf-group.com%2F

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.tmf-group.com/
Redirect Chain
  • http://www.tmf-group.com/
  • https://www.tmf-group.com/
92 KB
19 KB
Document
General
Full URL
https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba84b70d52af16111031035942b9cab6aa38ecba9a2f9e4483be94754b6422e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8ec67178fafcbc4e-ZRH
content-encoding
gzip
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
content-type
text/html; charset=utf-8
date
Tue, 03 Dec 2024 20:52:55 GMT
referrer-policy
same-origin
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
sameorigin
x-permitted-cross-domain-policies
none

Redirect headers

Location
https://www.tmf-group.com/
Non-Authoritative-Reason
HttpsUpgrades
main.css
www.tmf-group.com/dist/
175 KB
28 KB
Stylesheet
General
Full URL
https://www.tmf-group.com/dist/main.css?v=FdkMWrsIF5_dpGsJBfts7PA13nXtbtXbxuHR1pKuiHI
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15d90c5abb08179fdda46b0905fb6cecf035de75ed6ed5dbc6e1d1d692ae8872
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db1bbee65811e4"
age
107694
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 09:21:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=604800
content-security-policy-report-only
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; font-src https: data: fonts.gstatic.com; frame-src https: player.vimeo.com;
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec67179fc11bc4e-ZRH
server
cloudflare
css2
fonts.googleapis.com/
19 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/dist/main.css?v=FdkMWrsIF5_dpGsJBfts7PA13nXtbtXbxuHR1pKuiHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7d117525e5ce14232c97be368100f461696726f5e07160e9beddd107fd4ba2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 03 Dec 2024 20:52:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 03 Dec 2024 20:52:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
desktop.svg
www.tmf-group.com/globalassets/images/00.-global-use/logos/
3 KB
2 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/00.-global-use/logos/desktop.svg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c52b3f1490a1895378566155dfc4122a47cbb0a400fdbc843b4278df1c5362
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db398db3f65431"
age
5
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 08:50:46 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/svg+xml
last-modified
Mon, 18 Nov 2024 07:44:31 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=43070
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717a7c95bc4e-ZRH
server
cloudflare
tmf-logo.svg
www.tmf-group.com/images/svg/
3 KB
2 KB
Image
General
Full URL
https://www.tmf-group.com/images/svg/tmf-logo.svg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f07c895c0acc09f50acb45fd152bb8c7f879e9852af8d4dc52dc28f9368efa
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db1bbebf03ed90"
age
369308
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/svg+xml
last-modified
Fri, 11 Oct 2024 09:20:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717afd3dbc4e-ZRH
server
cloudflare
horizontal-accordion.js
www.tmf-group.com/dist/
70 KB
28 KB
Script
General
Full URL
https://www.tmf-group.com/dist/horizontal-accordion.js?v=TKO2fBfRC-WvCiGp_syqwgnlvGFcftFiM5kIWfzdwY4
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca3b67c17d10be5af0a21a9feccaac209e5bc615c7ed16233990859fcddc18e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db1bbee65bb412"
age
24954
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 09:21:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717a7c9cbc4e-ZRH
server
cloudflare
media-banner.js
www.tmf-group.com/dist/
105 KB
37 KB
Script
General
Full URL
https://www.tmf-group.com/dist/media-banner.js?v=vKtCZnwoq1VmUVIYtLtg92CeCXBj5UwNZjePR_Q4q3Q
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcab42667c28ab5566515218b4bb60f7609e097063e54c0d66378f47f438ab74
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db1bbee65b0ff7"
age
569815
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 09:21:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717abcebbc4e-ZRH
server
cloudflare
find.js
www.tmf-group.com/Util/Find/epi-util/
6 KB
2 KB
Script
General
Full URL
https://www.tmf-group.com/Util/Find/epi-util/find.js
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1da2911066f78ec"
age
864
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 00:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript
last-modified
Thu, 07 Dec 2023 13:26:46 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
content-security-policy-report-only
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; font-src https: data: fonts.gstatic.com; frame-src https: player.vimeo.com;
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717afd3ebc4e-ZRH
server
cloudflare
main.js
www.tmf-group.com/dist/
701 KB
246 KB
Script
General
Full URL
https://www.tmf-group.com/dist/main.js?v=0aJF02wFlzCFbVrW30gknwRTpTHl0JNszm36m9nYRrg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a245d36c059730856d5ad6df48249f0453a531e5d0936cce6dfa9bd9d846b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db1bbee650587f"
age
107694
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 09:21:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=604800
content-security-policy-report-only
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; font-src https: data: fonts.gstatic.com; frame-src https: player.vimeo.com;
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717acd00bc4e-ZRH
server
cloudflare
ai.2.gbl.min.js
js.monitor.azure.com/scripts/b/
120 KB
56 KB
Script
General
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
12e7192855d64b8867e792c9e0359a8e0b5ae2e2c9286007c9e4b881d86e7e07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tmf-group.com
Referer

