ue.thomsonreuters.com Open in urlscan Pro
2600:9000:2156:4600:14:6298:ec00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Submission: On November 23 via manual (November 23rd 2021, 7:38:20 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 31 domains to perform 100 HTTP transactions. The main IP is 2600:9000:2156:4600:14:6298:ec00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ue.thomsonreuters.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 25th 2021. Valid for: a year.

This is the only time ue.thomsonreuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:215... 2600:9000:2156:4600:14:6298:ec00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:12d... 2a02:26f0:12d:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	143.204.98.67 143.204.98.67	16509 (AMAZON-02) (AMAZON-02)
23	2600:9000:215... 2600:9000:2156:7e00:15:d837:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
7	52.18.82.75 52.18.82.75	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.208.121.178 52.208.121.178	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	52.51.88.158 52.51.88.158	16509 (AMAZON-02) (AMAZON-02)
1	54.170.22.84 54.170.22.84	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
8	151.101.195.9 151.101.195.9	54113 (FASTLY) (FASTLY)
1	143.204.98.122 143.204.98.122	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
2	3.232.214.163 3.232.214.163	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.50.124.16 52.50.124.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	52.30.171.74 52.30.171.74	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.26 143.204.98.26	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	54.229.143.145 54.229.143.145	16509 (AMAZON-02) (AMAZON-02)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
8	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:ea00:16:3030:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	34.255.68.26 34.255.68.26	16509 (AMAZON-02) (AMAZON-02)
100	37

2 2600:9000:2156:4600:14:6298:ec00:93a1 (United States)

ASN16509 (AMAZON-02, US)

ue.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:12d:587::1e80 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-67.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:2156:7e00:15:d837:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

app-data.gcs.trstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.18.82.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.121.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-121-178.eu-west-1.compute.amazonaws.com

westthomson.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

westthomsoncom.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.88.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.170.22.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-22-84.eu-west-1.compute.amazonaws.com

westservicesinc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.195.9 (United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-122.fra50.r.cloudfront.net

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.214.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-214-163.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.124.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-16.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.171.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-171-74.eu-west-1.compute.amazonaws.com

ws15.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-26.fra50.r.cloudfront.net

streaming.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.143.145 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-143-145.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ea00:16:3030:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.225.98 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.68.26 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	trstatic.net app-data.gcs.trstatic.net	1 MB
11	qualtrics.com zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com siteintercept.qualtrics.com	86 KB
11	split.io sdk.split.io auth.split.io streaming.split.io	12 KB
9	everesttech.net 9 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
8	demdex.net dpm.demdex.net westthomson.demdex.net	11 KB
7	cookielaw.org cdn.cookielaw.org	114 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	328 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com ws15.hotjar.com	65 KB
4	google.com www.google.com	38 KB
4	adobedtm.com assets.adobedtm.com	113 KB
4	thomsonreuters.com ue.thomsonreuters.com api.thomsonreuters.com	38 KB
2	mediawallahscript.com 1 redirects partner.mediawallahscript.com	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	doubleclick.net 1 redirects cm.g.doubleclick.net	907 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	803 B
2	omtrdc.net westthomsoncom.sc.omtrdc.net westservicesinc.tt.omtrdc.net	836 B
2	appdynamics.com cdn.appdynamics.com	55 KB
1	facebook.com www.facebook.com	1 KB
1	pubmatic.com image2.pubmatic.com	548 B
1	openx.net us-u.openx.net	275 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bttrack.com bttrack.com	380 B
1	ml314.com 1 redirects ml314.com	474 B
1	quantserve.com 1 redirects pixel.quantserve.com	494 B
1	googleapis.com fonts.googleapis.com	917 B
1	pendo.io cdn.pendo.io	136 KB
1	onetrust.com geolocation.onetrust.com	374 B
100	31

	Domain	Requested by
23	app-data.gcs.trstatic.net	ue.thomsonreuters.com cdn.appdynamics.com app-data.gcs.trstatic.net
10	siteintercept.qualtrics.com	cdn.appdynamics.com
8	sync-tm.everesttech.net	8 redirects
8	sdk.split.io	app-data.gcs.trstatic.net
7	dpm.demdex.net	assets.adobedtm.com ue.thomsonreuters.com
7	cdn.cookielaw.org	ue.thomsonreuters.com cdn.cookielaw.org cdn.appdynamics.com
4	www.gstatic.com	cdn.appdynamics.com www.google.com www.gstatic.com
4	www.google.com	cdn.appdynamics.com www.google.com www.gstatic.com
4	assets.adobedtm.com	ue.thomsonreuters.com assets.adobedtm.com cdn.appdynamics.com
2	partner.mediawallahscript.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	1 redirects
2	api.thomsonreuters.com	app-data.gcs.trstatic.net
2	sync.crwdcntrl.net	2 redirects
2	fonts.gstatic.com	www.google.com
2	match.adsrvr.org	2 redirects
2	idsync.rlcdn.com	2 redirects
2	auth.split.io	app-data.gcs.trstatic.net
2	cdn.appdynamics.com	ue.thomsonreuters.com cdn.appdynamics.com
2	ue.thomsonreuters.com	app-data.gcs.trstatic.net
1	www.facebook.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com	cdn.appdynamics.com
1	bttrack.com	ue.thomsonreuters.com
1	ml314.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	streaming.split.io	ue.thomsonreuters.com
1	ws15.hotjar.com	cdn.appdynamics.com
1	fonts.googleapis.com	client
1	in.hotjar.com	cdn.appdynamics.com
1	vars.hotjar.com	cdn.appdynamics.com
1	cdn.pendo.io	cdn.appdynamics.com
1	script.hotjar.com	cdn.appdynamics.com
1	westservicesinc.tt.omtrdc.net	cdn.appdynamics.com
1	cm.everesttech.net	1 redirects
1	westthomsoncom.sc.omtrdc.net	cdn.appdynamics.com
1	westthomson.demdex.net	cdn.appdynamics.com
1	geolocation.onetrust.com	cdn.appdynamics.com
1	static.hotjar.com	cdn.appdynamics.com
100	43

This site contains links to these domains. Also see Links.

Domain
www.thomsonreuters.com
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA	`2021-08-25` - `2022-08-25`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-21` - `2022-07-22`	a year	crt.sh
app-data.gcs.trstatic.net COMODO RSA Organization Validation Secure Server CA	`2020-08-17` - `2022-08-17`	2 years	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-05` - `2022-03-04`	5 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
streaming.split.io Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-24` - `2022-09-24`	a year	crt.sh
api.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA	`2021-07-27` - `2022-07-27`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Frame ID: AACA432CACE24E14A1124F874F2568BB
Requests: 72 HTTP requests in this frame

Frame: https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: D1AAF05EE10CEAB6B63F5BD15198A9C9
Requests: 16 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: 4A24EC1C0BB66E6465EF29BBA5DB7F35
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qvmeh7z81bdx
Frame ID: E4881F3CED598CC7DCA08A9C88AC71E1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay without signin in | Thomson ReutersBack ButtonSearch IconFilter Icon

Page Statistics

100
Requests

85 %
HTTPS

28 %
IPv6

31
Domains

43
Subdomains

37
IPs

7
Countries

2407 kB
Transfer

8322 kB
Size

44
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thomsonreuters.com/en/privacy-statement.html#cookies
Title: Cookie policy

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/terms-of-use.html
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: Privacy statement

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/policies/copyright.html
Title: Copyright

Search URL Search Domain Scan URL

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/5dc91c0f-f1b7-4b6e-9d42-76043adaf72d.html
Title: For CA: Do not sell my info

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cm.everesttech.net/cm/dd?d_uuid=90058094889697457281524095003950240064 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DJgAAAH70HQQf

Request Chain 38

https://idsync.rlcdn.com/365868.gif?partner_uid=90058094889697457281524095003950240064 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomOTAwNTgwOTQ4ODk2OTc0NTcyODE1MjQwOTUwMDM5NTAyNDAwNjQQABoNCKaG9YwGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=884e519523ebe7323888c78564bfb4e34d3bf5a817d2188afbe3b9fb70b0c83cb0da87c991749652

Request Chain 56

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2b3b60fe-a380-4525-a62b-1f305052bc30

Request Chain 60

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=JZyFjSeejt4-morcIpWRj3CV3t8-yYjacsmviyQT

Request Chain 67

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215592244248721

Request Chain 77

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=90058094889697457281524095003950240064?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=90058094889697457281524095003950240064?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ced8b18b883052ef5648f69f99945c9d

Request Chain 81

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVoxREpnQUFBSDcwSFFRZg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxREpnQUFBSDcwSFFRZg==&google_tc=

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DJgAAAH70HQQf&expires=90

Request Chain 95

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DJgAAAH70HQQf HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DJgAAAH70HQQf&C=1

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YZ1DJgAAAH70HQQf HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DJgAAAH70HQQf

