ue.thomsonreuters.com Open in urlscan Pro
2600:9000:2156:bc00:14:6298:ec00:93a1  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://cm.everesttech.net/cm/dd?d_uuid=76435087190298009503418263559283696490 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DMQAAABoMcQQz

Request Chain 44

• https://idsync.rlcdn.com/365868.gif?partner_uid=76435087190298009503418263559283696490 HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzY0MzUwODcxOTAyOTgwMDk1MDM0MTgyNjM1NTkyODM2OTY0OTAQABoNCLGG9YwGEgUI6AcQAEIASgA HTTP 307
• https://dpm.demdex.net/ibs:dpid=477&dpuuid=a76544f47c0e56fd9fc75897713665dd0c7ff02c2b0afc592fd1670b23bcf56bb0da87c991749652

Request Chain 66

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
• https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbdccbae-d349-485d-b73e-ff6704bdca0e

Request Chain 74

• https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=zEJhqc5Aa__XRDuvzhJ1-ZkSbvXXQjyrwkaoNI-L

Request Chain 76

• https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215595192320114

Request Chain 92

• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=76435087190298009503418263559283696490?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=76435087190298009503418263559283696490?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2ee0f4bad8832718d133502bdb78670a

Request Chain 93

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVoxRE1RQUFBQm9NY1FReg== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxRE1RQUFBQm9NY1FReg==&google_tc=

Request Chain 94

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DMQAAABoMcQQz&expires=90

Request Chain 95

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DMQAAABoMcQQz HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DMQAAABoMcQQz&C=1

Request Chain 96

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=YZ1DMQAAABoMcQQz HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DMQAAABoMcQQz

Request Chain 97

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DMQAAABoMcQQz

Request Chain 98

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DMQAAABoMcQQz

Request Chain 99

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DMQAAABoMcQQz&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DMQAAABoMcQQz&img=1&__user_check__=1&sync_id=ee2624b5-4c94-11ec-a4fb-11e121d60406

Request Chain 100

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DMQAAABoMcQQz&t=2592000&o=0

Request Chain 101

• https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=76435087190298009503418263559283696490&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb HTTP 302
• https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=76435087190298009503418263559283696490&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=ee46c950-4c94-11ec-b8f3-378e5fd55318&timestamp=2021-11-23T19%3A38%3A27.813Z