Response headers

x-azure-ref
20241203T205256Z-17949f5ff6466dkthC1ZRHk49g00000003h0000000003ync
cache-control
public, max-age=1800, immutable, no-transform
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
81bf5983-f01e-009b-3255-3c01da000000
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.gbl.min.js
access-control-allow-origin
*
x-cache
TCP_HIT
x-ms-meta-aijssdkver
2.8.18
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 20 Mar 2024 17:31:22 GMT
gtm.js
www.googletagmanager.com/
402 KB
127 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e99fdfc0d6bda789145a58a79dddb7c9337e414801f60cd9d50f640ae2fce482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 03 Dec 2024 20:52:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
129576
x-xss-protection
0
server
Google Tag Manager
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tmf-group.com
Referer
https://fonts.googleapis.com/

Response headers

age
536540
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:50:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:50:36 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
072a36964e18d746dbf9.ttf
www.tmf-group.com/dist/
5 KB
5 KB
Font
General
Full URL
https://www.tmf-group.com/dist/072a36964e18d746dbf9.ttf?kqnkli
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/dist/main.css?v=FdkMWrsIF5_dpGsJBfts7PA13nXtbtXbxuHR1pKuiHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c7e3bb0d9fe8fb3140397ba683feb438758cbb5f4207d34494e685684aa61a
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tmf-group.com
Referer
https://www.tmf-group.com/dist/main.css?v=FdkMWrsIF5_dpGsJBfts7PA13nXtbtXbxuHR1pKuiHI

Response headers

cf-cache-status
HIT
etag
"1db1bbee65abfa4"
age
124845
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/x-font-ttf
last-modified
Fri, 11 Oct 2024 09:21:06 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=604800
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d4cbc4e-ZRH
accept-ranges
bytes
content-length
4772
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tmf-group.com
Referer
https://fonts.googleapis.com/

Response headers

age
27254
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 03 Dec 2025 13:18:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 13:18:42 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
96643bfad5a17eada947d707441559202c83a2cc9acb28aa860b7d64e3e55747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tmf-group.com
Referer
https://fonts.googleapis.com/

Response headers

age
568109
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 07:04:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 07:04:27 GMT
last-modified
Thu, 01 Aug 2024 20:41:18 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18540
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;1,100;1,300;1,400;1,500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tmf-group.com
Referer
https://fonts.googleapis.com/