Request Chain 97

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DJgAAAH70HQQf

Request Chain 98

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DJgAAAH70HQQf

Request Chain 99

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DJgAAAH70HQQf&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DJgAAAH70HQQf&img=1&__user_check__=1&sync_id=e799156f-4c94-11ec-8d9b-1a3cf9d10506

Request Chain 100

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DJgAAAH70HQQf&t=2592000&o=0

Request Chain 101

https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=90058094889697457281524095003950240064&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb HTTP 302
https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=90058094889697457281524095003950240064&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=e7bd0cc0-4c94-11ec-bef8-49f8105510ec&timestamp=2021-11-23T19%3A38%3A16.844Z

100 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pay Show response
ue.thomsonreuters.com/en-us/account/billing/guest/ 3 KB
3 KB 489ms
404ms Document
text/html 2600:9000:2156:4600:14:6298:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4600:14:6298:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ab26888a3b542b8a7bc4d2156d35154ff72d72653042d1edc5fe2b90f48da874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=utf-8
content-length: 1308
date: Tue, 23 Nov 2021 19:38:14 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-ua-compatible: IE=edge
x-dispatcher: dispatcher1useast1
x-vhost: publish
content-disposition: inline
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pK2r2jBYowdVAU3ype1_TW_Xzge7BEIh5fb5InhQXy_J1DCKNaS8LA==

GET
H2 200 launch-f185a872eb60.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ 300 KB
87 KB 56ms
17ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Requested by: Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: af3ada59cba84f8b8e380725a06cf9b0bc41c3d75032e26931daa897a4bb26a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 15:17:31 GMT
server: AkamaiNetStorage
etag: "57d648eb9ad352a4027ba7dc78ad1542:1634138251.948508"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 88137
expires: Tue, 23 Nov 2021 20:38:14 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 47ms
22ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 6550
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Mon, 22 Nov 2021 20:32:32 GMT
server: cloudflare
etag: 0x8D9ADF735C33F25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: af27f9c3-901e-001c-49ea-df00f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b2cdb505eb14ac3-FRA

GET
H2 200 adrum-20.5.0.3144.js Show response
cdn.appdynamics.com/adrum/ 96 KB
35 KB 40ms
12ms Script
application/javascript 143.204.98.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Requested by: Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-67.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 46547e117710b803e062343a99519eb2a27293b8346f7a008a4cb8d39bebf95f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:11:10 GMT
content-encoding: gzip
age: 2514424
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 15 May 2020 21:07:15 GMT
server: nginx/1.16.1
etag: W/"5ebf0483-18065"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Txjjvqt-llXm49Rxh7BhUVkrjOm_i9NtEQNSYOiI5-E-IOX0cDBm7w==

GET
H2 200 bootstrap.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/ 155 KB
49 KB 193ms
18ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/bootstrap.js
Requested by: Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 092c3579ed3375d5e3970c2145c82fd28dc38940724978b557d3fecbb5b079b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:36 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:10 GMT
server: AmazonS3
age: 38799
etag: W/"2afe6283a1ee142dc378e6b41eafd607"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l1vwZd9M9YP6HJUbl0PKGYOrPJyQw_uZPWgnxw8CiIYOkEOSb4544A==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 127ms
33ms XHR
application/json 52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1637696294543

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

29e97a04b69a0fc27edd32dd6a074825e4f8946cd8e71caab09ec183bb787de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v019-034026400.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: K+WLjXczR0I=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://ue.thomsonreuters.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX51db1eb10f11458096d1e6ca794cce82-libraryCode_source.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/ 45 KB
17 KB 18ms
15ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/EX51db1eb10f11458096d1e6ca794cce82-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 83745aef5b250a4349d1e5ac664901105828b473be1d9f9b40e12512bc38a01c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 15:17:32 GMT
server: AkamaiNetStorage
etag: "b9eabb4670f41e2b44719f54b374a864:1634138252.770309"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 16834
expires: Tue, 23 Nov 2021 20:38:14 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/ 25 KB
9 KB 15ms
15ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 21:04:02 GMT
server: AkamaiNetStorage
etag: "46ddc14338df08a965a4d5269b73d1ad:1629320642.34831"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8763
expires: Tue, 23 Nov 2021 20:38:14 GMT

GET
H2 200 8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json Show response
cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ 4 KB
2 KB 68ms
53ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d14fa1934102b4493dc5391177f0042f607f9702e9c3264695ce075c56672e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: fTfyOupKjfMqmjcKhzh2yQ==
content-length: 1549
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 11:43:48 GMT
server: cloudflare
etag: 0x8D96E06ED9EED74
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f7cf560d-901e-017e-73a1-e0017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b2cdb51498d5369-FRA

GET
H2 200 78.17675ce8.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 1 MB
341 KB 16ms
16ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e27c51adf8de961aa8003a4f0ef398c28586d15e0549a363e7f8fd33a2e38fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:37 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38798
etag: W/"d5ba8008b436d8dd434c24d610ae720c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: evjsmZee8H1oQEThDI8z6y_1ZSjfnYR6PvrR29QH4_4dqXqSWwGg-w==

GET
H2 200 app-main.4085d38b.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/ 406 KB
73 KB 24ms
23ms Stylesheet
text/css 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9b9e4615dfae2bc91b6c2e86aea9f79dd139b43310621a089355a8a28dd013e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:37 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:11 GMT
server: AmazonS3
age: 38798
etag: W/"5f3389ddff382d66479f6c91b2f11772"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ala4X20f-5FfKdAxK7C14Xv-ktaX0ep3q1GDPqGM1n0RO3NXQFIiEQ==

GET
H2 200 app-main.b6ef2b1b.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 267 KB
51 KB 26ms
26ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/app-main.b6ef2b1b.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79237be64fdf83ff645a660c3d17e39d9e14bd0684f3c06486229520e9b3bb05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:37 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:13 GMT
server: AmazonS3
age: 38798
etag: W/"69ed999ee917f1a03de317bc69bf4bec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BlfAZMxOPXCsRFdOL2nMUL4f47eukj6vHvkr74DdIYVBU_R40k4b4w==

GET
H2 200 hotjar-1846625.js Show response
static.hotjar.com/c/ 7 KB
3 KB 57ms
38ms Script
application/javascript 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1846625.js?sv=6

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.82 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-82.fra50.r.cloudfront.net

Software

Resource Hash

5d6c18a92ed7c6704d135d437d921d3435eb911ed46fc7d3eec9b81173b7ceef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/ff60f67329ea2ee3f7d56576d3fa1c46
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: uMUNZSPmJGS_ARmqaTs6p1SFmQyUXS-H74dyMzymdTr97OsvvfTUSA==
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
374 B 52ms
25ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b2cdb51dcda05b7-FRA

GET
H/1.1 200
OK dest5.html Show response
westthomson.demdex.net/ Frame D1AA 7 KB
3 KB 151ms
33ms Document
text/html 52.208.121.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westthomson.demdex.net/dest5.html?d_nsid=0

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-121-178.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 23 Nov 2021 19:38:14 GMT
DCS: dcs-prod-irl1-2-v019-09dc5e9e5.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 11:21:26 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: qr3GTbrZSPM=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
westthomsoncom.sc.omtrdc.net/ 2 B
320 B 63ms
17ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=89775010946506392541534533375250950038&ts=1637696294681

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Nov 2021 19:38:14 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-6988cccb6f-pwf64
vary: Origin
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZ1DJgAAAH70HQQf
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=90058094889697457281524095003950240064
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DJgAAAH70HQQf

42 B
945 B

44ms
42ms

Image
image/gif

52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DJgAAAH70HQQf

Requested by

Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-05b09d23a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: uDCtkMzTSaw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DJgAAAH70HQQf
Date: Tue, 23 Nov 2021 19:38:14 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
westservicesinc.tt.omtrdc.net/rest/v1/ 288 B
516 B 136ms
60ms XHR
application/json 54.170.22.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=762c3644d9114a98b7bfe3ffb7010b45&version=2.6.1
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.170.22.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-22-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3d3c30e7aaac3abd7eb2ddafbc52cdf3cba76c50e45c9f3d079cd538e22e9bec

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ue.thomsonreuters.com
date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
x-request-id: 623b804b016239168699a7758595a861
content-type: application/json;charset=UTF-8

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.22.0/ 311 KB
74 KB 16ms
13ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
age: 3094242
vary: Accept-Encoding
content-length: 75930
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
server: cloudflare
etag: 0x8D962BA8ADAEF03
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3f4f46b5-901e-0058-4c6c-c4dc9d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b2cdb520b4c4ac3-FRA

GET
H2 200 modules.376dac12c7cbd03331c3.js Show response
script.hotjar.com/ 226 KB
60 KB 30ms
9ms Script
application/javascript 143.204.98.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.376dac12c7cbd03331c3.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-33.fra50.r.cloudfront.net

