ue.thomsonreuters.com Open in urlscan Pro
2600:9000:223c:600:14:6298:ec00:93a1  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://cm.everesttech.net/cm/dd?d_uuid=11034190561434856342703118680953696414 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZVHygAAAJzSZgP7

Request Chain 52

• https://idsync.rlcdn.com/365868.gif?partner_uid=11034190561434856342703118680953696414 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTEwMzQxOTA1NjE0MzQ4NTYzNDI3MDMxMTg2ODA5NTM2OTY0MTQQABoNCMuP1YwGEgUI6AcQAEIASgA HTTP 307
• https://dpm.demdex.net/ibs:dpid=477&dpuuid=6b647a344dba0e764be813f76e089ac3cfb48b1f9afb005f9f4d26f8ce775c70b0da87c991749652

Request Chain 63

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=aebd5df0-4791-41d3-8984-bdf2bd1eb1d6

Request Chain 70

• https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aBbLrGoQkftzRsasaRTfrWoSkK5zH8T4OEX8ZnNI

Request Chain 73

• https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623075173661409402

Request Chain 80

• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=11034190561434856342703118680953696414?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=11034190561434856342703118680953696414?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e2c4bbe2a3deac2dea7dbef6ebf362e4

Request Chain 90

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpWSHlnQUFBSnpTWmdQNw== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVpWSHlnQUFBSnpTWmdQNw==&google_tc=

Request Chain 93

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZVHygAAAJzSZgP7&expires=90

Request Chain 94

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZVHygAAAJzSZgP7 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZVHygAAAJzSZgP7&C=1

Request Chain 95

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=YZVHygAAAJzSZgP7 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZVHygAAAJzSZgP7

Request Chain 96

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZVHygAAAJzSZgP7 HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZVHygAAAJzSZgP7

Request Chain 97

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZVHygAAAJzSZgP7

Request Chain 98

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZVHygAAAJzSZgP7&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZVHygAAAJzSZgP7&img=1&__user_check__=1&sync_id=f7be294c-47d2-11ec-8f2b-1cf699440106

Request Chain 99

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZVHygAAAJzSZgP7&t=2592000&o=0

Request Chain 100

• https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=11034190561434856342703118680953696414&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb HTTP 302
• https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=11034190561434856342703118680953696414&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=f7dea2b0-47d2-11ec-8ca5-c12cff8885e2&timestamp=2021-11-17T18%3A19%3A56.891Z