Response headers

age
480047
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 07:32:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 07:32:09 GMT
last-modified
Thu, 01 Aug 2024 20:41:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18492
x-xss-protection
0
server
sffe
case-study-lenovo.jpg
www.tmf-group.com/globalassets/images/case-studies/500x500-header/
35 KB
36 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/case-studies/500x500-header/case-study-lenovo.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b66fa348ef1a56e5f4950de4f64cc28930b95d80504664a95612c8ab6e04b6cb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1db3eeda1c8cd1f"
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 08:52:52 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=41759
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="case-study-lenovo.webp"
vary
Accept
last-modified
Mon, 25 Nov 2024 03:53:48 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=43196
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d4ebc4e-ZRH
accept-ranges
bytes
content-length
35384
server
cloudflare
lenovo.svg
www.tmf-group.com/globalassets/images/case-studies/350x110-logos/
6 KB
2 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/case-studies/350x110-logos/lenovo.svg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600a829da3366aa9d039b92faff2656228a36aaaf77a0600a5aab6bd8c6977e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db3eeeb5c0891f"
age
36646
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 00:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/svg+xml
last-modified
Mon, 25 Nov 2024 04:01:31 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=14400
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d50bc4e-ZRH
server
cloudflare
case-studies-accordion_566x566px_microsoft-new.jpg
www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/
34 KB
35 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px_microsoft-new.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e12890f561b2d82837aa475023d344a117525b2368eaaf7f5567b0aacacdb415
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1db3edb4bea7f7f"
age
864
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 06:21:15 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=46591
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="case-studies-accordion_566x566px_microsoft-new.webp"
vary
Accept
last-modified
Mon, 25 Nov 2024 01:42:33 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=34099
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d53bc4e-ZRH
accept-ranges
bytes
content-length
35194
server
cloudflare
microsoft.jpg
www.tmf-group.com/globalassets/images/case-studies/144x144-logos/
35 KB
35 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/case-studies/144x144-logos/microsoft.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f17df2cfc223105d856837bbe0ae9f03220119e361b00673903687d26aff00af
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1db3ef0346ad399"
age
864
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 07:31:26 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=57113
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="microsoft.webp"
vary
Accept
last-modified
Mon, 25 Nov 2024 04:12:13 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=38310
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d54bc4e-ZRH
accept-ranges
bytes
content-length
35720
server
cloudflare
case-studies-accordion_566x566px-jamestown.jpg
www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/
Redirect Chain
  • https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px-Jamestown.jpg
  • https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px-jamestown.jpg
78 KB
79 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px-jamestown.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f69f5cc682116d3795ed4cb0320281ae0088bebcf59cbc25f22e58d4dd1a19e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1db3eda39bd3c93"
age
863
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 05:03:40 GMT
cf-polished
degrade=85, origSize=90131, status=webp_bigger
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/jpeg
last-modified
Mon, 25 Nov 2024 01:34:53 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=29444
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b8dedbc4e-ZRH
accept-ranges
bytes
content-length
80166
server
cloudflare