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pay Show response ue.thomsonreuters.com/en-us/account/billing/guest/	3 KB 3 KB	437ms 399ms	Document text/html	2600:9000:2156:bc00:14:6298:ec00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:14:6298:ec00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash ab26888a3b542b8a7bc4d2156d35154ff72d72653042d1edc5fe2b90f48da874 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html;charset=utf-8 content-length 1308 date Tue, 23 Nov 2021 19:38:24 GMT server Apache strict-transport-security max-age=31536000; includeSubDomains x-frame-options SAMEORIGIN expires Thu, 01 Jan 1970 00:00:00 GMT x-content-type-options nosniff content-encoding gzip x-ua-compatible IE=edge x-dispatcher dispatcher1useast1 x-vhost publish content-disposition inline vary Accept-Encoding,User-Agent x-cache Miss from cloudfront via 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id 2J9i4y7NwxwVpM1k3Yn-n6Rk0N7C_Nk2UJEaHxTjwJGofvsrCFxBsg==
GET H2	200	launch-f185a872eb60.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/	300 KB 87 KB	527ms 15ms	Script application/x-javascript	2a02:26f0:12d:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash af3ada59cba84f8b8e380725a06cf9b0bc41c3d75032e26931daa897a4bb26a1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 15:17:31 GMT server AkamaiNetStorage etag "57d648eb9ad352a4027ba7dc78ad1542:1634138251.948508" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 88137 expires Tue, 23 Nov 2021 20:38:25 GMT
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	19 KB 7 KB	528ms 16ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Lh0CEVPkmGuwf4KyqdKdhw== age 6561 vary Accept-Encoding content-length 6403 x-ms-lease-status unlocked last-modified Mon, 22 Nov 2021 20:32:32 GMT server cloudflare etag 0x8D9ADF735C33F25 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id af27f9c3-901e-001c-49ea-df00f1000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6b2cdb940b7643b8-FRA
GET H2	200	adrum-20.5.0.3144.js Show response cdn.appdynamics.com/adrum/	96 KB 35 KB	523ms 11ms	Script application/javascript	143.204.98.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-67.fra50.r.cloudfront.net Software nginx/1.16.1 / Resource Hash 46547e117710b803e062343a99519eb2a27293b8346f7a008a4cb8d39bebf95f Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 25 Oct 2021 17:11:10 GMT content-encoding gzip age 2514435 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 15 May 2020 21:07:15 GMT server nginx/1.16.1 etag W/"5ebf0483-18065" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript via 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront) cache-control public, max-age=2678400, s-max-age=14400 x-amz-cf-pop FRA50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id rBgzv2RIgDGP8HkGTyPFwvIQaPsJDq-Hb68kR4k3N0a_WbbdwpPJcg==
GET H2	200	bootstrap.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/	155 KB 49 KB	520ms 8ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/bootstrap.js Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 092c3579ed3375d5e3970c2145c82fd28dc38940724978b557d3fecbb5b079b2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:36 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:10 GMT server AmazonS3 age 38810 etag W/"2afe6283a1ee142dc378e6b41eafd607" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id OXW5twxWn5QqwcnmF58Nn-__OK5q6jEVFmYfIyIjgfrD7-42v9C4ng==
GET H/1.1	200 OK	id Show response dpm.demdex.net/	4 KB 2 KB	130ms 38ms	XHR application/json	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1637696305357 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash 60e57bbd1763b2bd5c7a1616726d813878326e326b280324e2832849cf3af720 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-2-v019-0f8fde21e.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID 2QWCaR1SQFM= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://ue.thomsonreuters.com Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json;charset=utf-8 Content-Length 1309 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	EX51db1eb10f11458096d1e6ca794cce82-libraryCode_source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/	45 KB 17 KB	44ms 44ms	Script application/x-javascript	2a02:26f0:12d:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/EX51db1eb10f11458096d1e6ca794cce82-libraryCode_source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 83745aef5b250a4349d1e5ac664901105828b473be1d9f9b40e12512bc38a01c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 15:17:32 GMT server AkamaiNetStorage etag "b9eabb4670f41e2b44719f54b374a864:1634138252.770309" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 16834 expires Tue, 23 Nov 2021 20:38:25 GMT
GET H2	200	AppMeasurement_Module_AudienceManagement.min.js Show response assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/	25 KB 9 KB	15ms 15ms	Script application/x-javascript	2a02:26f0:12d:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_AudienceManagement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip last-modified Wed, 18 Aug 2021 21:04:02 GMT server AkamaiNetStorage etag "46ddc14338df08a965a4d5269b73d1ad:1629320642.34831" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 8763 expires Tue, 23 Nov 2021 20:38:25 GMT
GET H2	200	8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json Show response cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/	4 KB 2 KB	72ms 58ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d14fa1934102b4493dc5391177f0042f607f9702e9c3264695ce075c56672e5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 fTfyOupKjfMqmjcKhzh2yQ== content-length 1549 x-ms-lease-status unlocked last-modified Thu, 02 Sep 2021 11:43:48 GMT server cloudflare etag 0x8D96E06ED9EED74 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id c8b32155-601e-0020-7aa1-e0b42a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 6b2cdb94cef542d5-FRA
GET H2	200	78.17675ce8.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	1 MB 341 KB	9ms 9ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e27c51adf8de961aa8003a4f0ef398c28586d15e0549a363e7f8fd33a2e38fc Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:37 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38809 etag W/"d5ba8008b436d8dd434c24d610ae720c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id yq9ST006tgymEhDhZgGqpZL_YC8M1UvLXP-YgHKnnM8a4D-lAVIEVQ==
GET H2	200	app-main.4085d38b.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/	406 KB 73 KB	9ms 8ms	Stylesheet text/css	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e9b9e4615dfae2bc91b6c2e86aea9f79dd139b43310621a089355a8a28dd013e Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:37 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 38809 etag W/"5f3389ddff382d66479f6c91b2f11772" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id -2QbX9MNu-peTBAZf2NUcKJvbki9jCAOz_D_gBEmOymP8-DcO4k4Ow==
GET H2	200	app-main.b6ef2b1b.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	267 KB 51 KB	9ms 9ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/app-main.b6ef2b1b.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79237be64fdf83ff645a660c3d17e39d9e14bd0684f3c06486229520e9b3bb05 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:37 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 38809 etag W/"69ed999ee917f1a03de317bc69bf4bec" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id 9GhaKyE2lXxPD4oU4on2dTM_Iw8eKDCa7hrMx7nbaYF_jBm-XSxAiQ==
GET H2	200	hotjar-1846625.js Show response static.hotjar.com/c/	7 KB 3 KB	68ms 13ms	Script application/javascript	143.204.98.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1846625.js?sv=6 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-29.fra50.r.cloudfront.net Software / Resource Hash 5d6c18a92ed7c6704d135d437d921d3435eb911ed46fc7d3eec9b81173b7ceef Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:14 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 age 11 etag W/ff60f67329ea2ee3f7d56576d3fa1c46 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-pop FRA50-C1 x-amz-cf-id WtIeV9kGxRN4J-ffrEzsu6IpdkTDtO2ukJwIn2ithzSMOXgNhAa2zQ== via 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
OPTIONS H2	200	anonymous sdk.split.io/api/mySegments/ Frame	0 0	313ms 278ms	Preflight	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Tue, 23 Nov 2021 19:38:25 GMT via 1.1 varnish x-served-by cache-fra19121-FRA x-cache HIT x-cache-hits 0 x-timer S1637696306.572768,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
OPTIONS H2	200	splitChanges sdk.split.io/api/ Frame	0 0	309ms 278ms	Preflight	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Tue, 23 Nov 2021 19:38:25 GMT via 1.1 varnish x-served-by cache-fra19121-FRA x-cache HIT x-cache-hits 0 x-timer S1637696306.572889,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