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pay Show response ue.thomsonreuters.com/en-us/account/billing/guest/	3 KB 3 KB	498ms 403ms	Document text/html	2600:9000:223c:600:14:6298:ec00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:600:14:6298:ec00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash ab26888a3b542b8a7bc4d2156d35154ff72d72653042d1edc5fe2b90f48da874 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html;charset=utf-8 content-length 1308 date Wed, 17 Nov 2021 18:19:54 GMT server Apache strict-transport-security max-age=31536000; includeSubDomains x-frame-options SAMEORIGIN expires Thu, 01 Jan 1970 00:00:00 GMT x-content-type-options nosniff content-encoding gzip x-ua-compatible IE=edge x-dispatcher dispatcher2useast1 x-vhost publish content-disposition inline vary Accept-Encoding,User-Agent x-cache Miss from cloudfront via 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 x-amz-cf-id O8zu3cp1q56Y0tgAS1Ay0hXe6VRw0GrmmglMh9_5cB1URx--4bvjxA==
GET H2	200	launch-f185a872eb60.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/	300 KB 87 KB	111ms 63ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash af3ada59cba84f8b8e380725a06cf9b0bc41c3d75032e26931daa897a4bb26a1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 15:17:31 GMT server AkamaiNetStorage etag "57d648eb9ad352a4027ba7dc78ad1542:1634138251.948508" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 88137 expires Wed, 17 Nov 2021 19:19:54 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	19 KB 7 KB	40ms 21ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Lh0CEVPkmGuwf4KyqdKdhw== age 2851 vary Accept-Encoding content-length 6403 x-ms-lease-status unlocked last-modified Wed, 17 Nov 2021 07:57:28 GMT server cloudflare etag 0x8D9A99FE69AC5E2 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 3993dfab-c01e-0087-1596-db8dc9000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6afaf8509d294a56-FRA
GET H2	200	adrum-20.5.0.3144.js Show response cdn.appdynamics.com/adrum/	96 KB 35 KB	36ms 9ms	Script application/javascript	52.222.214.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-29.fra56.r.cloudfront.net Software nginx/1.16.1 / Resource Hash 46547e117710b803e062343a99519eb2a27293b8346f7a008a4cb8d39bebf95f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 25 Oct 2021 17:11:10 GMT content-encoding gzip age 1991324 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 15 May 2020 21:07:15 GMT server nginx/1.16.1 etag W/"5ebf0483-18065" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript via 1.1 920a6dce56a0ee957dbaa3bf4429f8ff.cloudfront.net (CloudFront) cache-control public, max-age=2678400, s-max-age=14400 x-amz-cf-pop FRA56-P3 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id PwJtVttKh2ML3NKqwE5NghLZARvzRdTLrAaw_wyDi1ecTSVaCs5XuA==
GET H2	200	bootstrap.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/	155 KB 49 KB	100ms 32ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/bootstrap.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 092c3579ed3375d5e3970c2145c82fd28dc38940724978b557d3fecbb5b079b2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:44 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:10 GMT server AmazonS3 age 19331 etag W/"2afe6283a1ee142dc378e6b41eafd607" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id q-Gt1MyAbYthPX8fB0gv1niBUbIIyc5D7lBKTN6rx20hBtqh-5Citw==
GET H/1.1	200 OK	id Show response dpm.demdex.net/	4 KB 2 KB	203ms 74ms	XHR application/json	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1637173194526 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash e2c868ebcb8e44c6247129b95e569f1aa6fc50f56475f074505a7eee5b238c61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-2-v019-0abf208d3.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID fg2sU/JcSjk= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://ue.thomsonreuters.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 1307 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	EX51db1eb10f11458096d1e6ca794cce82-libraryCode_source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/	45 KB 17 KB	21ms 21ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/EX51db1eb10f11458096d1e6ca794cce82-libraryCode_source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 83745aef5b250a4349d1e5ac664901105828b473be1d9f9b40e12512bc38a01c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 15:17:32 GMT server AkamaiNetStorage etag "b9eabb4670f41e2b44719f54b374a864:1634138252.770309" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 16834 expires Wed, 17 Nov 2021 19:19:54 GMT
GET H2	200	AppMeasurement_Module_AudienceManagement.min.js Show response assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/	25 KB 9 KB	20ms 20ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_AudienceManagement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip last-modified Wed, 18 Aug 2021 21:04:02 GMT server AkamaiNetStorage etag "46ddc14338df08a965a4d5269b73d1ad:1629320642.34831" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 8763 expires Wed, 17 Nov 2021 19:19:54 GMT
GET H2	200	8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json Show response cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/	4 KB 2 KB	80ms 62ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d14fa1934102b4493dc5391177f0042f607f9702e9c3264695ce075c56672e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 fTfyOupKjfMqmjcKhzh2yQ== content-length 1549 x-ms-lease-status unlocked last-modified Thu, 02 Sep 2021 11:43:48 GMT server cloudflare etag 0x8D96E06ED9EED74 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id a68bf675-c01e-0129-3edf-dbe8f1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 6afaf8522ccc4aa3-FRA
GET H2	200	78.17675ce8.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	1 MB 342 KB	25ms 25ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e27c51adf8de961aa8003a4f0ef398c28586d15e0549a363e7f8fd33a2e38fc Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:45 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19330 etag W/"d5ba8008b436d8dd434c24d610ae720c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id 9uy5IykaOOveseRkoax4B1IzKWXD0LcPxI63kmS6VDVvNK09nYU7tg==
GET H2	200	app-main.4085d38b.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/	406 KB 72 KB	17ms 17ms	Stylesheet text/css	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e9b9e4615dfae2bc91b6c2e86aea9f79dd139b43310621a089355a8a28dd013e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:45 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 19330 etag W/"5f3389ddff382d66479f6c91b2f11772" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id vbvfO_u7wM-7ed032uahGam6gZi4YIffT7UHvWQDGoqgsYhHNUuebQ==
GET H2	200	app-main.b6ef2b1b.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	267 KB 51 KB	11ms 11ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/app-main.b6ef2b1b.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79237be64fdf83ff645a660c3d17e39d9e14bd0684f3c06486229520e9b3bb05 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:45 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 19329 etag W/"69ed999ee917f1a03de317bc69bf4bec" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id Jvvd1S0lovA1BX3YNbIfa_4PbbVtjAkTsnON8lLS1fYD7LYhqc3OhQ==
GET H2	200	hotjar-1846625.js Show response static.hotjar.com/c/	7 KB 3 KB	63ms 41ms	Script application/javascript	18.66.97.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1846625.js?sv=6 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 41eece4bcc000b497bf9f41f2844592c7d634c83fd50b25fa234904cdd4e9f94 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:54 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop FRA56-P2 etag W/2ad14caab9dc7dbceb403ed111dcaa28 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id YrU3bYSPZBxyGm9-H5YP1zf6X2TNScZ1s2kX0AqK5li-duJT5LVG2w== via 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	164 B 373 B	48ms 29ms	Script text/javascript	2606:4700:10::6814:b844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6afaf852bd0d1786-FRA
OPTIONS H2	200	anonymous sdk.split.io/api/mySegments/ Frame	0 0	77ms 29ms	Preflight	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Wed, 17 Nov 2021 18:19:54 GMT via 1.1 varnish x-served-by cache-fra19124-FRA x-cache HIT x-cache-hits 0 x-timer S1637173195.783644,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
OPTIONS H2	200	splitChanges sdk.split.io/api/ Frame	0 0	75ms 29ms	Preflight	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Wed, 17 Nov 2021 18:19:54 GMT via 1.1 varnish x-served-by cache-fra19124-FRA x-cache HIT x-cache-hits 0 x-timer S1637173195.783738,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