Software

Resource Hash

762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25868
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60634
access-control-allow-origin: *
last-modified: Tue, 23 Nov 2021 12:26:27 GMT
etag: "a104d8caba37d824b6eacd90ef7757da"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: chsR07LIqaVudrc_NkS62kLe8KbHkQ9aq8xCZB6pTejIfKeeiPcN5A==

OPTIONS
H2 200 anonymous
sdk.split.io/api/mySegments/ Frame 0
0 44ms
8ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://ue.thomsonreuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Tue, 23 Nov 2021 19:38:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637696295.862692,VS0,VE0
vary: Cookie
access-control-allow-origin: https://ue.thomsonreuters.com
content-length: 37

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ Frame 0
0 41ms
9ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://ue.thomsonreuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Tue, 23 Nov 2021 19:38:14 GMT
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637696295.862801,VS0,VE0
vary: Cookie
access-control-allow-origin: https://ue.thomsonreuters.com
content-length: 37

GET
H2 200 anonymous Show response
sdk.split.io/api/mySegments/ 17 B
439 B 8ms
6ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://ue.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.15.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 124666
x-cache: HIT, HIT
content-encoding: gzip
content-length: 37
x-request-id: 1ywjoyuz8il
x-served-by: cache-dca12929-DCA, cache-fra19162-FRA
x-timer: S1637696295.875696,VS0,VE0
date: Tue, 23 Nov 2021 19:38:14 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17727-DCA-ee0d13b9-5768-4276-b87b-bef16217f41c; cache-fra19155-FRA-ceee969f-e80a-419e-88f6-e391cdf49624
accept-ranges: bytes
x-cache-hits: 1, 3

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 146 KB
10 KB 9ms
7ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c87ee919be897359b9afa57e3bc05c20a8bf65bde93ac03be4f88de00998d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://ue.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.15.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
etag: "-534150754--gzip"
age: 3408
x-cache: HIT, HIT
content-length: 10188
via: 1.1 varnish, 1.1 varnish
x-request-id: 1yyjr4srx4i
x-served-by: cache-dca12929-DCA, cache-fra19162-FRA
last-modified: Thu, 18 Nov 2021 21:50:33 GMT
x-timer: S1637696295.875803,VS0,VE0
date: Tue, 23 Nov 2021 19:38:14 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca12929-DCA-94bfd157-1fa8-4e6c-a092-fa1a951cc0da; cache-fra19162-FRA-743ed529-9eff-459d-8ec9-de8ec2339fbc
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/ 437 KB
136 KB 185ms
138ms Script
application/javascript 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: UploadServer /
Resource Hash: 9d85075749d3187a7f72cf41101ede0b0675d827eac3e4fc33788330b4d55248

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 19:38:14 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA50-C1
X-GUploader-UploadID: ADPycdtDMPNZGz9drjZxBHd4BpCP7HH2jYlVH5DlZaf-7ezht7jHMSlPISyk_7WhaOSkLz2_tLyhL3bjDgeRLO0bl2DxeSfwWw
X-Cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 138381
Access-Control-Allow-Origin: *
Last-Modified: Fri, 19 Nov 2021 19:09:50 GMT
Server: UploadServer
ETag: "8d32a3d58f5e8cb41c38e9946e7e85e4"
Vary: accept-encoding
x-goog-hash: crc32c=TIqxfA==, md5=jTKj1Y9ejLQcOOmUbn6F5A==
x-goog-generation: 1637348989975441
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 138381
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: 17QoNI_6Y5EhQnaRJtrQg4VqmTTocUzrMD9pfZFVT9IYGNK3y7rCVg==
Expires: Tue, 23 Nov 2021 19:45:44 GMT

GET
H2 200 5.1c703b7c.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 28 KB
10 KB 28ms
28ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/5.1c703b7c.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb0d95bc0d9ffed5f9bf4c94fc7f9b465da1d58a92f2accc26f0bc719b7b121a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38796
etag: W/"6f710ce8f4f321b1fabeda1e1647bbd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: h9T7MKWhw9aeYXHNQLR885h6RuVHApTJYY9hnCJllcqnwm0s6XmNuQ==

GET
H2 200 20.ea05e37e.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 13 KB
4 KB 28ms
27ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/20.ea05e37e.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b466402e6ffda6c021cde3ce3067982ecec1e55a34b24928ef86cfd9caebdcba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38796
etag: W/"e95c3699ce4f9b5b07ac444dbcd2c2cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KJV04bXl30qdwurAIIvsWWA5-iTD0aHl-yTx4OEOD_rh1WY1xUrjSQ==

GET
H2 200 102.a87fe895.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 3 MB
627 KB 18ms
18ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/102.a87fe895.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11bc1d0f69838d8b261cd9290f2bd1dc7c2a9bde1330e9074a412197e171b302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:11 GMT
server: AmazonS3
age: 38796
etag: W/"6045ee5ba882a6d19145638bfdd025a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7ABgsToDBUTnvj8rFeQudM39LUPM9FK6bRjNJmzEEI7ww4QPNpMzog==

GET
H2 200 1.caf361d7.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 91 KB
22 KB 16ms
16ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/1.caf361d7.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1a0d5445dc8b362c131a365cc260a585c2d21cb285167cc6fd94f39c5989882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:11 GMT
server: AmazonS3
age: 38796
etag: W/"f97466c5147c0cca78d52ffa0bed9f53"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: l-kC08YNgbiJBmJuYxcX4A4PpPJQYrpp3iMy_kIwmcrkzuwbxJWpyA==

GET
H2 200 components-app.3726d609.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/ 5 KB
2 KB 17ms
16ms Stylesheet
text/css 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/components-app.3726d609.chunk.css
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77887f78525ca805b6913bf76ce1f5c797d3b8beb9e9e4733bd1c14b5a656810

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:11 GMT
server: AmazonS3
age: 38796
etag: W/"da515f5b607c8a5b25a391f8e5beadce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: w7hSoVnb-muHrabjCWT8XvwW2z_i-ZagWL30591G34yIhVdgOTdQVA==

GET
H2 200 components-app.0b3a4a8c.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 37 KB
12 KB 29ms
29ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/components-app.0b3a4a8c.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bc48f1faf8e723569dcb3a643d17f0112c8877c1baba2fc9c4d73fdf586d1af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:13 GMT
server: AmazonS3
age: 38796
etag: W/"c91c450dd83e40bb2a8a25249021c4d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: maVvPqbDmUwbG8AjpfdylsGoXeJljOra_WVPlYzCXF4yt7Vn8gu9Dw==

GET
H2 200 interact-localizaion-provider.a9e65c74.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 5 KB
2 KB 22ms
22ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/interact-localizaion-provider.a9e65c74.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4758e84baebf1295dad2a35abb029de0dc15fad6c32ff1d77423ab45ae83be26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:13 GMT
server: AmazonS3
age: 38796
etag: W/"5c3c78deae068907bb9513e602c50fc2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BFLwFdIlEpQwPPkG_0uxjUiNQymfJs7yyeOZ9xQJT07T9vBn26p2aA==

GET
H2 200 159.1d3ef687.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 4 KB
2 KB 131ms
131ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/159.1d3ef687.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2c24a89d27ce5ed7a6afbc7276dd8a5fd484983caa53e82b57853e81f966658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38796
etag: W/"6c89bb7d31375c979c67b9c500be4581"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZbmwOsofEqn-iAdQh4N6EXoHkDMKmmbawTNrPSy3BFfiK7rYSwVSaw==

GET
H2 200 160.60bf1b77.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 8 KB
4 KB 25ms
25ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/160.60bf1b77.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e10dbf66c17d428df0e5df2640617c003933b89b6112de84ebb325b535f1f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38796
etag: W/"94f565e92a76cde2e3629bfcb372cdba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: E91gtlEA0Y1dXYlds3XUWKK4V2OKlHhneWh1jqoKWTrP3IK1YTMmaA==

GET
H2 200 163.8afb06ca.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 2 KB
1 KB 23ms
23ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/163.8afb06ca.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e2b328fe775e6a494a17d51064d57494cc8877ccc570897753d902a572cb0dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:39 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38796
etag: W/"59fda9d8ae6e3b72fb3bb44bbf3159d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: S18JDSkCT5xETN7Iswvi2TCw3aQgbbtTJbyJueHrEUTJCIDPPlXs3Q==

GET
H2 200 box-ad575b5823df97fc9725e14a57070642.html Show response
vars.hotjar.com/ Frame 4A24 2 KB
1 KB 39ms
7ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/

Response headers

content-type: text/html
content-length: 1050
date: Tue, 16 Nov 2021 11:16:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified: Tue, 16 Nov 2021 11:15:47 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: -VJS4GEKkhfs4JREKscsLjluvdtFG2cOofDh3smiFMMWP1mOxGzhNQ==
age: 634928

GET
H2 200 auth Show response
auth.split.io/api/ 621 B
997 B 107ms
107ms Fetch
application/json 3.232.214.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/auth?users=anonymous