Redirect headers

cf-cache-status
HIT
age
864
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 00:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
vary
Accept-Encoding
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=14400
location
https://www.tmf-group.com/globalassets/images/case-studies/566x566-accordioncase-study-carousel/case-studies-accordion_566x566px-jamestown.jpg
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d55bc4e-ZRH
content-length
0
server
cloudflare
jamestown.png
www.tmf-group.com/globalassets/images/case-studies/144x144-logos/
7 KB
8 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/case-studies/144x144-logos/jamestown.png
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284edcef9104b2738b5a90f9b221fa2cc6c78da6aeb447f517437294c20a2de2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1db3eefe8b7438a"
age
864
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 07:31:26 GMT
cf-polished
origFmt=png, origSize=8330
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="jamestown.webp"
vary
Accept
last-modified
Mon, 25 Nov 2024 04:10:06 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=38310
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b1d56bc4e-ZRH
accept-ranges
bytes
content-length
6988
server
cloudflare
874101831
player.vimeo.com/video/ Frame A117
0
0
Document
General
Full URL
https://player.vimeo.com/video/874101831
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://browser-intake-datadoghq.com https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://browser-intake-datadoghq.com https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; worker-src blob:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8ec6717b6fbfbb59-FRA
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Dec 2024 20:52:56 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Origin, Referer, Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://browser-intake-datadoghq.com https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://browser-intake-datadoghq.com https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com https://player-telemetry.vimeo.com https://lensflare.vimeo.com https://arclight.vimeo.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; worker-src blob:
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-8695bdfc48-wzkmp
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-8695bdfc48-wzkmp
x-player-backend
g
x-served-by
cache-fra-eddf8230089-FRA
x-timer
S1733259176.257096,VS0,VE353
x-xss-protection
1; mode=block
944x540-incorporating-in-japan.jpg
www.tmf-group.com/globalassets/images/news-and-insights/articles--pr/944x540-country-landscape/
109 KB
110 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/news-and-insights/articles--pr/944x540-country-landscape/944x540-incorporating-in-japan.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2087181d384bb214fea41e28825af3951297d6ffc732ac1dd7abf98bdec66df0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1db35e4a8e4522f"
age
36640
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 00:52:56 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=128303
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="944x540-incorporating-in-japan.webp"
vary
Accept
last-modified
Wed, 13 Nov 2024 15:56:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=14400
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b2d72bc4e-ZRH
accept-ranges
bytes
content-length
111164
server
cloudflare
tmf-group-header-incorporation-in.jpg
www.tmf-group.com/globalassets/images/news-and-insights/articles--pr/944x540-services/
64 KB
64 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/news-and-insights/articles--pr/944x540-services/tmf-group-header-incorporation-in.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc3497182ef2f489ac2a4acb35d0ef891a545d5b7c974158e5c2846c5d11ec9e
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1da689c76e98441"
age
5
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 07:38:33 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=78145
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="tmf-group-header-incorporation-in.webp"
vary
Accept
last-modified
Mon, 26 Feb 2024 10:13:38 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=38737
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b2d76bc4e-ZRH
accept-ranges
bytes
content-length
65430
server
cloudflare
man-formal-attire-digital-device-tablet-analyse-data.jpg
www.tmf-group.com/globalassets/images/news-and-insights/articles--pr/944x540-general/
31 KB
33 KB
Image
General
Full URL