GET H2	200	anonymous Show response sdk.split.io/api/mySegments/	17 B 437 B	32ms 31ms	Fetch application/json	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains via 1.1 varnish, 1.1 varnish etag "1000002--gzip" age 222939 x-cache HIT, HIT content-encoding gzip content-length 37 x-request-id 1ym9lswgtql x-served-by cache-dca17745-DCA, cache-fra19124-FRA x-timer S1637173195.813689,VS0,VE1 date Wed, 17 Nov 2021 18:19:54 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17774-DCA-15185ae1-81e7-4b4a-a8b2-350109b40792; cache-fra19127-FRA-c6d84e4c-2025-4288-a298-374c3db2176d accept-ranges bytes x-cache-hits 1, 1
GET H2	200	splitChanges Show response sdk.split.io/api/	143 KB 10 KB	117ms 117ms	Fetch application/json	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b482a279513b7ae1267d30a54a51d3cbb54a2b4de31d83aab07fbc0bfe975b26 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip etag "-541919591--gzip" age 0 x-cache MISS, MISS content-length 10023 via 1.1 varnish, 1.1 varnish x-request-id 1ypxlf8u9ya x-served-by cache-dca17767-DCA, cache-fra19124-FRA last-modified Tue, 16 Nov 2021 16:26:16 GMT x-timer S1637173195.813807,VS0,VE105 date Wed, 17 Nov 2021 18:19:54 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17767-DCA-dd9f56b2-67a5-41ce-a52e-725644f2e745; cache-fra19124-FRA-0da54027-060b-4391-a75c-48c2c89c0fbf accept-ranges bytes x-cache-hits 0, 0
GET H/1.1	200 OK	pendo.js Show response cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/	434 KB 135 KB	240ms 137ms	Script application/javascript	18.66.112.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.112.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash 2639dd44b3cb7d203cc8df12185fe7927a28144df2d4f43b23bdba0055fb0ad7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 18:19:54 GMT Content-Encoding gzip X-Amz-Cf-Pop FRA56-P5 X-GUploader-UploadID ADPycdvanRHY8iSOkajhHKLVsZo3ANne14vlLWRg1L21bxT1OTNZ3_YIIKkclN_orrgYK8xUXr3c7LJjxeWXPj8D44k X-Cache Miss from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip Connection keep-alive Content-Length 137606 Access-Control-Allow-Origin * Last-Modified Mon, 15 Nov 2021 20:08:07 GMT Server UploadServer ETag "1a73e438070aeb1bb192ae1c9852a819" Vary Accept-Encoding x-goog-hash crc32c=lxuZCg==, md5=GnPkOAcK6xuxkq4cmFKoGQ== x-goog-generation 1637006887630235 Via 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront) Access-Control-Expose-Headers * Cache-Control max-age=450 x-goog-stored-content-length 137606 Accept-Ranges bytes Content-Type application/javascript X-Amz-Cf-Id BkMo5uycnvFWERJLzir3Y2K_59sgkz4kmTkOtVzzc0tFdpPdoa1A5A== Expires Wed, 17 Nov 2021 18:27:24 GMT
GET H2	200	5.1c703b7c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	28 KB 10 KB	23ms 23ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/5.1c703b7c.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb0d95bc0d9ffed5f9bf4c94fc7f9b465da1d58a92f2accc26f0bc719b7b121a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19328 etag W/"6f710ce8f4f321b1fabeda1e1647bbd7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id 01NNy2LXNAnuwNi0jUSWpBJ3Y_dhHsbKbQS5zh1SyGqk1uMHhLZ9oQ==
GET H2	200	20.ea05e37e.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	13 KB 4 KB	14ms 14ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/20.ea05e37e.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b466402e6ffda6c021cde3ce3067982ecec1e55a34b24928ef86cfd9caebdcba Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19328 etag W/"e95c3699ce4f9b5b07ac444dbcd2c2cd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id KUQC5a-XcTG4mX1Rd8NpuFjf_MNNWwHd4pjOJtoGCRLWlyDeaZpzYg==
GET H2	200	102.a87fe895.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	3 MB 627 KB	16ms 15ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/102.a87fe895.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 11bc1d0f69838d8b261cd9290f2bd1dc7c2a9bde1330e9074a412197e171b302 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 19328 etag W/"6045ee5ba882a6d19145638bfdd025a9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id a3rlimp5Bpn1naQubaontvvkEgEhO1hu5FAb72L9VwZb3QzJAl0JmQ==
GET H2	200	1.caf361d7.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	91 KB 22 KB	11ms 10ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/1.caf361d7.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d1a0d5445dc8b362c131a365cc260a585c2d21cb285167cc6fd94f39c5989882 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 19328 etag W/"f97466c5147c0cca78d52ffa0bed9f53" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id cPdxn_F_m6QkFbnd7ZaATNtqkyPL9wbLLCIMsubDFeU1B5S3TM_ByA==
GET H2	200	components-app.3726d609.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/	5 KB 2 KB	12ms 11ms	Stylesheet text/css	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/components-app.3726d609.chunk.css Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 77887f78525ca805b6913bf76ce1f5c797d3b8beb9e9e4733bd1c14b5a656810 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 19328 etag W/"da515f5b607c8a5b25a391f8e5beadce" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id cgxz_keMjFLY6dzVwB5ieuTF-MwYoyT5LeKPkv_UHgosPQFY2be5NQ==
GET H2	200	components-app.0b3a4a8c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	37 KB 12 KB	12ms 11ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/components-app.0b3a4a8c.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4bc48f1faf8e723569dcb3a643d17f0112c8877c1baba2fc9c4d73fdf586d1af Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 19328 etag W/"c91c450dd83e40bb2a8a25249021c4d0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id tLiwDmK_6JggFnjLympQ78Yf5ytxySv3rijoHjnt0HOS7mzjif8D_w==
GET H2	200	interact-localizaion-provider.a9e65c74.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	5 KB 2 KB	13ms 12ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/interact-localizaion-provider.a9e65c74.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4758e84baebf1295dad2a35abb029de0dc15fad6c32ff1d77423ab45ae83be26 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 19328 etag W/"5c3c78deae068907bb9513e602c50fc2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id 4twvuLVMhFwz8JiSEwAaKhkrimgVsSkmkzddwSU3rxgdZzAN2S1Y6A==
GET H2	200	159.1d3ef687.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	4 KB 2 KB	22ms 21ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/159.1d3ef687.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2c24a89d27ce5ed7a6afbc7276dd8a5fd484983caa53e82b57853e81f966658 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19328 etag W/"6c89bb7d31375c979c67b9c500be4581" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id fpcrQbtTW9FHr5cWFHBRaJiFAYVg6Yl8xYZMQGhjuc9R15XvUPfYuQ==
GET H2	200	160.60bf1b77.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	8 KB 4 KB	14ms 14ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/160.60bf1b77.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3e10dbf66c17d428df0e5df2640617c003933b89b6112de84ebb325b535f1f54 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19328 etag W/"94f565e92a76cde2e3629bfcb372cdba" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id bjKK1_8PHf7zA9ES-K102EV4Ui0qz8-_NVFtM3F8TpLvRG8vnBcWkg==
GET H2	200	163.8afb06ca.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	2 KB 1 KB	19ms 18ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/163.8afb06ca.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e2b328fe775e6a494a17d51064d57494cc8877ccc570897753d902a572cb0dd Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:47 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19328 etag W/"59fda9d8ae6e3b72fb3bb44bbf3159d1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id 54V_dSCT1HKz1I1pgaI40b38y1TTlnl5krHOA2BuuNK7JwHY1Wa3jw==
GET H/1.1	200 OK	dest5.html Show response westthomson.demdex.net/ Frame 6B86	7 KB 3 KB	216ms 45ms	Document text/html	108.128.92.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomson.demdex.net/dest5.html?d_nsid=0 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-92-179.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip Content-Type text/html;charset=UTF-8 date Wed, 17 Nov 2021 18:19:54 GMT DCS dcs-prod-irl1-1-v019-0886f2468.edge-irl1.demdex.com UNKNOWN Expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Thu, 14 Oct 2021 10:46:54 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains vary accept-encoding X-TID Y8zfpNxeSdU= Content-Length 2791 Connection keep-alive