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.214.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-214-163.compute-1.amazonaws.com

Software

Resource Hash

4ffcb7e1276c13ecf78471772f566f06ed8d27b35a27126a00038e5f8da48473

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://ue.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.15.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
strict-transport-security: max-age=15770000; includeSubdomains
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ue.thomsonreuters.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length: 621

OPTIONS
H2 200 auth
auth.split.io/api/ Frame 0
0 327ms
106ms Preflight
application/json 3.232.214.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/auth?users=anonymous

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.232.214.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-232-214-163.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://ue.thomsonreuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-type: application/json; charset=utf-8
content-length: 4
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://ue.thomsonreuters.com
strict-transport-security: max-age=15770000; includeSubdomains

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/078ce1ff-14a0-4b87-bba7-4cc07fc4cc6d/ 25 KB
9 KB 58ms
58ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/078ce1ff-14a0-4b87-bba7-4cc07fc4cc6d/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5e1b2b36fb9d4b95032cecab5c545cbb5985199af66861e7989422fc98eaaca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-md5: 6K/IYJEAKrF2fnsa9rD+tw==
content-length: 8589
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 11:43:56 GMT
server: cloudflare
etag: 0x8D96E06F2427A7A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fd951910-101e-0102-2da1-e09c49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b2cdb532ee75369-FRA

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=884e519523ebe7323888c78564bfb4e34d3bf5a817d2188afbe3b9fb70b0c83cb0da87c991749652
dpm.demdex.net/ Frame D1AA
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=90058094889697457281524095003950240064
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomOTAwNTgwOTQ4ODk2OTc0NTcyODE1MjQwOTUwMDM5NTAyNDAwNjQQABoNCKaG9YwGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=884e519523ebe7323888c78564bfb4e34d3bf5a817d2188afbe3b9fb70b0c83cb0da87c991749652

42 B
945 B

34ms
34ms

Image
image/gif

52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=884e519523ebe7323888c78564bfb4e34d3bf5a817d2188afbe3b9fb70b0c83cb0da87c991749652

Requested by

Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0180a36c3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZaJdnU8bSDI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 23 Nov 2021 19:38:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=884e519523ebe7323888c78564bfb4e34d3bf5a817d2188afbe3b9fb70b0c83cb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1846625/ 146 B
323 B 121ms
41ms XHR
application/json 52.50.124.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 13 KB
3 KB 126ms
126ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA867F281F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bb4a916c-601e-0106-7a62-e069cb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b2cdb53a8455369-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 62 KB
15 KB 133ms
133ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54b63109325575d74839e7eb0f5ce7831eb488d70ff7549b77b20463351a3433

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: 0zNJrhCoPGSM6hOdGkVidg==
vary: Accept-Encoding
content-length: 14838
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
server: cloudflare
etag: 0x8D962BA862FE7E2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3fc50c46-d01e-005f-1f62-e02a18000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b2cdb53a8475369-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.22.0/assets/ 20 KB
4 KB 122ms
122ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 315dc84d-e01e-00b9-6262-e03be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b2cdb53a84a5369-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 18:14:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Nov 2021 19:38:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Nov 2021 19:38:15 GMT

GET
H2 200 51.7b3e4bcd.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 115 KB
28 KB 15ms
15ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/51.7b3e4bcd.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8dedb0d4915ab00150a5f8a0e51c51d7319104b7d61480a5d8c6a8ab8f6faf83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:41 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:12 GMT
server: AmazonS3
age: 38795
etag: W/"596146ba015ace57e741361ee416a4e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lSwzX9PkAocRgUcWag26VhBaM9c82_smBwjunNM4r5ZflIZn1hmyiw==

GET
H2 200 134.853f946a.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 20 KB
7 KB 460ms
457ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/134.853f946a.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41373d45bb5f07d95bcd89ecb128cb3b9504533960dca3764dc22030574dc4a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"1110b27cecb065274160e55d9e523548"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-id: 7qiibl8hDqPo843tpVFGmeU-lZM1Vlr1S2jubKrTHLr6K-gUK63F6g==

GET
H2 200 138.b90a5a82.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/ 3 KB
1 KB 428ms
427ms Stylesheet
text/css 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/138.b90a5a82.chunk.css
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a767a5fabafe269eb86467e9a4f7a0ee8f0b2e35095225ebae26551fb5cac042

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"d3ae0f78c195936fcb71b5cc23ba3b23"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-id: 7DWLhktgYPykDL7GQVseKIk-2Q4HkfLxsurZG9V0Er4qQ5ou4yn72A==

GET
H2 200 138.ccc2a41c.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 12 KB
4 KB 442ms
442ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/138.ccc2a41c.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acb8bd29c6a5f5f7aff120d12af82a00c4088dd663bc974474a1d1944d43904a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"47e816b3598dfc2807df95827a1183eb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-id: JSoAn2NKt9t2e1ir9o2RIMk9w6lFPYPyf7bW-kPdCEd1zrO8XqRU4A==

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 35ms
14ms Font
binary/octet-stream 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Origin: https://ue.thomsonreuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 01:47:27 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3174649
x-cache: Hit from cloudfront
content-length: 39408
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "de994d71a311e3119703dd67ef632f04"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: IRslMRyXmAyBvOzGP3Ttfe1vshsMDGoTvpXpf7kXsk1_36-Xk57hYw==

GET
H2 200 live-chat.46ba07cf.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/ 18 KB
4 KB 14ms
14ms Script
application/javascript 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/live-chat.46ba07cf.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce355e39ba7a72fad476c57cace0020c2bb53c0a017ef9d24a54aa7bab105d11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:51:41 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 16:18:13 GMT
server: AmazonS3
age: 38795
etag: W/"b447011c1353f0b5b5840a65aff3fb20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3smsmq7X0hxn5C0UBhl-orpkSLQVe_vCLMsYNenrrVsmf20RlUeI5A==

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
1 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b743d3fd394d33c24a968e2a55e73197ee35f592c56e0ac6121cd65be7efa6fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 619
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 19:38:15 GMT

POST
H/1.1 200
OK content Show response
ws15.hotjar.com/api/v2/sites/1846625/recordings/ 66 B
394 B 113ms
40ms XHR
application/json 52.30.171.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws15.hotjar.com/api/v2/sites/1846625/recordings/content
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.171.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-171-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 22b62fb2dd8496dda05edbaa349304276c11eae364b446addb3b48fae739e97e

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

Date: Tue, 23 Nov 2021 19:38:15 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 knowledge2017-black-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 39 KB
39 KB 17ms
17ms Font
binary/octet-stream 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Origin: https://ue.thomsonreuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 01:47:28 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3174648
x-cache: Hit from cloudfront
content-length: 39444
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "3327c2a7977db98e49b5369fcafc658c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ooERrHzmnHnSPzXw3pCyLYMPJ0gz6-W86RoltWlsYSisRmgMP8Lh-w==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ 347 KB
136 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ue.thomsonreuters.com/
Origin: https://ue.thomsonreuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 18:49:40 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=2b3b60fe-a380-4525-a62b-1f305052bc30
dpm.demdex.net/ Frame D1AA
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=2b3b60fe-a380-4525-a62b-1f305052bc30

42 B
945 B

33ms
33ms

Image
image/gif

52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=2b3b60fe-a380-4525-a62b-1f305052bc30

Requested by

Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0fe9d1f2a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: wW2WRFulS6Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=2b3b60fe-a380-4525-a62b-1f305052bc30
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 translations.interact.en_us.json Show response
ue.thomsonreuters.com/content/ue-settings/endpointsMapping/ 120 KB
34 KB 166ms
166ms Fetch
application/json 2600:9000:2156:4600:14:6298:ec00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ue.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/interact-localizaion-provider.a9e65c74.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:4600:14:6298:ec00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