GET H2	200	anonymous Show response sdk.split.io/api/mySegments/	17 B 219 B	128ms 127ms	Fetch application/json	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains via 1.1 varnish, 1.1 varnish etag "1000002--gzip" age 124677 x-cache HIT, HIT content-encoding gzip content-length 37 x-request-id 1ywjoyuz8il x-served-by cache-dca12929-DCA, cache-fra19121-FRA x-timer S1637696306.891567,VS0,VE76 date Tue, 23 Nov 2021 19:38:25 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17727-DCA-ee0d13b9-5768-4276-b87b-bef16217f41c; cache-fra19155-FRA-ceee969f-e80a-419e-88f6-e391cdf49624 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	splitChanges Show response sdk.split.io/api/	146 KB 10 KB	53ms 53ms	Fetch application/json	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5c87ee919be897359b9afa57e3bc05c20a8bf65bde93ac03be4f88de00998d4f Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip etag "-534150754--gzip" age 3419 x-cache HIT, HIT content-length 10188 via 1.1 varnish, 1.1 varnish x-request-id 1yyjr4srx4i x-served-by cache-dca12929-DCA, cache-fra19121-FRA last-modified Thu, 18 Nov 2021 21:50:33 GMT x-timer S1637696306.891731,VS0,VE1 date Tue, 23 Nov 2021 19:38:25 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca12929-DCA-94bfd157-1fa8-4e6c-a092-fa1a951cc0da; cache-fra19162-FRA-743ed529-9eff-459d-8ec9-de8ec2339fbc accept-ranges bytes x-cache-hits 2, 1
GET H/1.1	200 OK	pendo.js Show response cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/	437 KB 136 KB	29ms 7ms	Script application/javascript	143.204.98.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-27.fra50.r.cloudfront.net Software UploadServer / Resource Hash 9d85075749d3187a7f72cf41101ede0b0675d827eac3e4fc33788330b4d55248 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 23 Nov 2021 19:38:14 GMT Content-Encoding gzip Age 10 X-GUploader-UploadID ADPycdtDMPNZGz9drjZxBHd4BpCP7HH2jYlVH5DlZaf-7ezht7jHMSlPISyk_7WhaOSkLz2_tLyhL3bjDgeRLO0bl2DxeSfwWw X-Cache Hit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip Connection keep-alive Content-Length 138381 Access-Control-Allow-Origin * Last-Modified Fri, 19 Nov 2021 19:09:50 GMT Server UploadServer ETag "8d32a3d58f5e8cb41c38e9946e7e85e4" Vary accept-encoding x-goog-hash crc32c=TIqxfA==, md5=jTKj1Y9ejLQcOOmUbn6F5A== x-goog-generation 1637348989975441 Via 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront) Access-Control-Expose-Headers * Cache-Control max-age=450 x-goog-stored-content-length 138381 X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Type application/javascript X-Amz-Cf-Id QtC1NLfjdT-no00hQo5_yGdfCYWzQdEm__DrS9uUcgOpjTKS2PRo7A== Expires Tue, 23 Nov 2021 19:45:44 GMT
GET H2	200	5.1c703b7c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	28 KB 10 KB	11ms 10ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/5.1c703b7c.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bb0d95bc0d9ffed5f9bf4c94fc7f9b465da1d58a92f2accc26f0bc719b7b121a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38807 etag W/"6f710ce8f4f321b1fabeda1e1647bbd7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id gkucALDnika-tnU3zbqxrM4URoK6MJxmk5UW6kfJnwvXxDrBTfxYQA==
GET H2	200	20.ea05e37e.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	13 KB 4 KB	11ms 10ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/20.ea05e37e.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b466402e6ffda6c021cde3ce3067982ecec1e55a34b24928ef86cfd9caebdcba Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38807 etag W/"e95c3699ce4f9b5b07ac444dbcd2c2cd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id yuqAWdOOA7s6GZtYUUdgKA0bHr4pfOwjIz84ChGC5bJ1Xig0t1pxvg==
GET H2	200	102.a87fe895.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	3 MB 627 KB	11ms 10ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/102.a87fe895.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 11bc1d0f69838d8b261cd9290f2bd1dc7c2a9bde1330e9074a412197e171b302 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 38807 etag W/"6045ee5ba882a6d19145638bfdd025a9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id 1kFzGZndWQwHa7kJNy-uvWHojr6cRcEc7omQj0Ca9TOUSFfeMQC0sw==
GET H2	200	1.caf361d7.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	91 KB 22 KB	11ms 10ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/1.caf361d7.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d1a0d5445dc8b362c131a365cc260a585c2d21cb285167cc6fd94f39c5989882 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 38807 etag W/"f97466c5147c0cca78d52ffa0bed9f53" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id FsrBp8mx8M85nPjW-6FqSyuu_s3ZfLqa8LyZR6fV7AlG3DvyGG--pw==
GET H2	200	components-app.3726d609.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/	5 KB 2 KB	12ms 12ms	Stylesheet text/css	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/components-app.3726d609.chunk.css Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 77887f78525ca805b6913bf76ce1f5c797d3b8beb9e9e4733bd1c14b5a656810 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 38807 etag W/"da515f5b607c8a5b25a391f8e5beadce" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id lI_v2oKtFK4JEv7xuS1VYXCT1DhR_JYZMSzKY7WkzqiUFC98Tz2k3w==
GET H2	200	components-app.0b3a4a8c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	37 KB 12 KB	12ms 12ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/components-app.0b3a4a8c.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4bc48f1faf8e723569dcb3a643d17f0112c8877c1baba2fc9c4d73fdf586d1af Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 38807 etag W/"c91c450dd83e40bb2a8a25249021c4d0" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id H_n6DTeirILK1tIoeZ-ER5tT2PRwdYdlXWVffP2Oaha4S2N7bxK__g==
GET H2	200	interact-localizaion-provider.a9e65c74.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	5 KB 2 KB	12ms 12ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/interact-localizaion-provider.a9e65c74.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4758e84baebf1295dad2a35abb029de0dc15fad6c32ff1d77423ab45ae83be26 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 38807 etag W/"5c3c78deae068907bb9513e602c50fc2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id ReSeNomcHbDeKtc6ysF6bLSpkyXzLU_UP3iXpskpW4lO0mdf0jVduQ==
GET H2	200	159.1d3ef687.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	4 KB 2 KB	17ms 17ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/159.1d3ef687.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2c24a89d27ce5ed7a6afbc7276dd8a5fd484983caa53e82b57853e81f966658 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38807 etag W/"6c89bb7d31375c979c67b9c500be4581" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id 33u5x9Hk4H1Plx6VR8lN5yY5zNipIexnLGodgdECwpplhfhjDEA-wA==
GET H2	200	160.60bf1b77.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	8 KB 4 KB	17ms 17ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/160.60bf1b77.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3e10dbf66c17d428df0e5df2640617c003933b89b6112de84ebb325b535f1f54 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38807 etag W/"94f565e92a76cde2e3629bfcb372cdba" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id 8AFj6y3OJ1x5Q_i8RiHbdQ1dVbGQDYt4C3cIajhDqFwvQPHMliTVEg==
GET H2	200	163.8afb06ca.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	2 KB 1 KB	22ms 22ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/163.8afb06ca.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e2b328fe775e6a494a17d51064d57494cc8877ccc570897753d902a572cb0dd Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:39 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38807 etag W/"59fda9d8ae6e3b72fb3bb44bbf3159d1" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id dixeDjDOISZJBgco4YwfyCH85EW_3b4qB6hMxQY_i0201eRVzH_5eQ==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	190 B 394 B	51ms 28ms	Script text/javascript	2606:4700:10::6814:b944 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0de5e7a89d333a5f9156ef6a6f998e52006495aff6832b8bab0617bfd3af8e9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6b2cdb95d8dc2c4e-FRA
GET H/1.1	200 OK	dest5.html Show response westthomson.demdex.net/ Frame F24F	7 KB 3 KB	133ms 32ms	Document text/html	52.17.185.148 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomson.demdex.net/dest5.html?d_nsid=0 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.17.185.148 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-17-185-148.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip Content-Type text/html;charset=UTF-8 date Tue, 23 Nov 2021 19:38:25 GMT DCS dcs-prod-irl1-1-v019-0920decde.edge-irl1.demdex.com UNKNOWN Expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Thu, 14 Oct 2021 10:46:54 GMT P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains vary accept-encoding X-TID i+pNj+paQ7E= Content-Length 2791 Connection keep-alive