GET H2	200	id Show response westthomsoncom.sc.omtrdc.net/	2 B 320 B	114ms 23ms	XHR application/x-javascript	13.36.218.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=10981178796557588682733128294214993480&ts=1637173194759 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-36-218-177.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 17 Nov 2021 18:19:54 GMT x-content-type-options nosniff server jag xserver anedge-6988cccb6f-pptml vary Origin x-c main-1542.If2e2aa.M0-523 p3p CP="This is not a P3P policy" access-control-allow-origin https://ue.thomsonreuters.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YZVHygAAAJzSZgP7 dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=11034190561434856342703118680953696414 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZVHygAAAJzSZgP7	42 B 945 B	37ms 36ms	Image image/gif	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZVHygAAAJzSZgP7 Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol HTTP/1.1 Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-03345fb8d.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID urMU7kuxSWw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZVHygAAAJzSZgP7 Date Wed, 17 Nov 2021 18:19:54 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response westservicesinc.tt.omtrdc.net/rest/v1/	288 B 516 B	200ms 70ms	XHR application/json	34.252.166.160 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=cf000b64fef044268182cdb7da3f30c9&version=2.6.1 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.252.166.160 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-166-160.eu-west-1.compute.amazonaws.com Software / Resource Hash 928be87f9475d19c1cd3fbd299db84c1ab7495b59bdafc99be78a7510fabda21 Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ue.thomsonreuters.com date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip access-control-allow-credentials true vary origin,access-control-request-method,access-control-request-headers,accept-encoding x-request-id 928af3b47032b40453a27546d6555fee content-type application/json;charset=UTF-8
GET H2	200	auth Show response auth.split.io/api/	621 B 997 B	105ms 105ms	Fetch application/json	3.232.214.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/auth?users=anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.232.214.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-214-163.compute-1.amazonaws.com Software / Resource Hash 1f8aa9929b1c68c1d03e4184b618c17c00b7eb5f0d30c5b43ac4d33ab7f5f223 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers date Wed, 17 Nov 2021 18:19:55 GMT strict-transport-security max-age=15770000; includeSubdomains access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://ue.thomsonreuters.com access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion content-length 621
OPTIONS H2	200	auth auth.split.io/api/ Frame	0 0	341ms 98ms	Preflight application/json	3.232.214.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/auth?users=anonymous Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.232.214.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-214-163.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-type application/json; charset=utf-8 content-length 4 access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion access-control-allow-methods GET, OPTIONS access-control-allow-origin https://ue.thomsonreuters.com strict-transport-security max-age=15770000; includeSubdomains
GET H2	200	modules.1810afb089b838b62ed8.js Show response script.hotjar.com/	226 KB 60 KB	79ms 16ms	Script application/javascript	18.66.112.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.1810afb089b838b62ed8.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2147901a5a424ea92ad2fd2457976c46765880cf4d267aa711df70d026912ab7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 13:25:06 GMT content-encoding br x-content-type-options nosniff age 17688 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 60615 access-control-allow-origin * last-modified Wed, 17 Nov 2021 13:25:01 GMT etag "1f23634605f98b007e0df34e60106bb8" vary Accept-Encoding content-type application/javascript via 1.1 5c14dc328191a14142654d833f772c6d.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-P5 accept-ranges bytes x-robots-tag none x-amz-cf-id 2UOadyAK-Zz_arETPBJ3xkm4XCFMCsnE9u2h7iahF9uwG2hEez8yiQ==
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.22.0/	311 KB 74 KB	35ms 35ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:54 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Uj6Yo16pL9bm0y1nKKjJjg== age 2571142 vary Accept-Encoding content-length 75930 x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:18 GMT server cloudflare etag 0x8D962BA8ADAEF03 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 3f4f46b5-901e-0058-4c6c-c4dc9d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6afaf8535b564a56-FRA
GET H2	200	box-ad575b5823df97fc9725e14a57070642.html Show response vars.hotjar.com/ Frame BDF2	2 KB 1 KB	51ms 15ms	Document text/html	18.66.139.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ Response headers content-type text/html content-length 1050 date Tue, 16 Nov 2021 11:16:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "a123045c9cc95cfe44d6b5d126b9f1a7" last-modified Tue, 16 Nov 2021 11:15:47 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 dd4531988f4862a3b186f9d3356a6a75.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 x-amz-cf-id La1idBIlu7d7PtiFBNhvk6GYx_JcI4bS1WaRG6BHt6FR2gnvLwpHYg== age 111828
GET H2	200	css fonts.googleapis.com/	2 KB 917 B	47ms 18ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 17 Nov 2021 17:56:00 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 17 Nov 2021 18:19:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 17 Nov 2021 18:19:54 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ff059805-8ecd-4595-8c8d-1d261c8669b7/	25 KB 9 KB	43ms 43ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3da96d49315051625567ea098c5cefbdaa4be908b8e10e54076e7b3f0e02905 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 pWKxSCWuVkXA0iSxk7n/dQ== content-length 8598 x-ms-lease-status unlocked last-modified Thu, 02 Sep 2021 11:43:57 GMT server cloudflare etag 0x8D96E06F3406B33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 2b6ba93b-e01e-0075-4cdf-db5f5d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 6afaf854ca454aa3-FRA
GET H2	200	51.7b3e4bcd.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	115 KB 28 KB	12ms 12ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/51.7b3e4bcd.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8dedb0d4915ab00150a5f8a0e51c51d7319104b7d61480a5d8c6a8ab8f6faf83 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:48 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 19328 etag W/"596146ba015ace57e741361ee416a4e5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id qMH6wFzMZy1YNAT7isv-m18lIUT84P4YMFzgxo5HIMieU2CDK6tfKg==
GET H2	200	134.853f946a.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	20 KB 7 KB	16ms 15ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/134.853f946a.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41373d45bb5f07d95bcd89ecb128cb3b9504533960dca3764dc22030574dc4a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:48 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 19328 etag W/"1110b27cecb065274160e55d9e523548" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id XWA6GMMTUCLfKt_2TNur0ogbgkE8bGeP4Vu3avKN6C3m3zAnYL_QYw==
GET H2	200	138.b90a5a82.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/	3 KB 1 KB	13ms 12ms	Stylesheet text/css	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/138.b90a5a82.chunk.css Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a767a5fabafe269eb86467e9a4f7a0ee8f0b2e35095225ebae26551fb5cac042 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:48 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:10 GMT server AmazonS3 age 19328 etag W/"d3ae0f78c195936fcb71b5cc23ba3b23" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id eIg_FYGmYzwjmTYerdIA-unyFqgT8dlwGTlZTZQAsgxEquVE-f7gIQ==
GET H2	200	138.ccc2a41c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	12 KB 4 KB	11ms 11ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/138.ccc2a41c.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash acb8bd29c6a5f5f7aff120d12af82a00c4088dd663bc974474a1d1944d43904a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:48 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 19328 etag W/"47e816b3598dfc2807df95827a1183eb" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id LraGLIiD6P4cgqEBJckXwBg5MzUSQ-O8U286kzazo9w1vAfv5plKhw==
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	knowledge2017-regular-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	26ms 12ms	Font binary/octet-stream	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221 Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 18 Oct 2021 01:47:27 GMT via 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2651549 x-cache Hit from cloudfront content-length 39408 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "de994d71a311e3119703dd67ef632f04" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA60-P1 accept-ranges bytes x-amz-cf-id 9eoYzsORRPRw6WzFAQFpJlHflipOmFA-rfdkppKy1DxXqeSg6H3HUg==