36e4600db192fb96d15029bbfc6ff05557475a6639cb38587beb636376164f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-vhost: publish
x-cache: Miss from cloudfront
vary: Accept-Encoding,User-Agent
content-length: 33742
x-ua-compatible: IE=edge
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
x-amz-cf-id: 62chJJvfhO_2rmzeZxBOtMSlu1YnuBrk1cQGFU0CF0LjLl8xcUCAFg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sse
streaming.split.io/ 472 B
0 639ms
556ms EventSource
text/event-stream 143.204.98.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://streaming.split.io/sse?channels=Mjc4MDIxNzQ2OA%3D%3D_Mjg5MTc2Njc4Nw%3D%3D_MjYwMDIyNzUwNQ%3D%3D_mySegments,Mjc4MDIxNzQ2OA%3D%3D_Mjg5MTc2Njc4Nw%3D%3D_splits,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_pri,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_sec&accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6IkRQVkE3QS5fbS1NU1EiLCJ0eXAiOiJKV1QifQ.eyJ4LWFibHktY2FwYWJpbGl0eSI6IntcIk1qYzRNREl4TnpRMk9BPT1fTWpnNU1UYzJOamM0Tnc9PV9Nall3TURJeU56VXdOUT09X215U2VnbWVudHNcIjpbXCJzdWJzY3JpYmVcIl0sXCJNamM0TURJeE56UTJPQT09X01qZzVNVGMyTmpjNE53PT1fc3BsaXRzXCI6W1wic3Vic2NyaWJlXCJdLFwiY29udHJvbF9wcmlcIjpbXCJzdWJzY3JpYmVcIixcImNoYW5uZWwtbWV0YWRhdGE6cHVibGlzaGVyc1wiXSxcImNvbnRyb2xfc2VjXCI6W1wic3Vic2NyaWJlXCIsXCJjaGFubmVsLW1ldGFkYXRhOnB1Ymxpc2hlcnNcIl19IiwieC1hYmx5LWNsaWVudElkIjoiY2xpZW50SWQiLCJleHAiOjE2Mzc2OTk4OTUsImlhdCI6MTYzNzY5NjI5NX0.mcAQHSm3JPh6LXy02S2BmYPXlRuNaLcDkSdJudGg0qo&v=1.1&heartbeats=true

Requested by

Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-26.fra50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
X-Content-Type-Options	nosniff

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-amz-cf-pop: FRA50-C1
date: Tue, 23 Nov 2021 19:38:15 GMT
vary: Origin
x-ably-serverid: frontend.e454.2.us-east-1-A.i-0097ed51228713d49.e7dsFhS6gB56vc
content-type: text/event-stream
access-control-allow-origin: https://ue.thomsonreuters.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: V_rAUDDfrq7ebsnFHeqLpYaEeeFVXbKLCC2ywgEVrslDUGw3AAipnw==
x-content-type-options: nosniff

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame E488 39 KB
20 KB 34ms
33ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qvmeh7z81bdx

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f981d6409953e4d8afb9eabc9175db1fdf593376b3e18d2c30b34a59872b0690

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lBLbmtxVq6exb+GXCRM7Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Nov 2021 19:38:15 GMT
content-security-policy: script-src 'report-sample' 'nonce-lBLbmtxVq6exb+GXCRM7Pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20368
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=JZyFjSeejt4-morcIpWRj3CV3t8-yYjacsmviyQT
dpm.demdex.net/ Frame D1AA
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=JZyFjSeejt4-morcIpWRj3CV3t8-yYjacsmviyQT

42 B
945 B

64ms
37ms

Image
image/gif

52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=JZyFjSeejt4-morcIpWRj3CV3t8-yYjacsmviyQT

Requested by

Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0cac9a0e9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: B7LFE5tURU4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:15 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=JZyFjSeejt4-morcIpWRj3CV3t8-yYjacsmviyQT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame E488 51 KB
24 KB 22ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qvmeh7z81bdx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24065
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 16:48:10 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame E488 347 KB
135 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 18:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138691
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 05:04:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Nov 2022 18:49:40 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E488 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 03:05:30 GMT
x-content-type-options: nosniff
age: 577965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 24 Nov 2021 03:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E488 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 9094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E488 15 KB
15 KB 34ms
11ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 19221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame E488 102 B
134 B 21ms
21ms Other
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qvmeh7z81bdx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 19:38:15 GMT

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3623215592244248721
dpm.demdex.net/ Frame D1AA
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215592244248721

42 B
945 B

35ms
34ms

Image
image/gif

52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215592244248721

Protocol

HTTP/1.1

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-073dcfdd6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: MnU1IF61QyQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 19:38:15 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215592244248721
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 185
Expires: 0,Wed, 24 Nov 2021 14:38:15 GMT

GET
H2 200 knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 14ms
13ms Font
binary/octet-stream 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Origin: https://ue.thomsonreuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 22:11:54 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2064382
x-cache: Hit from cloudfront
content-length: 39336
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "9423006fb52301a35a4ce76f99e114af"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: HGpCwa-jr8BN5f2qroHqs4zZmN6dLxvknULND6kua7IL-m6Fo87aFQ==

GET
H2 200 knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 37ms
36ms Font
binary/octet-stream 2600:9000:2156:7e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css
Origin: https://ue.thomsonreuters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 22:11:54 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 2064382
x-cache: Hit from cloudfront
content-length: 39304
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "20dca63d8ee3254b712c7171ae987713"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 2rsQLrNtG8KmSX_IH3JOk2G6JO9RJIMGPwN4f36tdqZ4x2gkOMwNsA==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK user
bttrack.com/dmp/adobe/ Frame D1AA 35 B
380 B 377ms
93ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=90058094889697457281524095003950240064
Requested by: Host: ue.thomsonreuters.com
URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Tue, 23 Nov 2021 19:38:10 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 200 RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/ 818 B
748 B 18ms
18ms Script
application/x-javascript 2a02:26f0:12d:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 154c225e88dfad47c7c3989147399992f46d352a96c9d9eea3c8442995587321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 15:17:32 GMT
server: AkamaiNetStorage
etag: "b9eabb4670f41e2b44719f54b374a864:1634138252.770309"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 478
expires: Tue, 23 Nov 2021 20:38:15 GMT

GET
H2 200 / Show response
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
4 KB 84ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1956ae465bed6d34b64a1104baf1229daedcb7c077645031e9f65d5f3c43de63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 122904
cf-polished: origSize=8435
edge-control: max-age=604800
x-envoy-upstream-service-time: 7
vary: Accept-Encoding
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"20f3-kLiVyjs8D02/S9dG3mghiDaZBS4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 6b2cdb58ac2205e4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 adrum-ext.a6720c95d03e8e8d9e4f122a106bf00d.js Show response
cdn.appdynamics.com/ 51 KB
20 KB 9ms
8ms Script
application/javascript 143.204.98.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.a6720c95d03e8e8d9e4f122a106bf00d.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-67.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: abcf87644f7085a24a8f56ea0c9a006907d450903f56f7eefeae9ccb8e46d88a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 20:53:41 GMT
content-encoding: gzip
age: 2587474
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 15 May 2020 21:07:16 GMT
server: nginx/1.16.1
etag: W/"5ebf0484-ca25"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _A9zfRr-TBQBFHuZBrzjaXBLOT4-tTrQU1qBi7SvlPY1LtrCPA1wqA==

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame E488 30 KB
17 KB 69ms
69ms XHR
application/json 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e8a439cb0078bd61b1d8048ac1a28eef41fb0486cec9fccab77c6028cee34ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=qvmeh7z81bdx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17110
x-xss-protection: 1; mode=block
expires: Tue, 23 Nov 2021 19:38:15 GMT

GET
H2 200 12.59a7acb124733d888c69.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 55 KB
17 KB 52ms
51ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.59a7acb124733d888c69.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=ue.thomsonreuters.com

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e65e5ab701115114072ff2c9e28b0a533c8d3cbe3eb541af8b9ede34f9f80c6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496651
cf-polished: origSize=57365
cf-ray: 6b2cdb58ecef05e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"e015-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=ced8b18b883052ef5648f69f99945c9d
dpm.demdex.net/ Frame D1AA
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=90058094889697457281524095003950240064?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=90058094889697457281524095003950240064?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ced8b18b883052ef5648f69f99945c9d

42 B
945 B

43ms
41ms

Image
image/gif

52.18.82.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ced8b18b883052ef5648f69f99945c9d

Protocol

HTTP/1.1

Server

52.18.82.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-82-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0724f3096.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: G2AQJAcJTk8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:15 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=ced8b18b883052ef5648f69f99945c9d
cache-control: no-cache
x-server: 10.45.26.16
content-length: 0
expires: 0

POST
H2 401 verifyCaptcha Show response
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ 235 B
1 KB 129ms
127ms Fetch
application/json 2600:9000:2156:ea00:16:3030:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/app-main.b6ef2b1b.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 074e4ed8508da0e1eb3125682f595d55138d4bd4e2a62c07b65e8ba9a70bfb91

Request headers

Accept: application/json, text/plain, */*
Referer: https://ue.thomsonreuters.com/
Authorization: Bearer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
authorization: Bearer
sec-fetch-dest: empty
x-tr-cloudfront-api-gateway: d1uy6ivt6fb41q
cloudfront-forwarded-proto: https
host: api.thomsonreuters.com
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://ue.thomsonreuters.com
accept: application/json, text/plain, */*
cache-control: no-cache
referer: https://ue.thomsonreuters.com/
access-control-allow-headers: *
sec-fetch-mode: cors
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 82aa426281109b6069daaeeea175ae1d.cloudfront.net (CloudFront), 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
origin: https://ue.thomsonreuters.com
cloudfront-is-desktop-viewer: true
x-amz-cf-pop: FRA50-C1
x-cache: Error from cloudfront
x-forwarded-proto: https
content-length: 235
cloudfront-is-smarttv-viewer: false
cloudfront-viewer-country: GB
cloudfront-is-mobile-viewer: false
x-forwarded-for: 2a0f:9441:5:0:ea::1, 64.252.88.117
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
access-control-max-age: 3628800
pragma: no-cache
cloudfront-is-tablet-viewer: false
sec-fetch-site: same-site
x-forwarded-port: 443
x-amz-cf-id: 7Tx7qSWQsHANHVFzdLuo_EezozI5JePH-ETexI-ID2rr5cx5MwmHbQ==