GET H2	200	id Show response westthomsoncom.sc.omtrdc.net/	2 B 320 B	61ms 16ms	XHR application/x-javascript	15.236.176.210 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=76736752833020541763394994166998160828&ts=1637696305561 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-15-236-176-210.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 23 Nov 2021 19:38:25 GMT x-content-type-options nosniff server jag xserver anedge-6988cccb6f-xq5rm vary Origin x-c main-1542.If2e2aa.M0-523 p3p CP="This is not a P3P policy" access-control-allow-origin https://ue.thomsonreuters.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-type application/x-javascript;charset=utf-8 content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=YZ1DMQAAABoMcQQz dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=76435087190298009503418263559283696490 https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DMQAAABoMcQQz	42 B 945 B	34ms 34ms	Image image/gif	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DMQAAABoMcQQz Requested by Host: ue.thomsonreuters.com URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay Protocol HTTP/1.1 Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-0ec6e45e2.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID SnDcO8UVQuw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZ1DMQAAABoMcQQz Date Tue, 23 Nov 2021 19:38:25 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response westservicesinc.tt.omtrdc.net/rest/v1/	288 B 516 B	125ms 52ms	XHR application/json	54.72.26.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=8fe7ae31fa184d22a60886395c77d4ce&version=2.6.1 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.26.30 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-26-30.eu-west-1.compute.amazonaws.com Software / Resource Hash 1f4ead553a8db4a669c86a93a610ac76fba6999b828726e41158e5deb4ce524f Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://ue.thomsonreuters.com date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip access-control-allow-credentials true vary origin,access-control-request-method,access-control-request-headers,accept-encoding x-request-id 00ffeb9eb9601d2556b52682c81c45ac content-type application/json;charset=UTF-8
GET H2	200	auth Show response auth.split.io/api/	621 B 997 B	111ms 110ms	Fetch application/json	34.200.143.3 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/auth?users=anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.200.143.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-200-143-3.compute-1.amazonaws.com Software / Resource Hash 5e80c9e282dc62ba406efe4041de767ffdb01646c45f6e8e667e9668f57d89d8 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers date Tue, 23 Nov 2021 19:38:25 GMT strict-transport-security max-age=15770000; includeSubdomains access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://ue.thomsonreuters.com access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion content-length 621
OPTIONS H2	200	auth auth.split.io/api/ Frame	0 0	343ms 112ms	Preflight application/json	34.200.143.3 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/auth?users=anonymous Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.200.143.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-200-143-3.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers date Tue, 23 Nov 2021 19:38:25 GMT content-type application/json; charset=utf-8 content-length 4 access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion access-control-allow-methods GET, OPTIONS access-control-allow-origin https://ue.thomsonreuters.com strict-transport-security max-age=15770000; includeSubdomains
GET H2	200	modules.376dac12c7cbd03331c3.js Show response script.hotjar.com/	226 KB 60 KB	30ms 8ms	Script application/javascript	143.204.98.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.376dac12c7cbd03331c3.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-39.fra50.r.cloudfront.net Software / Resource Hash 762eec26c35697c778960f1348261ead87844a3fb32e847f237cc6fdab697ba5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 12:27:06 GMT content-encoding br x-content-type-options nosniff age 25879 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 60634 access-control-allow-origin * last-modified Tue, 23 Nov 2021 12:26:27 GMT etag "a104d8caba37d824b6eacd90ef7757da" vary Accept-Encoding content-type application/javascript via 1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id RbugFzDiHPxpujne4LRmEaqRriNLwqLnavHFVxfJHPAXEyBB72mlag==
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.22.0/	311 KB 74 KB	16ms 15ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 Uj6Yo16pL9bm0y1nKKjJjg== age 3094253 vary Accept-Encoding content-length 75930 x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:18 GMT server cloudflare etag 0x8D962BA8ADAEF03 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 3f4f46b5-901e-0058-4c6c-c4dc9d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6b2cdb96099043b8-FRA
GET H2	200	en.json Show response cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ff059805-8ecd-4595-8c8d-1d261c8669b7/	25 KB 9 KB	58ms 58ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3da96d49315051625567ea098c5cefbdaa4be908b8e10e54076e7b3f0e02905 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC content-md5 pWKxSCWuVkXA0iSxk7n/dQ== content-length 8598 x-ms-lease-status unlocked last-modified Thu, 02 Sep 2021 11:43:57 GMT server cloudflare etag 0x8D96E06F3406B33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 23e9858a-c01e-00c3-4da1-e051a5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 6b2cdb965ad842d5-FRA
GET H2	200	box-ad575b5823df97fc9725e14a57070642.html Show response vars.hotjar.com/ Frame 8559	2 KB 1 KB	29ms 6ms	Document text/html	143.204.98.69 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.69 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-69.fra50.r.cloudfront.net Software / Resource Hash f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ Response headers content-type text/html content-length 1050 date Tue, 16 Nov 2021 11:16:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "a123045c9cc95cfe44d6b5d126b9f1a7" last-modified Tue, 16 Nov 2021 11:15:47 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id Ob2NNPIBg-gWkj1fXKVx_msUm6gnN8z630GbJzHX0LRJVcmUCy87rg== age 634939
GET H2	200	css fonts.googleapis.com/	2 KB 917 B	78ms 15ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 23 Nov 2021 18:19:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 23 Nov 2021 19:38:25 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 23 Nov 2021 19:38:25 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.22.0/assets/	13 KB 3 KB	18ms 17ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 eS/vZlhjCBp2QvELx7IrSQ== age 10 vary Accept-Encoding content-length 2950 x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:10 GMT server cloudflare etag 0x8D962BA867F281F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id bb4a916c-601e-0106-7a62-e069cb000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6b2cdb976db642d5-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.22.0/assets/	62 KB 15 KB	17ms 16ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otPcCenter.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54b63109325575d74839e7eb0f5ce7831eb488d70ff7549b77b20463351a3433 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 0zNJrhCoPGSM6hOdGkVidg== age 10 vary Accept-Encoding content-length 14838 x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:10 GMT server cloudflare etag 0x8D962BA862FE7E2 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 3fc50c46-d01e-005f-1f62-e02a18000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 6b2cdb976db842d5-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.22.0/assets/	20 KB 4 KB	18ms 18ms	Fetch text/css	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 F/Fs54+x9bQK/ULkNRp4fA== age 10 vary Accept-Encoding x-ms-lease-status unlocked last-modified Thu, 19 Aug 2021 02:39:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 315dc84d-e01e-00b9-6262-e03be8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 6b2cdb976dba42d5-FRA
GET H2	200	knowledge2017-black-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	39 KB 39 KB	35ms 14ms	Font binary/octet-stream	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 18 Oct 2021 01:47:28 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 3174658 x-cache Hit from cloudfront content-length 39444 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "3327c2a7977db98e49b5369fcafc658c" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id AU-8O7fF5ZnEaDzYEVZVoNfU_PSSNO4jBYYjOorurwSbotK1IWuyzA==
GET H2	200	knowledge2017-regular-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	38ms 17ms	Font binary/octet-stream	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221 Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Mon, 18 Oct 2021 01:47:27 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 3174659 x-cache Hit from cloudfront content-length 39408 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "de994d71a311e3119703dd67ef632f04" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id eTDL8IUM-MuqcoYSwMidvp6vvKQv8Y4EdyWjsjm8AVPGrnOKRGidog==