GET H2	200	live-chat.46ba07cf.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	18 KB 4 KB	10ms 9ms	Script application/javascript	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/live-chat.46ba07cf.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ce355e39ba7a72fad476c57cace0020c2bb53c0a017ef9d24a54aa7bab105d11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 12:57:48 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 19327 etag W/"b447011c1353f0b5b5840a65aff3fb20" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 75a13c74495137fb5435dc4030981df7.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA60-P1 x-amz-cf-id VG_Qc0_9jzd3XCL04x1TbYBl4FH_XwytUxpSsQwK28bV575xHHerBQ==
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	974 B 1 KB	42ms 19ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7a8929c96f623fddb12077e859b0bff4e2209735eea1a0691418267eba3e74c4 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 619 x-xss-protection 1; mode=block expires Wed, 17 Nov 2021 18:19:55 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.22.0/assets/	13 KB 3 KB	122ms 122ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 eS/vZlhjCBp2QvELx7IrSQ== vary Accept-Encoding content-length 2950 x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:10 GMT server cloudflare etag 0x8D962BA867F281F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 8821cd5d-d01e-0136-6bdf-db33e1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6afaf855bbe44aa3-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.22.0/assets/	62 KB 15 KB	120ms 120ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54b63109325575d74839e7eb0f5ce7831eb488d70ff7549b77b20463351a3433 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 0zNJrhCoPGSM6hOdGkVidg== vary Accept-Encoding content-length 14838 x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:10 GMT server cloudflare etag 0x8D962BA862FE7E2 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id b1071c14-801e-0161-25df-dbda6c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6afaf855bbe54aa3-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.22.0/assets/	20 KB 4 KB	43ms 42ms	Fetch text/css	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS content-md5 F/Fs54+x9bQK/ULkNRp4fA== vary Accept-Encoding x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 14dcd143-a01e-0079-77df-dbb1ac000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 6afaf855bbe64aa3-FRA
GET H2	200	translations.interact.en_us.json Show response ue.thomsonreuters.com/content/ue-settings/endpointsMapping/	120 KB 34 KB	331ms 331ms	Fetch application/json	2600:9000:223c:600:14:6298:ec00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ue.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/interact-localizaion-provider.a9e65c74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:600:14:6298:ec00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 36e4600db192fb96d15029bbfc6ff05557475a6639cb38587beb636376164f82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/en-us/account/billing/guest/pay User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-dispatcher dispatcher2useast1 date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop FRA56-P2 x-vhost publish x-cache Miss from cloudfront vary Accept-Encoding,User-Agent content-length 33742 x-ua-compatible IE=edge server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains content-type application/json;charset=utf-8 via 1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront) x-amz-cf-id J4nM_jN8FQW0L8DqM0KK55qT5K0-wOcKKJ-JyvGQj6LaxBtW3_4Gog== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	ibs:dpid=477&dpuuid=6b647a344dba0e764be813f76e089ac3cfb48b1f9afb005f9f4d26f8ce775c70b0da87c991749652 dpm.demdex.net/ Frame 6B86 Redirect Chain https://idsync.rlcdn.com/365868.gif?partner_uid=11034190561434856342703118680953696414 https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTEwMzQxOTA1NjE0MzQ4NTYzNDI3MDMxMTg2ODA5NTM2OTY0MTQQABoNCMuP1YwGEgUI6AcQAEIASgA https://dpm.demdex.net/ibs:dpid=477&dpuuid=6b647a344dba0e764be813f76e089ac3cfb48b1f9afb005f9f4d26f8ce775c70b0da87c991749652	42 B 945 B	35ms 35ms	Image image/gif	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=477&dpuuid=6b647a344dba0e764be813f76e089ac3cfb48b1f9afb005f9f4d26f8ce775c70b0da87c991749652 Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol HTTP/1.1 Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-0b1257949.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID LDfmhNuMScw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Wed, 17 Nov 2021 18:19:55 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dpm.demdex.net/ibs:dpid=477&dpuuid=6b647a344dba0e764be813f76e089ac3cfb48b1f9afb005f9f4d26f8ce775c70b0da87c991749652 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1846625/	146 B 323 B	107ms 39ms	XHR application/json	99.81.27.250 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-81-27-250.eu-west-1.compute.amazonaws.com Software / Resource Hash 1f93261e6db2c54e59dd3384dbb44d59a47c0118c3526bec3a3e5f52925e5243 Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/	348 KB 137 KB	33ms 9ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ue.thomsonreuters.com/ Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:48:46 GMT content-encoding gzip x-content-type-options nosniff age 1869 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139079 x-xss-protection 0 last-modified Mon, 08 Nov 2021 21:26:42 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Thu, 17 Nov 2022 17:48:46 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	knowledge2017-medium-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	13ms 12ms	Font binary/octet-stream	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 30 Oct 2021 22:11:54 GMT via 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 1541282 x-cache Hit from cloudfront content-length 39304 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "20dca63d8ee3254b712c7171ae987713" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA60-P1 accept-ranges bytes x-amz-cf-id m3BMx1ATqaplwtEcAczc8UMy2BqEAiYyos7mww64dHLCBxSdF_Z4ZA==
GET H2	200	knowledge2017-black-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	39 KB 39 KB	16ms 15ms	Font binary/octet-stream	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 18 Oct 2021 01:47:28 GMT via 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2651548 x-cache Hit from cloudfront content-length 39444 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "3327c2a7977db98e49b5369fcafc658c" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA60-P1 accept-ranges bytes x-amz-cf-id IxbT9cvVFd_so_ZIiTFQhEzkxYgo3EYCtQIUcsUaRTA990-dJx2Org==
GET H2	200	knowledge2017-light-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	15ms 15ms	Font binary/octet-stream	2600:9000:236e:5a00:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:5a00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Sat, 30 Oct 2021 22:11:54 GMT via 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 1541282 x-cache Hit from cloudfront content-length 39336 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "9423006fb52301a35a4ce76f99e114af" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA60-P1 accept-ranges bytes x-amz-cf-id mr3lATIloi4QmLD9p4GE_WKTu7Zn_uiJN2-L5Ys1KJDgYXZkijEM-Q==
GET H2	200	sse streaming.split.io/	472 B 0	634ms 563ms	EventSource text/event-stream	18.66.97.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://streaming.split.io/sse?channels=Mjc4MDIxNzQ2OA%3D%3D_Mjg5MTc2Njc4Nw%3D%3D_MjYwMDIyNzUwNQ%3D%3D_mySegments,Mjc4MDIxNzQ2OA%3D%3D_Mjg5MTc2Njc4Nw%3D%3D_splits,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_pri,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_sec&accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6IkRQVkE3QS5fbS1NU1EiLCJ0eXAiOiJKV1QifQ.eyJ4LWFibHktY2FwYWJpbGl0eSI6IntcIk1qYzRNREl4TnpRMk9BPT1fTWpnNU1UYzJOamM0Tnc9PV9Nall3TURJeU56VXdOUT09X215U2VnbWVudHNcIjpbXCJzdWJzY3JpYmVcIl0sXCJNamM0TURJeE56UTJPQT09X01qZzVNVGMyTmpjNE53PT1fc3BsaXRzXCI6W1wic3Vic2NyaWJlXCJdLFwiY29udHJvbF9wcmlcIjpbXCJzdWJzY3JpYmVcIixcImNoYW5uZWwtbWV0YWRhdGE6cHVibGlzaGVyc1wiXSxcImNvbnRyb2xfc2VjXCI6W1wic3Vic2NyaWJlXCIsXCJjaGFubmVsLW1ldGFkYXRhOnB1Ymxpc2hlcnNcIl19IiwieC1hYmx5LWNsaWVudElkIjoiY2xpZW50SWQiLCJleHAiOjE2MzcxNzY3OTUsImlhdCI6MTYzNzE3MzE5NX0._mbkZDmed5tGYjRlSDNODAwVi52dOHeiTSxYCSD7RE4&v=1.1&heartbeats=true Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.97.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com X-Content-Type-Options nosniff Request headers Accept text/event-stream Cache-Control no-cache Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers content-security-policy default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com via 1.1 0baa339c02d06988c65d8623d1b3c6ed.cloudfront.net (CloudFront) referrer-policy no-referrer x-amz-cf-pop FRA56-P2 date Wed, 17 Nov 2021 18:19:55 GMT vary Origin x-ably-serverid frontend.b035.1.us-east-1-A.i-0161c60a0ffc6dce1.e7dyE1_HAB4v9d content-type text/event-stream access-control-allow-origin https://ue.thomsonreuters.com access-control-expose-headers Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server access-control-allow-credentials true x-cache Miss from cloudfront x-robots-tag noindex x-amz-cf-id VTyQRq-Jg-J0_jk3SHkMq4Bz4Ndk7E4883vpCsiUt-e8R87eZdYKJA== x-content-type-options nosniff