https://www.tmf-group.com/globalassets/images/news-and-insights/articles--pr/944x540-general/man-formal-attire-digital-device-tablet-analyse-data.jpg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2a91741c7e3fa1afea88763599bd853e355bf0838592d8ccd4c06ecb137e12
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1da33379eb989b2"
age
9074
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 05:44:37 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=37554
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/webp
content-disposition
inline; filename="man-formal-attire-digital-device-tablet-analyse-data.webp"
vary
Accept
last-modified
Wed, 20 Dec 2023 11:28:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
reporting-endpoints
csp-endpoint="/api/reporting/", default="/api/reporting/"
content-security-policy
default-src 'self' https: ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
cache-control
public, max-age=31901
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec6717b2d7abc4e-ZRH
accept-ranges
bytes
content-length
32098
server
cloudflare
js
www.googletagmanager.com/gtag/
407 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P1JFPZWSDV&l=dataLayer&cx=c&gtm=45He4bk0v6281779za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0e44c5d8f24d4f008dde8b50e513cc871155957f1f35786ca688acf274693a20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 03 Dec 2024 20:52:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133483
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
228 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-9795584&l=dataLayer&cx=c&gtm=45He4bk0v6281779za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
38ad89bd2ad2e626428021e69af1918025836a9f34c51e5b125066ac4a36b304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 03 Dec 2024 20:52:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
83722
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
281 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-859490502&l=dataLayer&cx=c&gtm=45He4bk0v6281779za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
baa18642508f7f8c0be1985084f56bbbcdfa5edc0844e360f43cf6a38d7f11d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 03 Dec 2024 20:52:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 03 Dec 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99366
x-xss-protection
0
server
Google Tag Manager
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
I15No2k5QFmqh89BwOau4g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD0F9525F98C63
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
59692
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript
last-modified
Thu, 28 Nov 2024 10:12:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
9155e317-401e-002b-3cd1-42d73f000000
cf-ray
8ec6717c485f24c0-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
7212
x-ms-blob-type
BlockBlob
server
cloudflare
b83c7f13-6543-4feb-a0f9-493fe48a3516.json
cdn-ukwest.onetrust.com/consent/b83c7f13-6543-4feb-a0f9-493fe48a3516/
4 KB
2 KB
XHR
General
Full URL
https://cdn-ukwest.onetrust.com/consent/b83c7f13-6543-4feb-a0f9-493fe48a3516/b83c7f13-6543-4feb-a0f9-493fe48a3516.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a31271af3abb3a6e62f7f15bde8f27623f30b5482a97a1bb49d61e31b8e18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Mdb/87JifZm8ycGGdGKNWg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC9448E7994621
age
36645
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/x-javascript
last-modified
Mon, 24 Jun 2024 12:26:42 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
dc3a2909-501e-0008-53d8-3c4dfc000000
cf-ray
8ec6717cd863bc6c-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
1558
x-ms-blob-type
BlockBlob
server
cloudflare
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/
451 KB
110 KB
Script
General
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Ryx3T13YxV6i1yEKSnAPIA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E43E825D91
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
65876
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/javascript
last-modified
Tue, 16 Jul 2024 22:11:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
4310aa2a-501e-0037-6bd8-3c855f000000
cf-ray
8ec6717d399924c0-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
112015
x-ms-blob-type
BlockBlob
server
cloudflare
en.json
cdn-ukwest.onetrust.com/consent/b83c7f13-6543-4feb-a0f9-493fe48a3516/019035ed-cd61-79c1-8ad2-2d74d8cd620d/
124 KB
23 KB
Fetch
General
Full URL