OPTIONS
H2 200 verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame 0
0 157ms
51ms Preflight 2600:9000:2156:ea00:16:3030:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ea00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://ue.thomsonreuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
date: Tue, 23 Nov 2021 19:38:16 GMT
host: api.thomsonreuters.com
x-forwarded-for: 2a0f:9441:5:0:ea::1, 64.252.86.2
x-forwarded-port: 443
x-forwarded-proto: https
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
cloudfront-is-mobile-viewer: false
cloudfront-is-tablet-viewer: false
cloudfront-is-smarttv-viewer: false
cloudfront-is-desktop-viewer: true
accept: */*
referer: https://ue.thomsonreuters.com/
cloudfront-forwarded-proto: https
via: 1.1 cdb1e4f5a17894c2ae9dd07598f8199d.cloudfront.net (CloudFront), 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
pragma: no-cache
cache-control: no-cache
access-control-request-method: POST
access-control-request-headers: authorization,content-type
origin: https://ue.thomsonreuters.com
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
accept-encoding: gzip, deflate, br
cloudfront-viewer-country: GB
x-tr-cloudfront-api-gateway: d1uy6ivt6fb41q
access-control-allow-origin: https://ue.thomsonreuters.com
access-control-allow-headers: Accept,origin, connection, x-requested-with, accept,content-length, content-type,authorization,cookie,authorization,content-type
access-control-max-age: 3628800
access-control-allow-methods: *
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XGBAkMbJO8oD00aZC6-zZLzY-qi46MxMAC2d23tCniJOKQzZNHZFWw==

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 9 KB
2 KB 56ms
56ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ee142cc5e5bd6962382da830f9c8629599e85f0f474ac7e2b99f0f67969e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 12
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
trace-id: 74bc1ffaeb01aba2
cf-ray: 6b2cdb594dd905e4-FRA

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVoxREpnQUFBSDcwSFFRZg==
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxREpnQUFBSDcwSFFRZg==&google_tc=

170 B
243 B

339ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxREpnQUFBSDcwSFFRZg==&google_tc=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxREpnQUFBSDcwSFFRZg==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 99 KB
31 KB 32ms
32ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

588683fcfb9b148f145a58b2e9c935a6ef3684b2942d2dbc49eac4fa5133094d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496287
cf-polished: origSize=102584
cf-ray: 6b2cdb59aecd05e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 12
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
etag: W/"190b8-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 4.3f24d299e0044d5872df.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
896 B 45ms
45ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.3f24d299e0044d5872df.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

11fe7d5ae550735b14a986e7f9ea6a61f04965a55b2bc2d1a09c5352a2dcc31f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496652
cf-polished: origSize=2539
cf-ray: 6b2cdb5a0f9705e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"9eb-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.0a35fd27ba387ad30f65.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 41ms
41ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.0a35fd27ba387ad30f65.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

5c6b0b5df929b352bc190dec76813ed7765edd16f4eb898eb2a1015daa026282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496652
cf-polished: origSize=29269
cf-ray: 6b2cdb5a0f9905e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
x-powered-by: Express
etag: W/"7255-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
23 KB 46ms
46ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 496287
cf-polished: origSize=66052
cf-ray: 6b2cdb5a0f9c05e4-FRA
edge-control: max-age=604800
x-envoy-upstream-service-time: 9
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 03 Nov 2021 17:52:57 GMT
server: cloudflare
etag: W/"10204-17ce6eeb8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
1 KB 62ms
43ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=23&Q_ORIGIN=https://ue.thomsonreuters.com&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c315e416cbf6ddef97af88216cbf89dc42133029b3d66ab67af2d3d28c7bc57f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27268
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 8
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 23 Nov 2021 12:03:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Fri, 21 Nov 2031 12:03:48 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b2cdb5a2caac2b3-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
623 B 72ms
53ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=20&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://ue.thomsonreuters.com&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1e7926c0192ba99588ff36a783ce093cdd88f8000d5fdc4506edd43c56d8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27268
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 12:03:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6b2cdb5a2cacc2b3-FRA
servershortname
expires: Fri, 21 Nov 2031 12:03:48 GMT

GET
H2 200 anonymous Show response
sdk.split.io/api/mySegments/ 17 B
249 B 8ms
8ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://ue.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.15.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 124667
x-cache: HIT, HIT
content-encoding: gzip
content-length: 37
x-request-id: 1ywjoyuz8il
x-served-by: cache-dca12929-DCA, cache-fra19162-FRA
x-timer: S1637696296.040639,VS0,VE0
date: Tue, 23 Nov 2021 19:38:16 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17727-DCA-ee0d13b9-5768-4276-b87b-bef16217f41c; cache-fra19155-FRA-ceee969f-e80a-419e-88f6-e391cdf49624
accept-ranges: bytes
x-cache-hits: 1, 4

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 56 B
454 B 8ms
7ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=1637272233034

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df2d149858a3e68a2ead62ab086b40823480100a2e0870537aa01297e1fdd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://ue.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.15.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
etag: "-1931797340--gzip"
age: 75606
x-cache: HIT, HIT
content-length: 63
via: 1.1 varnish, 1.1 varnish
x-request-id: 1yxcvyfervy
x-served-by: cache-dca17752-DCA, cache-fra19162-FRA
last-modified: Thu, 18 Nov 2021 21:50:33 GMT
x-timer: S1637696296.040673,VS0,VE0
date: Tue, 23 Nov 2021 19:38:16 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17741-DCA-3ed7846d-3917-4ad5-95f2-d27c8ecb74cb; cache-fra19145-FRA-98cc3bd8-6608-4ca7-ad29-c71f76ea14c4
accept-ranges: bytes
x-cache-hits: 2, 2

OPTIONS
H2 200 anonymous
sdk.split.io/api/mySegments/ Frame 0
0 8ms
6ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://ue.thomsonreuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637696296.032476,VS0,VE0
vary: Cookie
access-control-allow-origin: https://ue.thomsonreuters.com
content-length: 37

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ Frame 0
0 7ms
6ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=1637272233034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.195.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://ue.thomsonreuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 varnish
x-served-by: cache-fra19162-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637696296.032591,VS0,VE0
vary: Cookie
access-control-allow-origin: https://ue.thomsonreuters.com
content-length: 37

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DJgAAAH70HQQf&expires=90

0
239 B

33ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DJgAAAH70HQQf&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637696296.037439,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DJgAAAH70HQQf&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
220 B 77ms
77ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch&r=1637696296089

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ue.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ue.thomsonreuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
trace-id: 391a6362809cd799
cf-ray: 6b2cdb5a8d57c2b3-FRA
vary: Accept-Encoding
content-length: 45

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 256 B
511 B 37ms
36ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ue.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21248836
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 8
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
content-length: 256
last-modified: Wed, 10 Mar 2021 21:25:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 6b2cdb5a98f605e4-FRA
servershortname
expires: Thu, 20 Mar 2031 21:11:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DJgAAAH70HQQf
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DJgAAAH70HQQf&C=1

43 B
1003 B

26ms
26ms

Image
image/gif

72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DJgAAAH70HQQf&C=1
Protocol: HTTP/1.1
Server: 72.247.225.98 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 19:38:16 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 23 Nov 2021 19:38:16 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 19:38:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DJgAAAH70HQQf&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 279
Expires: Tue, 23 Nov 2021 19:38:16 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YZ1DJgAAAH70HQQf
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DJgAAAH70HQQf

43 B
1 KB

14ms
14ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DJgAAAH70HQQf

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 19:38:16 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 87c77ffe-bf2e-48f4-b3b4-92bf0cd150d9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Nov 2021 19:38:16 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e17f53a1-89f8-44de-88c8-6fca83629d86
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DJgAAAH70HQQf
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DJgAAAH70HQQf

43 B
275 B

34ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DJgAAAH70HQQf
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 google
server: OXGW/16.220.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637696296.342793,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DJgAAAH70HQQf
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DJgAAAH70HQQf

1 B
548 B

54ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DJgAAAH70HQQf
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 19:38:16 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:465
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637696296.442680,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DJgAAAH70HQQf
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DJgAAAH70HQQf&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DJgAAAH70HQQf&img=1&__user_check__=1&sync_id=e799156f-4c94-11ec-8d9b-1a3cf9d10506

43 B
548 B

18ms
17ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DJgAAAH70HQQf&img=1&__user_check__=1&sync_id=e799156f-4c94-11ec-8d9b-1a3cf9d10506
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 19:38:16 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 26
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 23 Nov 2021 19:38:16 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YZ1DJgAAAH70HQQf&img=1&__user_check__=1&sync_id=e799156f-4c94-11ec-8d9b-1a3cf9d10506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 55
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame D1AA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DJgAAAH70HQQf&t=2592000&o=0

43 B
1 KB

64ms
47ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DJgAAAH70HQQf&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:38:16 PST
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Dsil+QC3/2JZsfu8nULTlNI0Kqf5hiFB8d/BACQGE7/unAUYeCpTtU9xfmD6Q/nj+wzcUc9VcYA9N7w4msPE/A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Tue, 23 Nov 2021 11:38:16 PST

Redirect headers

pragma: no-cache
date: Tue, 23 Nov 2021 19:38:16 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637696297.642291,VS0,VE0
x-served-by: cache-fra19137-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DJgAAAH70HQQf&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

/
partner.mediawallahscript.com/ Frame D1AA
Redirect Chain

https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=90058094889697457281524095003950240064&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb
https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=90058094889697457281524095003950240064&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=...