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame A7CA	39 KB 20 KB	29ms 28ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b349e64ae1ddb68bf8a36cfaf7a0d7bf5a9742b8ec70b803e20f4d7e82cac27f Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mOzf1q/g5oud4B165wA0Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Wed, 17 Nov 2021 18:19:55 GMT content-security-policy script-src 'report-sample' 'nonce-mOzf1q/g5oud4B165wA0Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 20435 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame A7CA	52 KB 26 KB	35ms 12ms	Stylesheet text/css	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:45:15 GMT content-encoding gzip x-content-type-options nosniff age 2080 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25732 x-xss-protection 0 last-modified Mon, 08 Nov 2021 21:26:42 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Thu, 17 Nov 2022 17:45:15 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ Frame A7CA	348 KB 136 KB	38ms 16ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:48:46 GMT content-encoding gzip x-content-type-options nosniff age 1869 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139079 x-xss-protection 0 last-modified Mon, 08 Nov 2021 21:26:42 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Thu, 17 Nov 2022 17:48:46 GMT
GET H/1.1	200 OK	ibs:dpid=903&dpuuid=aebd5df0-4791-41d3-8984-bdf2bd1eb1d6 dpm.demdex.net/ Frame 6B86 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 https://dpm.demdex.net/ibs:dpid=903&dpuuid=aebd5df0-4791-41d3-8984-bdf2bd1eb1d6	42 B 945 B	60ms 60ms	Image image/gif	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=903&dpuuid=aebd5df0-4791-41d3-8984-bdf2bd1eb1d6 Protocol HTTP/1.1 Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-0920decde.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID XJ0FkPCnR94= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:55 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://dpm.demdex.net/ibs:dpid=903&dpuuid=aebd5df0-4791-41d3-8984-bdf2bd1eb1d6 cache-control private,no-cache, must-revalidate content-type text/html content-length 189
GET H2	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame A7CA	2 KB 2 KB	9ms 8ms	Image image/png	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 03:05:30 GMT x-content-type-options nosniff age 54865 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 24 Nov 2021 03:05:30 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame A7CA	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:06:41 GMT x-content-type-options nosniff age 90794 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 16 Nov 2022 17:06:41 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame A7CA	15 KB 15 KB	9ms 8ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 14:17:54 GMT x-content-type-options nosniff age 100921 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 16 Nov 2022 14:17:54 GMT
GET H2	200	webworker.js www.google.com/recaptcha/enterprise/ Frame A7CA	102 B 181 B	16ms 16ms	Other text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d2dbb9007b20d836955cf57abcc72f4eaaa0cf9087b5cc9d78a12ef0ca3da2ff Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Wed, 17 Nov 2021 18:19:55 GMT
GET H2	200	RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/	818 B 748 B	68ms 67ms	Script application/x-javascript	2a02:26f0:6c00:299::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 154c225e88dfad47c7c3989147399992f46d352a96c9d9eea3c8442995587321 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 15:17:32 GMT server AkamaiNetStorage etag "b9eabb4670f41e2b44719f54b374a864:1634138252.770309" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 478 expires Wed, 17 Nov 2021 19:19:55 GMT
GET H2	200	/ Show response zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/	7 KB 4 KB	178ms 94ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 79bd2fd26d521d5312a70d882527c457104eb53fb634afa38d6acd9bd5ca2b7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 280284 cf-polished origSize=8435 edge-control max-age=604800 x-envoy-upstream-service-time 5 vary Accept-Encoding timing-allow-origin * cf-bgj minify server cloudflare x-powered-by Express etag W/"20f3-H+gP6TT/kt+3QvQGgDwQVckMW9g" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 cf-ray 6afaf8588dc34e9e-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H/1.1	200 OK	ibs:dpid=1175&gdpr=0&dpuuid=aBbLrGoQkftzRsasaRTfrWoSkK5zH8T4OEX8ZnNI dpm.demdex.net/ Frame 6B86 Redirect Chain https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aBbLrGoQkftzRsasaRTfrWoSkK5zH8T4OEX8ZnNI	42 B 945 B	51ms 35ms	Image image/gif	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aBbLrGoQkftzRsasaRTfrWoSkK5zH8T4OEX8ZnNI Protocol HTTP/1.1 Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-03eac61df.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID adEWvHN7RQU= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:55 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aBbLrGoQkftzRsasaRTfrWoSkK5zH8T4OEX8ZnNI cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	adrum-ext.a6720c95d03e8e8d9e4f122a106bf00d.js Show response cdn.appdynamics.com/	51 KB 20 KB	24ms 24ms	Script application/javascript	52.222.214.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum-ext.a6720c95d03e8e8d9e4f122a106bf00d.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-29.fra56.r.cloudfront.net Software nginx/1.16.1 / Resource Hash abcf87644f7085a24a8f56ea0c9a006907d450903f56f7eefeae9ccb8e46d88a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 25 Oct 2021 17:10:09 GMT content-encoding gzip age 1991386 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 15 May 2020 21:07:16 GMT server nginx/1.16.1 etag W/"5ebf0484-ca25" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript via 1.1 920a6dce56a0ee957dbaa3bf4429f8ff.cloudfront.net (CloudFront) cache-control public, max-age=2678400, s-max-age=14400 x-amz-cf-pop FRA56-P3 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id tq89rRm0sA-cgw-fYcE3z12dUOHZaMZ0oN371F0_8n3CqVQpmI6ikg==
POST H2	200	reload Show response www.google.com/recaptcha/enterprise/ Frame A7CA	30 KB 17 KB	99ms 99ms	XHR application/json	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c5c08af079748ee44164a0201a61af610aab8a481305b9e0530ec7e7ca226dc9 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=yZguKF1TiDm6F3yJWVhmOKQ9&size=invisible&cb=yqlx7zok8ujs Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/x-protobuffer Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17399 x-xss-protection 1; mode=block expires Wed, 17 Nov 2021 18:19:55 GMT
GET H/1.1	200 OK	ibs:dpid=22052&dpuuid=3623075173661409402 dpm.demdex.net/ Frame 6B86 Redirect Chain https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623075173661409402	42 B 945 B	54ms 54ms	Image image/gif	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623075173661409402 Protocol HTTP/1.1 Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-09dc5e9e5.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID CPVz0JLXR5U= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Pragma no-cache Date Wed, 17 Nov 2021 18:19:55 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Location https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623075173661409402 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 185 Expires 0,Thu, 18 Nov 2021 13:19:55 GMT
GET H2	200	12.0dd1d9e7d155335870a6.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	55 KB 17 KB	41ms 40ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/12.0dd1d9e7d155335870a6.chunk.js?Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=web&Q_BRANDID=ue.thomsonreuters.com Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 068dd32c638718b56c231035622c9684605299229b279ffc99ef3157bc0b2ae5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 472016 cf-polished origSize=57365 cf-ray 6afaf8591efc4e9e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Tue, 26 Oct 2021 18:30:12 GMT server cloudflare etag W/"e015-17cbdddf320" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