GET H/1.1	200 OK	ibs:dpid=477&dpuuid=a76544f47c0e56fd9fc75897713665dd0c7ff02c2b0afc592fd1670b23bcf56bb0da87c991749652 dpm.demdex.net/ Frame F24F Redirect Chain https://idsync.rlcdn.com/365868.gif?partner_uid=76435087190298009503418263559283696490 https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNzY0MzUwODcxOTAyOTgwMDk1MDM0MTgyNjM1NTkyODM2OTY0OTAQABoNCLGG9YwGEgUI6AcQAEIASgA https://dpm.demdex.net/ibs:dpid=477&dpuuid=a76544f47c0e56fd9fc75897713665dd0c7ff02c2b0afc592fd1670b23bcf56bb0da87c991749652	42 B 945 B	35ms 35ms	Image image/gif	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=477&dpuuid=a76544f47c0e56fd9fc75897713665dd0c7ff02c2b0afc592fd1670b23bcf56bb0da87c991749652 Protocol HTTP/1.1 Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-06a57b486.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID p5Gq5XvxQa0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers date Tue, 23 Nov 2021 19:38:25 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://dpm.demdex.net/ibs:dpid=477&dpuuid=a76544f47c0e56fd9fc75897713665dd0c7ff02c2b0afc592fd1670b23bcf56bb0da87c991749652 cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1846625/	146 B 323 B	98ms 35ms	XHR application/json	54.75.159.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.75.159.38 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-75-159-38.eu-west-1.compute.amazonaws.com Software / Resource Hash 43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87 Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/	818 B 748 B	20ms 20ms	Script application/x-javascript	2a02:26f0:12d:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/7a9dd3f6c633/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:12d:587::1e80 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 154c225e88dfad47c7c3989147399992f46d352a96c9d9eea3c8442995587321 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:25 GMT content-encoding gzip last-modified Wed, 13 Oct 2021 15:17:32 GMT server AkamaiNetStorage etag "b9eabb4670f41e2b44719f54b374a864:1634138252.770309" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://ue.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 478 expires Tue, 23 Nov 2021 20:38:25 GMT
GET H2	200	/ Show response zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/	7 KB 4 KB	142ms 102ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1956ae465bed6d34b64a1104baf1229daedcb7c077645031e9f65d5f3c43de63 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 122915 cf-polished origSize=8435 edge-control max-age=604800 x-envoy-upstream-service-time 7 vary Accept-Encoding timing-allow-origin * cf-bgj minify server cloudflare x-powered-by Express etag W/"20f3-kLiVyjs8D02/S9dG3mghiDaZBS4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 cf-ray 6b2cdb989c635b3e-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept
GET H2	200	adrum-ext.a6720c95d03e8e8d9e4f122a106bf00d.js Show response cdn.appdynamics.com/	51 KB 20 KB	11ms 10ms	Script application/javascript	143.204.98.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum-ext.a6720c95d03e8e8d9e4f122a106bf00d.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.67 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-67.fra50.r.cloudfront.net Software nginx/1.16.1 / Resource Hash abcf87644f7085a24a8f56ea0c9a006907d450903f56f7eefeae9ccb8e46d88a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sun, 24 Oct 2021 20:53:41 GMT content-encoding gzip age 2587484 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 15 May 2020 21:07:16 GMT server nginx/1.16.1 etag W/"5ebf0484-ca25" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript via 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront) cache-control public, max-age=2678400, s-max-age=14400 x-amz-cf-pop FRA50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id ul0iAAk3JDBgk9dkrCQdeJV3k5Kv2b40E8qJGROJ_Vas-X70gwnyEQ==
GET H2	200	51.7b3e4bcd.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	115 KB 28 KB	29ms 28ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/51.7b3e4bcd.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8dedb0d4915ab00150a5f8a0e51c51d7319104b7d61480a5d8c6a8ab8f6faf83 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:41 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:12 GMT server AmazonS3 age 38806 etag W/"596146ba015ace57e741361ee416a4e5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id oSX5cukOfEIHByXlt3INuUZ7X5xBDJQuLUzueSRIAlju21zAQHagVQ==
GET H2	200	134.853f946a.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	20 KB 7 KB	12ms 11ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/134.853f946a.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41373d45bb5f07d95bcd89ecb128cb3b9504533960dca3764dc22030574dc4a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:16 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 11 etag W/"1110b27cecb065274160e55d9e523548" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id zyyFlyxW-8nBFXcvFIj9lrgxBXvvRRBvq9Ge76yo_R4LMsRo7WjwUw==
GET H2	200	138.b90a5a82.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/	3 KB 1 KB	17ms 16ms	Stylesheet text/css	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/138.b90a5a82.chunk.css Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a767a5fabafe269eb86467e9a4f7a0ee8f0b2e35095225ebae26551fb5cac042 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:16 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:10 GMT server AmazonS3 age 11 etag W/"d3ae0f78c195936fcb71b5cc23ba3b23" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id SdhK7vS-5H_BeeRfiAABH_lTMyfYryN3-4DkOWyaO_0FQ6wl_c6Ngg==
GET H2	200	138.ccc2a41c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	12 KB 4 KB	15ms 15ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/138.ccc2a41c.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash acb8bd29c6a5f5f7aff120d12af82a00c4088dd663bc974474a1d1944d43904a Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:16 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:11 GMT server AmazonS3 age 11 etag W/"47e816b3598dfc2807df95827a1183eb" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id RuFQbj2cGmd0UNviLQj7b7Pv1pjgJfG0tVcXZNSETxRrrvsKDMNlcw==
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	live-chat.46ba07cf.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/	18 KB 4 KB	9ms 8ms	Script application/javascript	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/live-chat.46ba07cf.chunk.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ce355e39ba7a72fad476c57cace0020c2bb53c0a017ef9d24a54aa7bab105d11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 08:51:41 GMT content-encoding gzip last-modified Fri, 12 Nov 2021 16:18:13 GMT server AmazonS3 age 38806 etag W/"b447011c1353f0b5b5840a65aff3fb20" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront) cache-control max-age=86400,immutable x-amz-cf-pop FRA50-C1 x-amz-cf-id OBRGqEQyxD27Zof5nRnJQ5BVqL6nlqjrak6qSDYAKZbwyWGe9LEGOw==
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	974 B 1 KB	41ms 19ms	Script text/javascript	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b743d3fd394d33c24a968e2a55e73197ee35f592c56e0ac6121cd65be7efa6fa Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 619 x-xss-protection 1; mode=block expires Tue, 23 Nov 2021 19:38:26 GMT
POST H/1.1	200 OK	content Show response ws20.hotjar.com/api/v2/sites/1846625/recordings/	66 B 394 B	307ms 103ms	XHR application/json	54.72.134.180 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws20.hotjar.com/api/v2/sites/1846625/recordings/content Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.72.134.180 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-134-180.eu-west-1.compute.amazonaws.com Software / Resource Hash 64fc63174781662782eb668acaf304e49830b1d3bdb514af93d8c792b72dd1ea Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers Date Tue, 23 Nov 2021 19:38:26 GMT Content-Encoding br Vary Accept-Encoding Content-Type application/json Access-Control-Allow-Origin * Access-Control-Max-Age 86400 Cache-Control no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Transfer-Encoding chunked