0
638 B

42ms
42ms

Image
text/plain

34.255.68.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=90058094889697457281524095003950240064&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=e7bd0cc0-4c94-11ec-bef8-49f8105510ec&timestamp=2021-11-23T19%3A38%3A16.844Z
Protocol: HTTP/1.1
Server: 34.255.68.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-68-26.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 23 Nov 2021 19:38:16 GMT
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Server: nginx/1.18.0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 23 Nov 2021 19:38:16 GMT
Server: nginx/1.18.0
Vary: Accept, Accept-Encoding
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /?account_id=2011&partner_id=2021&uid=90058094889697457281524095003950240064&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=e7bd0cc0-4c94-11ec-bef8-49f8105510ec&timestamp=2021-11-23T19%3A38%3A16.844Z
Cache-Control: private, no-cache, must-revalidate, no-store, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 268
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 03:14:08	Name: _GRECAPTCHA Value: 09ABBMTcOwLc49YoX6KyGUJu0TfEnOWN8Rn4cUZvJcGCzWcBfavPqrEgOASKteeNle7bTCyMhPRiP1t6uJA1W92EQ
ue.thomsonreuters.com/	1970-01-19 22:54:56	Name: SameSite Value: None
.thomsonreuters.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 03:14:08	Name: demdex Value: 90058094889697457281524095003950240064
.thomsonreuters.com/	1969-12-31 23:59:59	Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 07:40:32	Name: everest_g_v2 Value: g_surferid~YZ1DJgAAAH70HQQf
.thomsonreuters.com/	1970-01-20 16:29:01	Name: mbox Value: session#762c3644d9114a98b7bfe3ffb7010b45#1637698155\|PC#762c3644d9114a98b7bfe3ffb7010b45.37_0#1700941095
.dpm.demdex.net/	1970-01-20 03:14:08	Name: dpm Value: 90058094889697457281524095003950240064
.thomsonreuters.com/	1970-01-20 16:26:08	Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18955%7CMCMID%7C89775010946506392541534533375250950038%7CMCAAMLH-1638301094%7C6%7CMCAAMB-1638301094%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637703494s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18962%7CvVersion%7C5.2.0
.thomsonreuters.com/	1970-01-20 07:40:32	Name: _hjSessionUser_1846625 Value: eyJpZCI6ImFmYWI3YTQ3LTFkNTQtNWNiMi04YTZjLTlkYjQ0NjUxMWM3OCIsImNyZWF0ZWQiOjE2Mzc2OTYyOTQ5MDYsImV4aXN0aW5nIjpmYWxzZX0=
.thomsonreuters.com/	1970-01-19 22:54:58	Name: _hjFirstSeen Value: 1
.thomsonreuters.com/	1970-01-19 22:54:58	Name: _hjSession_1846625 Value: eyJpZCI6IjE1N2E1NWIyLTBkNzEtNGJlZC05MDhjLThkOTUyMDRhNDJhMiIsImNyZWF0ZWQiOjE2Mzc2OTYyOTQ5NDZ9
ue.thomsonreuters.com/	1970-01-19 22:54:56	Name: _hjIncludedInPageviewSample Value: 1
.thomsonreuters.com/	1970-01-19 22:54:58	Name: _hjAbsoluteSessionInProgress Value: 0
ue.thomsonreuters.com/	1970-01-19 22:54:56	Name: _hjIncludedInSessionSample Value: 1
.rlcdn.com/	1970-01-20 07:40:32	Name: rlas3 Value: fI/X0mfU0ytxq5BFQqC/jVrB4Bx33RWpVCIv+aeFA5s=
.rlcdn.com/	1970-01-20 00:21:20	Name: pxrc Value: CKaG9YwGEgUI6AcQABIGCPHrARAA
ue.thomsonreuters.com/	1970-01-20 07:40:32	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Tue+Nov+23+2021+19%3A38%3A15+GMT%2B0000+(GMT)&version=6.22.0&hosts=&consentId=aacffbd0-6919-4570-b76f-cab6bc0807a4&interactionCount=0&landingPath=https%3A%2F%2Fue.thomsonreuters.com%2Fen-us%2Faccount%2Fbilling%2Fguest%2Fpay&groups=1%3A1%2C3%3A0
.adsrvr.org/	1970-01-20 07:40:32	Name: TDID Value: 2b3b60fe-a380-4525-a62b-1f305052bc30
.adsrvr.org/	1970-01-20 07:40:32	Name: TDCPM Value: CAESEgoDYWFtEgsIssbIttqwlzoQBRgFIAEoAjILCJKNlOPwsJc6EAU4AQ..
.quantserve.com/	1970-01-20 01:04:32	Name: d Value: EKsBDAHlJLmvYA
.quantserve.com/	1970-01-20 08:25:10	Name: mc Value: 619d4327-76518-fc8b6-d43ad
ue.thomsonreuters.com/	1970-01-19 23:05:01	Name: AWSALB Value: nco+l+gozp9ugT3r1JV9cYvINzdzj/ObdeiihS5j3e+1vrttDMq7LPuFj6TtRAFMV19qvl2pcmY9kzAwNdM88bh2eKzKKhnZSt1FHJ3LNK0IPRJUXTcDpmnP7Bhi
ue.thomsonreuters.com/	1970-01-19 23:05:01	Name: AWSALBCORS Value: nco+l+gozp9ugT3r1JV9cYvINzdzj/ObdeiihS5j3e+1vrttDMq7LPuFj6TtRAFMV19qvl2pcmY9kzAwNdM88bh2eKzKKhnZSt1FHJ3LNK0IPRJUXTcDpmnP7Bhi
ue.thomsonreuters.com/	1970-01-19 22:54:56	Name: ADRUM_BTa Value: R:61\|g:feb30bd6-4d56-42e9-9b50-f889784cbdbf\|n:thomsonreutersebs_3755e129-eecf-46d8-aaca-243b802ef37f
.crwdcntrl.net/	1970-01-20 05:23:42	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:23:42	Name: _cc_id Value: ced8b18b883052ef5648f69f99945c9d
.crwdcntrl.net/	1970-01-20 05:23:44	Name: _cc_cc Value: "ACZ4XmNQSE5NsUgytEiysDA2MDVKTTM1M7FIM7NMs7S0NDFNtkxhAILEuc7qIBoKAFP0CkU%3D"
.crwdcntrl.net/	1970-01-20 05:23:44	Name: _cc_aud Value: "ABR4XmNgYGBInOusDqSgAAASKgFp"
.doubleclick.net/	1970-01-19 22:54:57	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 07:40:32	Name: CMID Value: YZ1DKJscWsZmTPRYGnyYmQAA
.casalemedia.com/	1970-01-20 01:04:32	Name: CMPS Value: 5229
.casalemedia.com/	1970-01-20 01:04:32	Name: CMPRO Value: 1127
.casalemedia.com/	1970-01-19 22:56:22	Name: CMST Value: YZ1DKGGdQygA
.casalemedia.com/	1970-01-20 07:40:32	Name: CMRUM3 Value: 58619d43282760YZ1DJgAAAH70HQQf
.adnxs.com/	1970-01-20 01:04:32	Name: uuid2 Value: 260431879996432600
.adnxs.com/	1970-01-20 01:04:32	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E>spPI9M!@wnfH)iR8PMp-v=0C#7i+DRpiJ%D_lv^0l3QTvHl]iO+%(2K:$doRL2xc>Hx7R)0`]?y^T''wzDYzIJ!!)SC*>oNK
.pubmatic.com/	1970-01-20 01:04:32	Name: KRTBCOOKIE_218 Value: 4056-YZ1DJgAAAH70HQQf&KRTB&22978-YZ1DJgAAAH70HQQf&KRTB&23194-YZ1DJgAAAH70HQQf&KRTB&23209-YZ1DJgAAAH70HQQf
.pubmatic.com/	1970-01-19 23:38:08	Name: PugT Value: 1637696296
.pubmatic.com/	1970-01-20 01:04:32	Name: PUBMDCID Value: 3
.spotxchange.com/	1970-01-20 07:40:36	Name: audience Value: e7991511-4c94-11ec-8d9b-1a3cf9d10506
.demdex.net/	1970-01-20 03:14:08	Name: dextp Value: 60-1-1637696294942\|477-1-1637696295190\|903-1-1637696295344\|1175-1-1637696295446\|22052-1-1637696295608\|49276-1-1637696295732\|121998-1-1637696295833\|144230-1-1637696295933\|144231-1-1637696296034\|144232-1-1637696296135\|144233-1-1637696296236\|144234-1-1637696296337\|144235-1-1637696296438\|144236-1-1637696296538\|144237-1-1637696296639\|444422-1-1637696296740
.mediawallahscript.com/	1970-01-20 16:26:08	Name: mCookie Value: e7c39c71-4c94-11ec-9d4d-a5f3df3d8ec1
.mediawallahscript.com/	1970-01-20 16:26:08	Name: mUserCookie Value: %7B%22undefined%22%3A%5B%22%22%2C%22%22%2C%22%22%5D%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thomsonreuters.com