POST H2	401	verifyCaptcha Show response api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/	235 B 1 KB	127ms 126ms	Fetch application/json	2600:9000:223c:1a00:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/app-main.b6ef2b1b.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:1a00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 074e4ed8508da0e1eb3125682f595d55138d4bd4e2a62c07b65e8ba9a70bfb91 Request headers Accept application/json, text/plain, */* Referer https://ue.thomsonreuters.com/ Authorization Bearer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers sec-fetch-mode cors date Wed, 17 Nov 2021 18:19:56 GMT via 2.0 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront), 1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront) origin https://ue.thomsonreuters.com accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 authorization Bearer x-forwarded-for 2a01:4f8:212:78e:2c::1, 130.176.161.138 sec-fetch-dest empty x-tr-cloudfront-api-gateway d1uy6ivt6fb41q x-cache Error from cloudfront x-forwarded-proto https content-length 235 pragma no-cache sec-fetch-site same-site host api.thomsonreuters.com user-agent Amazon CloudFront access-control-max-age 3628800 access-control-allow-methods * content-type application/json access-control-allow-origin https://ue.thomsonreuters.com accept application/json, text/plain, */* cache-control no-cache referer https://ue.thomsonreuters.com/ x-amz-cf-pop FRA56-P2 x-forwarded-port 443 access-control-allow-headers * x-amz-cf-id 3fehm7_Ngna-KWwRMDxMTFhv3wsY65hLGdzFk2NGHfH81z3sTYSYvw==
OPTIONS H2	200	verifyCaptcha api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame	0 0	232ms 56ms	Preflight	2600:9000:223c:1a00:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:1a00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers content-length 0 date Wed, 17 Nov 2021 18:19:55 GMT host api.thomsonreuters.com x-forwarded-for 2a01:4f8:212:78e:2c::1, 130.176.161.169 x-forwarded-port 443 x-forwarded-proto https user-agent Amazon CloudFront via 2.0 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront), 1.1 5d5481cfa85227a3fdd5ff0b03093c63.cloudfront.net (CloudFront) accept */* referer https://ue.thomsonreuters.com/ accept-encoding gzip, deflate, br pragma no-cache cache-control no-cache access-control-request-method POST access-control-request-headers authorization,content-type origin https://ue.thomsonreuters.com sec-fetch-mode cors sec-fetch-site same-site sec-fetch-dest empty x-tr-cloudfront-api-gateway d1uy6ivt6fb41q access-control-allow-origin https://ue.thomsonreuters.com access-control-allow-headers Accept,origin, connection, x-requested-with, accept,content-length, content-type,authorization,cookie,authorization,content-type access-control-max-age 3628800 access-control-allow-methods * access-control-allow-credentials true x-cache Miss from cloudfront x-amz-cf-pop FRA56-P2 x-amz-cf-id 5zYu_iokN5EvBtZd_7QLKS_R_ykvm5xAcUncFeBcLQmtUD4vcKOdJg==
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	9 KB 2 KB	81ms 81ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f3cafdf4c1e351357d0ba688d13afebc3ea3a2caef6e45d1ee71bc757a64c88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 9 strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin https://ue.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true trace-id 5371577c200da6bb cf-ray 6afaf8596f924e9e-FRA
GET H/1.1	200 OK	user bttrack.com/dmp/adobe/ Frame 6B86	35 B 380 B	446ms 102ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/dmp/adobe/user?dd_uuid=11034190561434856342703118680953696414 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers X-ServerName Track002-dc3 Pragma no-cache Date Wed, 17 Nov 2021 18:19:53 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	99 KB 31 KB	45ms 45ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 13240b3ce0f2614422012708fc83e706dd9ed31973bf724d4c2d9007eb203b04 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 65823 cf-polished origSize=102276 cf-ray 6afaf859f8974e9e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 9 vary Accept-Encoding last-modified Tue, 26 Oct 2021 18:30:12 GMT server cloudflare x-powered-by Express etag W/"18f84-17cbdddf320" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H/1.1	200 OK	ibs:dpid=121998&dpuuid=e2c4bbe2a3deac2dea7dbef6ebf362e4 dpm.demdex.net/ Frame 6B86 Redirect Chain https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=11034190561434856342703118680953696414?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=11034190561434856342703118680953696414?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e2c4bbe2a3deac2dea7dbef6ebf362e4	42 B 945 B	36ms 36ms	Image image/gif	52.17.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e2c4bbe2a3deac2dea7dbef6ebf362e4 Protocol HTTP/1.1 Server 52.17.95.93 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-95-93.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-06aa8172b.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID oKwwSTxfR7A= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://dpm.demdex.net/ibs:dpid=121998&dpuuid=e2c4bbe2a3deac2dea7dbef6ebf362e4 cache-control no-cache x-server 10.45.16.131 content-length 0 expires 0
OPTIONS H2	200	anonymous sdk.split.io/api/mySegments/ Frame	0 0	24ms 23ms	Preflight	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Wed, 17 Nov 2021 18:19:55 GMT via 1.1 varnish x-served-by cache-fra19124-FRA x-cache HIT x-cache-hits 0 x-timer S1637173196.875793,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
GET H2	200	anonymous Show response sdk.split.io/api/mySegments/	17 B 423 B	14ms 13ms	Fetch application/json	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains via 1.1 varnish, 1.1 varnish etag "1000002--gzip" age 222940 x-cache HIT, HIT content-encoding gzip content-length 37 x-request-id 1ym9lswgtql x-served-by cache-dca17745-DCA, cache-fra19124-FRA x-timer S1637173196.902855,VS0,VE0 date Wed, 17 Nov 2021 18:19:55 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17774-DCA-15185ae1-81e7-4b4a-a8b2-350109b40792; cache-fra19127-FRA-c6d84e4c-2025-4288-a298-374c3db2176d accept-ranges bytes x-cache-hits 1, 2
GET H2	200	splitChanges Show response sdk.split.io/api/	56 B 300 B	14ms 13ms	Fetch application/json	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=1637079976560 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ef20d8f737d4bb7c8ef9a2465f3b537833dfe8f58761c5b6350b974387830ed7 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip etag "-1987816788--gzip" age 93216 x-cache HIT, HIT content-length 63 via 1.1 varnish, 1.1 varnish x-request-id 1yoe49pkg3q x-served-by cache-dca17774-DCA, cache-fra19124-FRA last-modified Tue, 16 Nov 2021 16:26:16 GMT x-timer S1637173196.902957,VS0,VE1 date Wed, 17 Nov 2021 18:19:55 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17761-DCA-665f742a-7fd0-47c4-b4e2-90ee5b2e88bf; cache-fra19170-FRA-51ae09da-fc60-4c91-8ef2-4bccfb3adf3f accept-ranges bytes x-cache-hits 2, 1
OPTIONS H2	200	splitChanges sdk.split.io/api/ Frame	0 0	24ms 24ms	Preflight	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=1637079976560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Wed, 17 Nov 2021 18:19:55 GMT via 1.1 varnish x-served-by cache-fra19124-FRA x-cache HIT x-cache-hits 0 x-timer S1637173196.875915,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
GET H2	200	4.fb684567ce86ad1f4655.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	2 KB 905 B	74ms 73ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/4.fb684567ce86ad1f4655.chunk.js?Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79f49b23898091340108b17215fba34524545affcf88e0a07820b18466bebc6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 66895 cf-polished origSize=2539 cf-ray 6afaf85a697f4e9e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 20 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Tue, 26 Oct 2021 18:30:12 GMT server cloudflare etag W/"9eb-17cbdddf320" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	1.266dfdaea7d1f3348c4a.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	28 KB 6 KB	74ms 73ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.266dfdaea7d1f3348c4a.chunk.js?Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5251c6ea010dfdff4e5e2caeb33e68f81338bbf76436ff79074b10fb10edcfe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 66895 cf-polished origSize=29269 cf-ray 6afaf85a69834e9e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Tue, 26 Oct 2021 18:30:12 GMT server cloudflare etag W/"7255-17cbdddf320" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	FeedbackButtonModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	64 KB 23 KB	51ms 50ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 65820 cf-polished origSize=66052 cf-ray 6afaf85a69844e9e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding last-modified Tue, 26 Oct 2021 18:30:12 GMT server cloudflare x-powered-by Express etag W/"10204-17cbdddf320" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 815 B	109ms 70ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=23&Q_ORIGIN=https://ue.thomsonreuters.com&Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c315e416cbf6ddef97af88216cbf89dc42133029b3d66ab67af2d3d28c7bc57f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 528588 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Thu, 11 Nov 2021 15:30:07 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * expires Sun, 09 Nov 2031 15:30:07 GMT cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false cf-ray 6afaf85aab0d68f7-FRA servershortname