https://cdn-ukwest.onetrust.com/consent/b83c7f13-6543-4feb-a0f9-493fe48a3516/019035ed-cd61-79c1-8ad2-2d74d8cd620d/en.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e22cd472c4da9bfb2c299238b23afc4483374d27ef771471acdda0de1e0123ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
DzE2p+ZTUyXyhC7+7R4oBQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DC9448E940FC0C
age
36645
x-ms-lease-status
unlocked
x-ms-version
2009-09-19
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/x-javascript
last-modified
Mon, 24 Jun 2024 12:26:45 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
44d9c528-601e-0085-7ed8-3c7a2e000000
cf-ray
8ec6717da93bbc6c-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
23680
x-ms-blob-type
BlockBlob
server
cloudflare
otFlat.json
cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/assets/otFlat.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc11897bd686817da4d462b4fc503101091e6df96894ef4f58a7546285013a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
4TCnvX7DV08Uu9DR6YJNHQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E43830FBFC
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
36645
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:11:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
5a7a7567-b01e-0062-4ad8-3c95d4000000
cf-ray
8ec6717e0996bc6c-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
3010
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/assets/v2/otPcCenter.json
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d5103576ca3021541a6eb4ece82f19b2b2ac610297ccb565da0fdcc8bf479e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
ndTXzqjNmA00/Jt9SANbwQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCA5E439AF39A8
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
36645
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/json
last-modified
Tue, 16 Jul 2024 22:11:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
3a8a664f-801e-0034-70d8-3c643b000000
cf-ray
8ec6717e0998bc6c-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
12748
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/202405.2.0/assets/otCommonStyles.css
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
9eusssrwoAzVOVsIadvhfQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
36645
content-encoding
gzip
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
text/css
last-modified
Tue, 16 Jul 2024 22:11:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
f360114f-101e-0019-16d8-3cd748000000
cf-ray
8ec6717e099abc6c-ZRH
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn-ukwest.onetrust.com/logos/static/
497 B
489 B
Fetch
General
Full URL
https://cdn-ukwest.onetrust.com/logos/static/ot_guard_logo.svg
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
36645
content-encoding
gzip
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Nov 2024 10:12:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
84b98cde-d01e-0016-6f90-41a124000000
cf-ray
8ec6717e6a13bc6c-ZRH
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
TMF_Group_Logo_strapline_RGB-positive.png
cdn-ukwest.onetrust.com/logos/f8c5cca0-9998-42be-aa51-be79667525ee/b83c7f13-6543-4feb-a0f9-493fe48a3516/
22 KB
23 KB
Image
General
Full URL
https://cdn-ukwest.onetrust.com/logos/f8c5cca0-9998-42be-aa51-be79667525ee/b83c7f13-6543-4feb-a0f9-493fe48a3516/TMF_Group_Logo_strapline_RGB-positive.png
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa484b7c5c436a71aae2566feab2a6c357e77cc4bc716030f5d0b333cb963e2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
4LXs7ZThqFTykX+IY3+eug==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D76AE9854D703D
age
36645
cf-cache-status
HIT
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/octet-stream
last-modified
Sat, 16 Nov 2019 23:05:49 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
f4d3c688-f01e-005c-59d8-3c02ab000000
cf-ray
8ec6717e7b7324c0-ZRH
accept-ranges
bytes
access-control-allow-origin
*
content-length
23003
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn-ukwest.onetrust.com/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn-ukwest.onetrust.com/logos/static/powered_by_logo.svg
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
66588
content-encoding
gzip
expires
Wed, 04 Dec 2024 20:52:56 GMT
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Nov 2024 10:12:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
x-ms-request-id
8f21cb6f-f01e-0001-4a8f-41082f000000
cf-ray
8ec6717e7b7524c0-ZRH
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
collect
pagead2.googlesyndication.com/ccm/
0
0
Ping
General