GET H2	200	translations.interact.en_us.json Show response ue.thomsonreuters.com/content/ue-settings/endpointsMapping/	120 KB 34 KB	155ms 155ms	Fetch application/json	2600:9000:2156:bc00:14:6298:ec00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ue.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/interact-localizaion-provider.a9e65c74.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:14:6298:ec00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 36e4600db192fb96d15029bbfc6ff05557475a6639cb38587beb636376164f82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/en-us/account/billing/guest/pay User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-dispatcher dispatcher1useast1 date Tue, 23 Nov 2021 19:38:26 GMT content-encoding gzip x-content-type-options nosniff x-amz-cf-pop FRA50-C1 x-vhost publish x-cache Miss from cloudfront vary Accept-Encoding,User-Agent content-length 33742 x-ua-compatible IE=edge server Apache x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains content-type application/json;charset=utf-8 via 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront) x-amz-cf-id VB_2_OKhtDGNCFbt8oTkGU4HISZMtNOhRNC4KFGgKG1GHG8SI-VJoQ== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	12.59a7acb124733d888c69.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	55 KB 17 KB	63ms 62ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/12.59a7acb124733d888c69.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=ue.thomsonreuters.com Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e65e5ab701115114072ff2c9e28b0a533c8d3cbe3eb541af8b9ede34f9f80c6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 496662 cf-polished origSize=57365 cf-ray 6b2cdb998ea55b3e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding last-modified Wed, 03 Nov 2021 17:52:57 GMT server cloudflare x-powered-by Express etag W/"e015-17ce6eeb8a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/	347 KB 136 KB	35ms 6ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ue.thomsonreuters.com/ Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:49:40 GMT content-encoding gzip x-content-type-options nosniff age 2926 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138691 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 23 Nov 2022 18:49:40 GMT
GET H2	200	sse streaming.split.io/	472 B 0	610ms 549ms	EventSource text/event-stream	143.204.98.26 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://streaming.split.io/sse?channels=Mjc4MDIxNzQ2OA%3D%3D_Mjg5MTc2Njc4Nw%3D%3D_MjYwMDIyNzUwNQ%3D%3D_mySegments,Mjc4MDIxNzQ2OA%3D%3D_Mjg5MTc2Njc4Nw%3D%3D_splits,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_pri,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_sec&accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6IkRQVkE3QS5fbS1NU1EiLCJ0eXAiOiJKV1QifQ.eyJ4LWFibHktY2FwYWJpbGl0eSI6IntcIk1qYzRNREl4TnpRMk9BPT1fTWpnNU1UYzJOamM0Tnc9PV9Nall3TURJeU56VXdOUT09X215U2VnbWVudHNcIjpbXCJzdWJzY3JpYmVcIl0sXCJNamM0TURJeE56UTJPQT09X01qZzVNVGMyTmpjNE53PT1fc3BsaXRzXCI6W1wic3Vic2NyaWJlXCJdLFwiY29udHJvbF9wcmlcIjpbXCJzdWJzY3JpYmVcIixcImNoYW5uZWwtbWV0YWRhdGE6cHVibGlzaGVyc1wiXSxcImNvbnRyb2xfc2VjXCI6W1wic3Vic2NyaWJlXCIsXCJjaGFubmVsLW1ldGFkYXRhOnB1Ymxpc2hlcnNcIl19IiwieC1hYmx5LWNsaWVudElkIjoiY2xpZW50SWQiLCJleHAiOjE2Mzc2OTk5MDUsImlhdCI6MTYzNzY5NjMwNX0.Jsacz_-508DGRlZTgy3qi4dsKc0qQzBud794rCPJbjM&v=1.1&heartbeats=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.26 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-26.fra50.r.cloudfront.net Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com X-Content-Type-Options nosniff Request headers Accept text/event-stream Cache-Control no-cache Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers content-security-policy default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com via 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront) referrer-policy no-referrer x-amz-cf-pop FRA50-C1 date Tue, 23 Nov 2021 19:38:26 GMT vary Origin x-ably-serverid frontend.91d0.2.us-east-1-A.i-0a17b0ba4b8fbebf8.e7dDawyPQB56OX content-type text/event-stream access-control-allow-origin https://ue.thomsonreuters.com access-control-expose-headers Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server access-control-allow-credentials true x-cache Miss from cloudfront x-robots-tag noindex x-amz-cf-id FLkOsu4hKUd8ppzj5p0FzaK4XnWj4Pack7oSgVYNLy_EBRccrxSZhQ== x-content-type-options nosniff
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	knowledge2017-medium-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	16ms 9ms	Font binary/octet-stream	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sat, 30 Oct 2021 22:11:54 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2064393 x-cache Hit from cloudfront content-length 39304 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "20dca63d8ee3254b712c7171ae987713" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id Q23bIn8kb41MB_8Hf_Y3SItYLAV_DKgBJi0J-l7gRePBcfYkCmkVBw==
GET H2	200	knowledge2017-light-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	10ms 9ms	Font binary/octet-stream	2600:9000:2156:800:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/css/app-main.4085d38b.chunk.css Origin https://ue.thomsonreuters.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Sat, 30 Oct 2021 22:11:54 GMT via 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront) vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 2064393 x-cache Hit from cloudfront content-length 39336 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "9423006fb52301a35a4ce76f99e114af" access-control-max-age 3000 access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id SfGasw60gHTp4X6p32RIq60AYnE7831gH5ftHyxtVMQLRao-Xz-jWg==
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 9806	39 KB 20 KB	33ms 32ms	Document text/html	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9cb3c570d30dcc5748d8d9f0f75c25bd095c31bee70090a6997097754a3f2928 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-UspOskIBNtk+MrCIP6b/2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Tue, 23 Nov 2021 19:38:26 GMT content-security-policy script-src 'report-sample' 'nonce-UspOskIBNtk+MrCIP6b/2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 20331 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	ibs:dpid=903&dpuuid=cbdccbae-d349-485d-b73e-ff6704bdca0e dpm.demdex.net/ Frame F24F Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbdccbae-d349-485d-b73e-ff6704bdca0e	42 B 945 B	34ms 34ms	Image image/gif	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbdccbae-d349-485d-b73e-ff6704bdca0e Protocol HTTP/1.1 Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-060944edb.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 1jQ6u5IjTmc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:26 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://dpm.demdex.net/ibs:dpid=903&dpuuid=cbdccbae-d349-485d-b73e-ff6704bdca0e cache-control private,no-cache, must-revalidate content-type text/html content-length 189
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	9 KB 2 KB	242ms 242ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2ee142cc5e5bd6962382da830f9c8629599e85f0f474ac7e2b99f0f67969e3f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 9 strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * referrer-policy strict-origin-when-cross-origin server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin https://ue.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true trace-id 39580e01856b2ab9 cf-ray 6b2cdb9a69155b3e-FRA
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 9806	51 KB 24 KB	23ms 9ms	Stylesheet text/css	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 16:48:10 GMT content-encoding gzip x-content-type-options nosniff age 10216 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24065 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 23 Nov 2022 16:48:10 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 9806	347 KB 135 KB	21ms 7ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a56234241a7dd6d1f2a13b3d521d260c999c9bf50e97f255859649775eec6ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 18:49:40 GMT content-encoding gzip x-content-type-options nosniff age 2926 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 138691 x-xss-protection 0 last-modified Mon, 15 Nov 2021 05:04:02 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 23 Nov 2022 18:49:40 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 9806	2 KB 2 KB	7ms 6ms	Image image/png	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 17 Nov 2021 03:05:30 GMT x-content-type-options nosniff age 577976 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Wed, 24 Nov 2021 03:05:30 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9806	15 KB 16 KB	28ms 6ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 17:06:41 GMT x-content-type-options nosniff age 9105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Nov 2022 17:06:41 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 9806	15 KB 15 KB	33ms 12ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 14:17:54 GMT x-content-type-options nosniff age 19232 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 23 Nov 2022 14:17:54 GMT
GET H3	200	webworker.js www.google.com/recaptcha/enterprise/ Frame 9806	102 B 134 B	17ms 16ms	Other text/javascript	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 23d4875896a0991fa45cd27b4935dc479b16e1a0774d10cf2d7ccc5406ef2764 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Tue, 23 Nov 2021 19:38:26 GMT