app-data.gcs.trstatic.net
assets.adobedtm.com
auth.split.io
bttrack.com
cdn.appdynamics.com
cdn.cookielaw.org
cdn.pendo.io
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
ml314.com
partner.mediawallahscript.com
pixel.quantserve.com
pixel.rubiconproject.com
script.hotjar.com
sdk.split.io
siteintercept.qualtrics.com
static.hotjar.com
streaming.split.io
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
ue.thomsonreuters.com
us-u.openx.net
vars.hotjar.com
westservicesinc.tt.omtrdc.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
ws15.hotjar.com
www.facebook.com
www.google.com
www.gstatic.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
142.250.186.34
143.204.98.122
143.204.98.26
143.204.98.32
143.204.98.33
143.204.98.67
143.204.98.82
15.188.95.229
151.101.130.49
151.101.195.9
185.33.221.91
185.64.190.80
185.94.180.125
192.132.33.46
2600:9000:2156:4600:14:6298:ec00:93a1
2600:9000:2156:7e00:15:d837:3240:93a1
2600:9000:2156:ea00:16:3030:f80:93a1
2606:4700:10::6814:b844
2606:4700::6810:9540
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:803::200a
2a00:1450:4001:809::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2003
2a02:26f0:12d:587::1e80
2a03:2880:f11c:8083:face:b00c:0:25de
3.232.214.163
3.33.220.150
34.255.68.26
35.244.159.8
35.244.174.68
52.18.82.75
52.208.121.178
52.30.140.199
52.30.171.74
52.50.124.16
52.51.88.158
54.170.22.84
54.229.143.145
69.173.144.165
72.247.225.98
074e4ed8508da0e1eb3125682f595d55138d4bd4e2a62c07b65e8ba9a70bfb91
092c3579ed3375d5e3970c2145c82fd28dc38940724978b557d3fecbb5b079b2
0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d14fa1934102b4493dc5391177f0042f607f9702e9c3264695ce075c56672e5
11bc1d0f69838d8b261cd9290f2bd1dc7c2a9bde1330e9074a412197e171b302
11fe7d5ae550735b14a986e7f9ea6a61f04965a55b2bc2d1a09c5352a2dcc31f
154c225e88dfad47c7c3989147399992f46d352a96c9d9eea3c8442995587321
1956ae465bed6d34b64a1104baf1229daedcb7c077645031e9f65d5f3c43de63
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
22b62fb2dd8496dda05edbaa349304276c11eae364b446addb3b48fae739e97e
23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
29e97a04b69a0fc27edd32dd6a074825e4f8946cd8e71caab09ec183bb787de7
36e4600db192fb96d15029bbfc6ff05557475a6639cb38587beb636376164f82
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043
3d3c30e7aaac3abd7eb2ddafbc52cdf3cba76c50e45c9f3d079cd538e22e9bec
3e10dbf66c17d428df0e5df2640617c003933b89b6112de84ebb325b535f1f54
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e8a439cb0078bd61b1d8048ac1a28eef41fb0486cec9fccab77c6028cee34ed
41373d45bb5f07d95bcd89ecb128cb3b9504533960dca3764dc22030574dc4a2
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46547e117710b803e062343a99519eb2a27293b8346f7a008a4cb8d39bebf95f
4758e84baebf1295dad2a35abb029de0dc15fad6c32ff1d77423ab45ae83be26
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc48f1faf8e723569dcb3a643d17f0112c8877c1baba2fc9c4d73fdf586d1af
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffcb7e1276c13ecf78471772f566f06ed8d27b35a27126a00038e5f8da48473
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b63109325575d74839e7eb0f5ce7831eb488d70ff7549b77b20463351a3433
588683fcfb9b148f145a58b2e9c935a6ef3684b2942d2dbc49eac4fa5133094d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c6b0b5df929b352bc190dec76813ed7765edd16f4eb898eb2a1015daa026282
5c87ee919be897359b9afa57e3bc05c20a8bf65bde93ac03be4f88de00998d4f
5d6c18a92ed7c6704d135d437d921d3435eb911ed46fc7d3eec9b81173b7ceef
5e27c51adf8de961aa8003a4f0ef398c28586d15e0549a363e7f8fd33a2e38fc
5e2b328fe775e6a494a17d51064d57494cc8877ccc570897753d902a572cb0dd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5
77887f78525ca805b6913bf76ce1f5c797d3b8beb9e9e4733bd1c14b5a656810
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
79237be64fdf83ff645a660c3d17e39d9e14bd0684f3c06486229520e9b3bb05
7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83745aef5b250a4349d1e5ac664901105828b473be1d9f9b40e12512bc38a01c
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8dedb0d4915ab00150a5f8a0e51c51d7319104b7d61480a5d8c6a8ab8f6faf83
9d85075749d3187a7f72cf41101ede0b0675d827eac3e4fc33788330b4d55248
a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc
a767a5fabafe269eb86467e9a4f7a0ee8f0b2e35095225ebae26551fb5cac042
ab26888a3b542b8a7bc4d2156d35154ff72d72653042d1edc5fe2b90f48da874
abcf87644f7085a24a8f56ea0c9a006907d450903f56f7eefeae9ccb8e46d88a
acb8bd29c6a5f5f7aff120d12af82a00c4088dd663bc974474a1d1944d43904a
af3ada59cba84f8b8e380725a06cf9b0bc41c3d75032e26931daa897a4bb26a1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ee142cc5e5bd6962382da830f9c8629599e85f0f474ac7e2b99f0f67969e3f
b466402e6ffda6c021cde3ce3067982ecec1e55a34b24928ef86cfd9caebdcba
b743d3fd394d33c24a968e2a55e73197ee35f592c56e0ac6121cd65be7efa6fa
bb0d95bc0d9ffed5f9bf4c94fc7f9b465da1d58a92f2accc26f0bc719b7b121a
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
c2c24a89d27ce5ed7a6afbc7276dd8a5fd484983caa53e82b57853e81f966658
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a
c315e416cbf6ddef97af88216cbf89dc42133029b3d66ab67af2d3d28c7bc57f
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d
ce355e39ba7a72fad476c57cace0020c2bb53c0a017ef9d24a54aa7bab105d11
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb
d1a0d5445dc8b362c131a365cc260a585c2d21cb285167cc6fd94f39c5989882
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
df2d149858a3e68a2ead62ab086b40823480100a2e0870537aa01297e1fdd389
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e65e5ab701115114072ff2c9e28b0a533c8d3cbe3eb541af8b9ede34f9f80c6f
e9b9e4615dfae2bc91b6c2e86aea9f79dd139b43310621a089355a8a28dd013e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f5e1b2b36fb9d4b95032cecab5c545cbb5985199af66861e7989422fc98eaaca
f981d6409953e4d8afb9eabc9175db1fdf593376b3e18d2c30b34a59872b0690
fc1e7926c0192ba99588ff36a783ce093cdd88f8000d5fdc4506edd43c56d8de

ue.thomsonreuters.com Open in urlscan Pro 2600:9000:2156:4600:14:6298:ec00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

100 Requests

85 %HTTPS

28 %IPv6

31 Domains

43 Subdomains

37 IPs

7 Countries

2407 kBTransfer

8322 kBSize

44 Cookies

7 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ue.thomsonreuters.com Open in urlscan Pro
2600:9000:2156:4600:14:6298:ec00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

85 %
HTTPS

28 %
IPv6

31
Domains

43
Subdomains

37
IPs

7
Countries

2407 kB
Transfer

8322 kB
Size

44
Cookies

100 HTTP transactions
3 data transactions