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 1 KB	92ms 54ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=20&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://ue.thomsonreuters.com&Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc1e7926c0192ba99588ff36a783ce093cdd88f8000d5fdc4506edd43c56d8de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 280261 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding last-modified Sun, 14 Nov 2021 12:28:54 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false cf-ray 6afaf85aab1068f7-FRA servershortname expires Wed, 12 Nov 2031 12:28:54 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpWSHlnQUFBSnpTWmdQNw== https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVpWSHlnQUFBSnpTWmdQNw==&google_tc=	170 B 243 B	17ms 17ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVpWSHlnQUFBSnpTWmdQNw==&google_tc= Protocol H2 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVpWSHlnQUFBSnpTWmdQNw==&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 345 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 242 B	73ms 72ms	XHR text/plain	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.63.1&Q_CLIENTTYPE=webAdobeLaunch&r=1637173196022 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 17 Nov 2021 18:19:56 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/plain; charset=UTF-8 access-control-allow-origin https://ue.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-envoy-upstream-service-time 3 trace-id 1e1056c11ca1f2f9 cf-ray 6afaf85b2c7568f7-FRA vary Accept-Encoding content-length 45
GET H2	200	wr-dialog-close-btn-black.png siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	256 B 534 B	38ms 38ms	Image image/png	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 18:19:56 GMT x-content-type-options nosniff cf-cache-status HIT age 20725736 cf-polished origSize=757 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" x-envoy-upstream-service-time 8 cf-bgj imgq:85,h2pri vary Accept-Encoding content-length 256 last-modified Wed, 10 Mar 2021 21:25:57 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, public accept-ranges bytes cf-ray 6afaf85b2b2f4e9e-FRA servershortname expires Thu, 20 Mar 2031 21:11:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZVHygAAAJzSZgP7&expires=90	0 239 B	85ms 9ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZVHygAAAJzSZgP7&expires=90 Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 4b510f0cc5fcbc9800016ef543086418 Content-Type image/gif Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT via 1.1 varnish server Varnish x-timer S1637173196.087207,VS0,VE0 x-served-by cache-fra19183-FRA x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZVHygAAAJzSZgP7&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZVHygAAAJzSZgP7 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZVHygAAAJzSZgP7&C=1	43 B 1003 B	17ms 16ms	Image image/gif	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZVHygAAAJzSZgP7&C=1 Protocol HTTP/1.1 Server 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Nov 2021 18:19:56 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 17 Nov 2021 18:19:56 GMT Redirect headers Pragma no-cache Date Wed, 17 Nov 2021 18:19:56 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZVHygAAAJzSZgP7&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 279 Expires Wed, 17 Nov 2021 18:19:56 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=YZVHygAAAJzSZgP7 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZVHygAAAJzSZgP7	43 B 1 KB	12ms 12ms	Image image/gif	185.33.220.242 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZVHygAAAJzSZgP7 Protocol HTTP/1.1 Server 185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Wed, 17 Nov 2021 18:19:56 GMT X-Proxy-Origin 136.243.198.82; 136.243.198.82; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 8a0bd75b-8693-4e1a-bbca-8332bfa8c2c0 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 17 Nov 2021 18:19:56 GMT X-Proxy-Origin 136.243.198.82; 136.243.198.82; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 22b91f6e-5cf2-48ee-b3c2-0912b728ca85 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZVHygAAAJzSZgP7 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	sd us-u.openx.net/w/1.0/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZVHygAAAJzSZgP7 https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZVHygAAAJzSZgP7	43 B 61 B	27ms 17ms	Image image/gif	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZVHygAAAJzSZgP7 Protocol H3 Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.218.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT via 1.1 google server OXGW/16.218.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZVHygAAAJzSZgP7 date Wed, 17 Nov 2021 18:19:56 GMT via 1.1 google server OXGW/16.218.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZVHygAAAJzSZgP7	1 B 549 B	74ms 13ms	Image text/html	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZVHygAAAJzSZgP7 Protocol H2 Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 17:27:00 GMT cache-control no-store, no-cache, private x-lat amspug0022:0:443 server nginx content-type text/html; charset=utf-8 content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT via 1.1 varnish server Varnish x-timer S1637173196.463695,VS0,VE0 x-served-by cache-fra19183-FRA x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZVHygAAAJzSZgP7 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZVHygAAAJzSZgP7&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZVHygAAAJzSZgP7&img=1&__user_check__=1&sync_id=f7be294c-47d2-11ec-8f2b-1cf699440106	43 B 548 B	580ms 579ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZVHygAAAJzSZgP7&img=1&__user_check__=1&sync_id=f7be294c-47d2-11ec-8f2b-1cf699440106 Protocol HTTP/1.1 Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 18:19:57 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 93 Connection keep-alive Content-Length 43 Redirect headers Date Wed, 17 Nov 2021 18:19:56 GMT Server nginx Location /partner?adv_id=6409&uid=YZVHygAAAJzSZgP7&img=1&__user_check__=1&sync_id=f7be294c-47d2-11ec-8f2b-1cf699440106 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 76 Connection keep-alive Content-Length 0
GET H2	200	b.php www.facebook.com/fr/ Frame 6B86 Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZVHygAAAJzSZgP7&t=2592000&o=0	43 B 1 KB	59ms 44ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZVHygAAAJzSZgP7&t=2592000&o=0 Protocol H2 Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Wed, 17 Nov 2021 10:19:56 PST content-encoding br x-content-type-options nosniff content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug cgDgKmX5DEyy8artNAX5nUJ7zXYPvLwBVSYj+N4H13UA4xva3LXK1JCghuwf9EYHk1Ike7+ArhiltHPwTwpACA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups strict-transport-security max-age=15552000; preload report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type image/gif vary Accept-Encoding cache-control public, max-age=0 expires Wed, 17 Nov 2021 10:19:56 PST Redirect headers pragma no-cache date Wed, 17 Nov 2021 18:19:56 GMT via 1.1 varnish server Varnish x-timer S1637173197.680156,VS0,VE0 x-served-by cache-fra19183-FRA x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZVHygAAAJzSZgP7&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	/ partner.mediawallahscript.com/ Frame 6B86 Redirect Chain https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=11034190561434856342703118680953696414&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=11034190561434856342703118680953696414&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=...	0 638 B	36ms 36ms	Image text/plain	52.16.203.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=11034190561434856342703118680953696414&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=f7dea2b0-47d2-11ec-8ca5-c12cff8885e2&timestamp=2021-11-17T18%3A19%3A56.891Z Protocol HTTP/1.1 Server 52.16.203.61 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-16-203-61.eu-west-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Wed, 17 Nov 2021 18:19:56 GMT Cache-Control private, no-cache, must-revalidate, no-store, max-age=0 Server nginx/1.18.0 Connection keep-alive P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Wed, 17 Nov 2021 18:19:56 GMT Server nginx/1.18.0 Vary Accept, Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location /?account_id=2011&partner_id=2021&uid=11034190561434856342703118680953696414&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=f7dea2b0-47d2-11ec-8ca5-c12cff8885e2&timestamp=2021-11-17T18%3A19%3A56.891Z Cache-Control private, no-cache, must-revalidate, no-store, max-age=0 Connection keep-alive Content-Type text/plain; charset=utf-8 Content-Length 268 Expires Sat, 26 Jul 1997 05:00:00 GMT