GET H/1.1	200 OK	ibs:dpid=1175&gdpr=0&dpuuid=zEJhqc5Aa__XRDuvzhJ1-ZkSbvXXQjyrwkaoNI-L dpm.demdex.net/ Frame F24F Redirect Chain https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=zEJhqc5Aa__XRDuvzhJ1-ZkSbvXXQjyrwkaoNI-L	42 B 945 B	40ms 36ms	Image image/gif	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=zEJhqc5Aa__XRDuvzhJ1-ZkSbvXXQjyrwkaoNI-L Protocol HTTP/1.1 Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-080af9c5c.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID TtYs97BNTs0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:26 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=zEJhqc5Aa__XRDuvzhJ1-ZkSbvXXQjyrwkaoNI-L cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	99 KB 31 KB	31ms 31ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 588683fcfb9b148f145a58b2e9c935a6ef3684b2942d2dbc49eac4fa5133094d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 496298 cf-polished origSize=102584 cf-ray 6b2cdb9c0c885b3e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 12 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Wed, 03 Nov 2021 17:52:57 GMT server cloudflare etag W/"190b8-17ce6eeb8a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H/1.1	200 OK	ibs:dpid=22052&dpuuid=3623215595192320114 dpm.demdex.net/ Frame F24F Redirect Chain https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215595192320114	42 B 945 B	43ms 43ms	Image image/gif	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215595192320114 Protocol HTTP/1.1 Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v019-080af9c5c.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID mVGpgJPnSRc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Pragma no-cache Date Tue, 23 Nov 2021 19:38:26 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3P CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" Location https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3623215595192320114 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 185 Expires 0,Wed, 24 Nov 2021 14:38:26 GMT
POST H3	200	reload Show response www.google.com/recaptcha/enterprise/ Frame 9806	30 KB 17 KB	67ms 67ms	XHR application/json	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f3c8c80fe5d757078f489eb887410693ef0e4bc8fb0eb4590714f613a67c75c7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly91ZS50aG9tc29ucmV1dGVycy5jb206NDQz&hl=de&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=kdkqabggrg4 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/x-protobuffer Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16968 x-xss-protection 1; mode=block expires Tue, 23 Nov 2021 19:38:26 GMT
GET H2	200	4.3f24d299e0044d5872df.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	2 KB 899 B	29ms 29ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/4.3f24d299e0044d5872df.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 11fe7d5ae550735b14a986e7f9ea6a61f04965a55b2bc2d1a09c5352a2dcc31f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 496662 cf-polished origSize=2539 cf-ray 6b2cdb9c5d085b3e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 5 vary Accept-Encoding last-modified Wed, 03 Nov 2021 17:52:57 GMT server cloudflare x-powered-by Express etag W/"9eb-17ce6eeb8a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	1.0a35fd27ba387ad30f65.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	28 KB 6 KB	74ms 74ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.0a35fd27ba387ad30f65.chunk.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5c6b0b5df929b352bc190dec76813ed7765edd16f4eb898eb2a1015daa026282 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 496662 cf-polished origSize=29269 cf-ray 6b2cdb9c5d0c5b3e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 5 vary Accept-Encoding last-modified Wed, 03 Nov 2021 17:52:57 GMT server cloudflare x-powered-by Express etag W/"7255-17ce6eeb8a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	FeedbackButtonModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	64 KB 23 KB	40ms 40ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52353c2f4c441c1f50d634fcf160da6abaa62f36ad3a90e6e457b367479a0dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 496297 cf-polished origSize=66052 cf-ray 6b2cdb9c5d165b3e-FRA edge-control max-age=604800 x-envoy-upstream-service-time 9 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Wed, 03 Nov 2021 17:52:57 GMT server cloudflare etag W/"10204-17ce6eeb8a8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept cf-bgj minify
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 766 B	58ms 40ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=23&Q_ORIGIN=https://ue.thomsonreuters.com&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c315e416cbf6ddef97af88216cbf89dc42133029b3d66ab67af2d3d28c7bc57f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 27278 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 x-envoy-upstream-service-time 8 vary Accept-Encoding referrer-policy strict-origin-when-cross-origin last-modified Tue, 23 Nov 2021 12:03:48 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * expires Fri, 21 Nov 2031 12:03:48 GMT cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false cf-ray 6b2cdb9c78054a86-FRA servershortname
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 1 KB	44ms 26ms	XHR application/json	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=20&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://ue.thomsonreuters.com&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc1e7926c0192ba99588ff36a783ce093cdd88f8000d5fdc4506edd43c56d8de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 27278 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 x-envoy-upstream-service-time 10 vary Accept-Encoding last-modified Tue, 23 Nov 2021 12:03:48 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false cf-ray 6b2cdb9c78074a86-FRA servershortname expires Fri, 21 Nov 2031 12:03:48 GMT
OPTIONS H2	200	verifyCaptcha api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame	0 0	104ms 44ms	Preflight	2600:9000:2156:de00:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:de00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers authorization,content-type Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers content-length 0 date Tue, 23 Nov 2021 19:38:26 GMT host api.thomsonreuters.com x-forwarded-for 2a01:4f8:150:2008:35::1, 64.252.89.231 x-forwarded-port 443 x-forwarded-proto https user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 cloudfront-is-mobile-viewer false cloudfront-is-tablet-viewer false cloudfront-is-smarttv-viewer false cloudfront-is-desktop-viewer true accept */* referer https://ue.thomsonreuters.com/ cloudfront-forwarded-proto https via 1.1 508ccf7259f6578075975e26a8a1cd0d.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) pragma no-cache cache-control no-cache access-control-request-method POST access-control-request-headers authorization,content-type origin https://ue.thomsonreuters.com sec-fetch-mode cors sec-fetch-site same-site sec-fetch-dest empty accept-encoding gzip, deflate, br cloudfront-viewer-country DE x-tr-cloudfront-api-gateway d1uy6ivt6fb41q access-control-allow-origin https://ue.thomsonreuters.com access-control-allow-headers Accept,origin, connection, x-requested-with, accept,content-length, content-type,authorization,cookie,authorization,content-type access-control-max-age 3628800 access-control-allow-methods * access-control-allow-credentials true x-cache Miss from cloudfront x-amz-cf-pop FRA50-C1 x-amz-cf-id 48VBp0a9bsvKBtyrfO2DmUr8ISDj_Bj1h6ZGNcjQ-e26IAm0xuQCkw==
POST H2	401	verifyCaptcha Show response api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/	235 B 1 KB	126ms 126ms	Fetch application/json	2600:9000:2156:de00:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/app-main.b6ef2b1b.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:de00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 074e4ed8508da0e1eb3125682f595d55138d4bd4e2a62c07b65e8ba9a70bfb91 Request headers Accept application/json, text/plain, */* Referer https://ue.thomsonreuters.com/ Authorization Bearer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 authorization Bearer sec-fetch-dest empty x-tr-cloudfront-api-gateway d1uy6ivt6fb41q cloudfront-forwarded-proto https host api.thomsonreuters.com access-control-allow-methods * content-type application/json access-control-allow-origin https://ue.thomsonreuters.com accept application/json, text/plain, */* cache-control no-cache referer https://ue.thomsonreuters.com/ access-control-allow-headers * sec-fetch-mode cors date Tue, 23 Nov 2021 19:38:26 GMT via 1.1 43028bbb23d762ad80d3a6235a850be7.cloudfront.net (CloudFront), 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) origin https://ue.thomsonreuters.com cloudfront-is-desktop-viewer true x-amz-cf-pop FRA50-C1 x-cache Error from cloudfront x-forwarded-proto https content-length 235 cloudfront-is-smarttv-viewer false cloudfront-viewer-country DE cloudfront-is-mobile-viewer false x-forwarded-for 2a01:4f8:150:2008:35::1, 64.252.86.172 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 access-control-max-age 3628800 pragma no-cache cloudfront-is-tablet-viewer false sec-fetch-site same-site x-forwarded-port 443 x-amz-cf-id Msfw1HBqDJ57m4wlFhKkYMTqU2YXrFBgkxRfYex8HTSZ0V65rRGBNQ==