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.tmf-group.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2036057100.1733259177&npa=1&gtm=45He4bk0v6281779za200&gcs=G100&gcd=13p3p3p3p5l1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733259176926&tfd=1150&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P1JFPZWSDV&gtm=45je4bk0v891094372z86281779za200zb6281779&_p=1733259176148&gcs=G100&gcd=13p3p3p3p5l1&npa=1&dma_cps=-&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=676201543.1733259177&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1733259176&sct=1&seg=0&dl=https%3A%2F%2Fwww.tmf-group.com%2F&dt=TMF%20Group%20%7C%20Global%20compliance%20and%20governance%20experts&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_count=0&tfd=1161
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.tmf-group.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 20:52:57 GMT
content-type
text/plain
server
Golfe2
src=9795584;dc_pre=CNP6ssy9jIoDFRDLOwIdiIw8KA;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9190725216z86281779za201zb6281...
ade.googlesyndication.com/ddm/activity/
Redirect Chain
  • https://ade.googlesyndication.com/ddm/activity/src=9795584;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9190725216z862817...
  • https://ade.googlesyndication.com/ddm/activity/src=9795584;dc_pre=CNP6ssy9jIoDFRDLOwIdiIw8KA;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;fr...
42 B
118 B
Image
General
Full URL
https://ade.googlesyndication.com/ddm/activity/src=9795584;dc_pre=CNP6ssy9jIoDFRDLOwIdiIw8KA;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9190725216z86281779za201zb6281779;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.tmf-group.com%2F?
Requested by
Host: www.tmf-group.com
URL: https://www.tmf-group.com/
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Dec 2024 20:52:57 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ade.googlesyndication.com/ddm/activity/src=9795584;dc_pre=CNP6ssy9jIoDFRDLOwIdiIw8KA;type=rm;cat=slall0;ord=1617570133839;npa=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=denied;frm=0;gtm=45fe4bk0v9190725216z86281779za201zb6281779;gcs=G100;gcd=13p3p3p3p5l1;dma_cps=-;dma=0;tag_exp=101925629~102067555~102067808~102081485;epver=2;~oref=https%3A%2F%2Fwww.tmf-group.com%2F?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Dec 2024 20:52:57 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 5F69
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Fwww.tmf-group.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9M235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
12922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Dec 2024 17:17:35 GMT
expires
Wed, 03 Dec 2025 17:17:35 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
www.tmf-group.com/images/
15 KB
2 KB
Other
General
Full URL
https://www.tmf-group.com/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329e0aa7108f43a2f71f4a5606d7c7ac861f54cb3552899ce43a107fe9b76841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.tmf-group.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1db1bbebf03dc2e"
age
195029
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 20:52:57 GMT
date
Tue, 03 Dec 2024 20:52:57 GMT
content-type
image/x-icon
last-modified
Fri, 11 Oct 2024 09:20:00 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=604800
content-security-policy-report-only
default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; font-src https: data: fonts.gstatic.com; frame-src https: player.vimeo.com;
referrer-policy
same-origin
request-context
appId=cid-v1:e88d2448-b71e-4416-ae50-4a728b5d5f3f
cf-ray
8ec67180fc67bc4e-ZRH
server
cloudflare
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.tmf-group.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 03 Dec 2024 20:52:56 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/
96 B
200 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.gbl.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
808f9d3d754c5015abfc0409ebeadad3136af4f0eba6f6296dad5c48c28ba3a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Tue, 03 Dec 2024 20:52:56 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| appInsights function| gtag object| dataLayer object| UTM_COOKIES object| gsapVersions boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| Prism object| _gsap function| _scrollTop function| _scrollLeft function| FindApi object| Microsoft object| __dynProto$Gbl object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| onYouTubeIframeAPIReady function| OptanonWrapper object| OtTrustedType object| otStubData object| Optanon object| OneTrust string| OnetrustActiveGroups string| OptanonActiveGroups object| gaGlobal

8 Cookies

Domain/Path Name / Value
.www.tmf-group.com/ Name: ARRAffinity
Value: 680a3a5f239b312d26eff77d41f1ac2ad0451ffc2f9a08958de366946bf3ab83
.www.tmf-group.com/ Name: ARRAffinitySameSite
Value: 680a3a5f239b312d26eff77d41f1ac2ad0451ffc2f9a08958de366946bf3ab83
.tmf-group.com/ Name: aePageCount
Value: 1
www.tmf-group.com/ Name: ai_session
Value: W+D44plJesd6Z+13Y8wmgV|1733259176507|1733259176507
.www.tmf-group.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Dec+03+2024+21%3A52%3A56+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202405.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=995d0b41-c1fd-47c7-ba9a-0a8af866d687&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.tmf-group.com%2F&groups=C0003%3A0%2CC0001%3A1%2CC0002%3A0%2CC0004%3A0
.vimeo.com/ Name: vuid
Value: pl1366221320.1104345817
.vimeo.com/ Name: __cf_bm
Value: yiCluKdqGJhgkf554WwmD4RpIh5aMyvKKP2evqDbnVc-1733259177-1.0.1.1-MT_JH5208uIe5c76rosDEV6D.l9IJssOd9FzYy213MrfTM0YTPNAxTWGX.6QkgSh
.vimeo.com/ Name: _cfuvid
Value: 2AHGNrKdtoQ_7fG9h4yjoXFYFXOOOIpFkhl7QXCttZs-1733259177181-0.0.1.1-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https: ; script-src 'self' 'unsafe-inline' https: blob: *.googletagmanager.com *.vimeocdn.com *.gstatis.com; style-src 'self' 'unsafe-inline' https: fonts.googleapis.com; img-src 'self' https: data: ; connect-src 'self' https: wss: *.hotjar.com *.onetrust.com *.google-analytics.com *.visualstudio.com *.googlesyndication.com *.svc.dynamics.com *.google.com google.com *.linkedin.com *.doubleclick.net *.teads.tv *.clarity.ms *.zi-scripts.com *.mktoresp.com *.site24x7rum.eu *.zoominfo.com assets-eur.mkt.dynamics.com cxppusa1formui01cdnsa01-endpoint.azureedge.net public-eur.mkt.dynamics.com *.hotjar.io; font-src 'self' https: data: fonts.gstatic.com; frame-src https: player.vimeo.com www.googletagmanager.com; child-src 'self' *.vimeo.com *.doubleclick.net a78f1e16211141f6b069bb3c4b0c784d.svc.dynamics.com *.teads.tv *.infogram.com; report-uri /api/reporting/; report-to csp-endpoint;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
cdn-ukwest.onetrust.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
js.monitor.azure.com
pagead2.googlesyndication.com
player.vimeo.com
region1.google-analytics.com
www.googletagmanager.com
www.tmf-group.com
142.250.184.194
142.250.185.195
142.250.185.98
162.159.138.60
20.50.88.238
2001:4860:4802:34::36
2606:4700:4400::6812:25b7
2606:4700:4400::ac40:9b77
2620:1ec:bdf::45
2a00:1450:4001:809::2008
2a00:1450:4001:80e::200a
0e44c5d8f24d4f008dde8b50e513cc871155957f1f35786ca688acf274693a20
12e7192855d64b8867e792c9e0359a8e0b5ae2e2c9286007c9e4b881d86e7e07
15d90c5abb08179fdda46b0905fb6cecf035de75ed6ed5dbc6e1d1d692ae8872
1a2a91741c7e3fa1afea88763599bd853e355bf0838592d8ccd4c06ecb137e12
2087181d384bb214fea41e28825af3951297d6ffc732ac1dd7abf98bdec66df0
284edcef9104b2738b5a90f9b221fa2cc6c78da6aeb447f517437294c20a2de2
329e0aa7108f43a2f71f4a5606d7c7ac861f54cb3552899ce43a107fe9b76841
38ad89bd2ad2e626428021e69af1918025836a9f34c51e5b125066ac4a36b304
3ba84b70d52af16111031035942b9cab6aa38ecba9a2f9e4483be94754b6422e
402dda334f81814b077c20d0d093636239c027f3e82996fd7c12cb91aa57540a
4ca3b67c17d10be5af0a21a9feccaac209e5bc615c7ed16233990859fcddc18e
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4f69f5cc682116d3795ed4cb0320281ae0088bebcf59cbc25f22e58d4dd1a19e
56c7e3bb0d9fe8fb3140397ba683feb438758cbb5f4207d34494e685684aa61a
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
600a829da3366aa9d039b92faff2656228a36aaaf77a0600a5aab6bd8c6977e9
67004276e5cbe57d0cc96a32bd76d47b1daf4f91f52f807df4d8f9259c69b844
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
808f9d3d754c5015abfc0409ebeadad3136af4f0eba6f6296dad5c48c28ba3a2
80f07c895c0acc09f50acb45fd152bb8c7f879e9852af8d4dc52dc28f9368efa
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
96643bfad5a17eada947d707441559202c83a2cc9acb28aa860b7d64e3e55747
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b66fa348ef1a56e5f4950de4f64cc28930b95d80504664a95612c8ab6e04b6cb
baa18642508f7f8c0be1985084f56bbbcdfa5edc0844e360f43cf6a38d7f11d1
bcab42667c28ab5566515218b4bb60f7609e097063e54c0d66378f47f438ab74
c3a31271af3abb3a6e62f7f15bde8f27623f30b5482a97a1bb49d61e31b8e18f
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
c8c52b3f1490a1895378566155dfc4122a47cbb0a400fdbc843b4278df1c5362
cc11897bd686817da4d462b4fc503101091e6df96894ef4f58a7546285013a84
d1a245d36c059730856d5ad6df48249f0453a531e5d0936cce6dfa9bd9d846b8
dc3497182ef2f489ac2a4acb35d0ef891a545d5b7c974158e5c2846c5d11ec9e
e12890f561b2d82837aa475023d344a117525b2368eaaf7f5567b0aacacdb415
e22cd472c4da9bfb2c299238b23afc4483374d27ef771471acdda0de1e0123ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99fdfc0d6bda789145a58a79dddb7c9337e414801f60cd9d50f640ae2fce482
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17df2cfc223105d856837bbe0ae9f03220119e361b00673903687d26aff00af
f4d5103576ca3021541a6eb4ece82f19b2b2ac610297ccb565da0fdcc8bf479e
f7d117525e5ce14232c97be368100f461696726f5e07160e9beddd107fd4ba2a
fa484b7c5c436a71aae2566feab2a6c357e77cc4bc716030f5d0b333cb963e2c