GET H/1.1	200 OK	user bttrack.com/dmp/adobe/ Frame F24F	35 B 380 B	404ms 100ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/dmp/adobe/user?dd_uuid=76435087190298009503418263559283696490 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers X-ServerName Track001-dc3 Pragma no-cache Date Tue, 23 Nov 2021 19:38:21 GMT X-AspNetMvc-Version 5.2 Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 P3P CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" Cache-Control private,no-cache Content-Type image/gif Content-Length 35 Expires -1
POST H2	200	/ Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 220 B	137ms 137ms	XHR text/plain	104.17.208.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.64.0&Q_CLIENTTYPE=webAdobeLaunch&r=1637696306700 Requested by Host: cdn.appdynamics.com URL: https://cdn.appdynamics.com/adrum/adrum-20.5.0.3144.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ue.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Tue, 23 Nov 2021 19:38:26 GMT x-content-type-options nosniff cf-cache-status DYNAMIC x-envoy-upstream-service-time 2 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 45 referrer-policy strict-origin-when-cross-origin server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/plain; charset=UTF-8 access-control-allow-origin https://ue.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true trace-id 212a271474fe5f26 cf-ray 6b2cdb9ce8e24a86-FRA
GET H2	200	wr-dialog-close-btn-black.png siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	256 B 511 B	27ms 27ms	Image image/png	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ue.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT x-content-type-options nosniff cf-cache-status HIT age 21248846 cf-polished origSize=757 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" x-envoy-upstream-service-time 8 cf-bgj imgq:85,h2pri vary Accept-Encoding content-length 256 last-modified Wed, 10 Mar 2021 21:25:57 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/png cache-control max-age=315360000, public accept-ranges bytes cf-ray 6b2cdb9cee3b5b3e-FRA servershortname expires Thu, 20 Mar 2031 21:11:00 GMT
OPTIONS H2	200	anonymous sdk.split.io/api/mySegments/ Frame	0 0	6ms 6ms	Preflight	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Tue, 23 Nov 2021 19:38:26 GMT via 1.1 varnish x-served-by cache-fra19121-FRA x-cache HIT x-cache-hits 0 x-timer S1637696307.779680,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
OPTIONS H2	200	splitChanges sdk.split.io/api/ Frame	0 0	7ms 6ms	Preflight	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=1637272233034 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization,content-type,splitsdkversion Origin https://ue.thomsonreuters.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Sec-Fetch-Mode cors Response headers server Varnish retry-after 0 allow HEAD,GET,OPTIONS,POST,PUT,DELETE access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-max-age 7200 accept-ranges bytes date Tue, 23 Nov 2021 19:38:26 GMT via 1.1 varnish x-served-by cache-fra19121-FRA x-cache HIT x-cache-hits 0 x-timer S1637696307.779876,VS0,VE0 vary Cookie access-control-allow-origin https://ue.thomsonreuters.com content-length 37
GET H2	200	anonymous Show response sdk.split.io/api/mySegments/	17 B 318 B	7ms 7ms	Fetch application/json	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains via 1.1 varnish, 1.1 varnish etag "1000002--gzip" age 124678 x-cache HIT, HIT content-encoding gzip content-length 37 x-request-id 1ywjoyuz8il x-served-by cache-dca12929-DCA, cache-fra19121-FRA x-timer S1637696307.787966,VS0,VE0 date Tue, 23 Nov 2021 19:38:26 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17727-DCA-ee0d13b9-5768-4276-b87b-bef16217f41c; cache-fra19155-FRA-ceee969f-e80a-419e-88f6-e391cdf49624 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	splitChanges Show response sdk.split.io/api/	56 B 315 B	10ms 10ms	Fetch application/json	151.101.195.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=1637272233034 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v8.1.13/static/js/78.17675ce8.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.195.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash df2d149858a3e68a2ead62ab086b40823480100a2e0870537aa01297e1fdd389 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://ue.thomsonreuters.com/ Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob Accept-Language de-DE,de;q=0.9 SplitSDKVersion javascript-10.15.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip etag "-1931797340--gzip" age 75616 x-cache HIT, HIT content-length 63 via 1.1 varnish, 1.1 varnish x-request-id 1yxcvyfervy x-served-by cache-dca17752-DCA, cache-fra19121-FRA last-modified Thu, 18 Nov 2021 21:50:33 GMT x-timer S1637696307.787983,VS0,VE1 date Tue, 23 Nov 2021 19:38:26 GMT vary Origin, Accept-Encoding, Cookie content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 trace cache-dca17741-DCA-3ed7846d-3917-4ad5-95f2-d27c8ecb74cb; cache-fra19145-FRA-98cc3bd8-6608-4ca7-ad29-c71f76ea14c4 accept-ranges bytes x-cache-hits 2, 1
GET H/1.1	200 OK	ibs:dpid=121998&dpuuid=2ee0f4bad8832718d133502bdb78670a dpm.demdex.net/ Frame F24F Redirect Chain https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=76435087190298009503418263559283696490?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/tpid=76435087190298009503418263559283696490?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2ee0f4bad8832718d133502bdb78670a	42 B 945 B	41ms 40ms	Image image/gif	54.195.238.9 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2ee0f4bad8832718d133502bdb78670a Protocol HTTP/1.1 Server 54.195.238.9 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-195-238-9.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v019-0d891b5f4.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 2clYs+LVTZw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:26 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://dpm.demdex.net/ibs:dpid=121998&dpuuid=2ee0f4bad8832718d133502bdb78670a cache-control no-cache x-server 10.45.8.34 content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVoxRE1RQUFBQm9NY1FReg== https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxRE1RQUFBQm9NY1FReg==&google_tc=	170 B 188 B	46ms 31ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxRE1RQUFBQm9NY1FReg==&google_tc= Protocol H3 Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 23 Nov 2021 19:38:27 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:26 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVoxRE1RQUFBQm9NY1FReg==&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 345 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DMQAAABoMcQQz&expires=90	0 239 B	30ms 9ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DMQAAABoMcQQz&expires=90 Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Content-Type image/gif Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:27 GMT via 1.1 varnish server Varnish x-timer S1637696307.002451,VS0,VE0 x-served-by cache-fra19169-FRA x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZ1DMQAAABoMcQQz&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DMQAAABoMcQQz https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DMQAAABoMcQQz&C=1	43 B 1003 B	41ms 41ms	Image image/gif	104.85.0.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DMQAAABoMcQQz&C=1 Protocol HTTP/1.1 Server 104.85.0.246 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-85-0-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Nov 2021 19:38:27 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 23 Nov 2021 19:38:27 GMT Redirect headers Pragma no-cache Date Tue, 23 Nov 2021 19:38:27 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZ1DMQAAABoMcQQz&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 279 Expires Tue, 23 Nov 2021 19:38:27 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=YZ1DMQAAABoMcQQz https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DMQAAABoMcQQz	43 B 1 KB	29ms 29ms	Image image/gif	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DMQAAABoMcQQz Protocol HTTP/1.1 Server 185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Pragma no-cache Date Tue, 23 Nov 2021 19:38:27 GMT X-Proxy-Origin 78.47.208.26; 78.47.208.26; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid c1fc4f93-d249-48b8-9d49-59d589037e5e Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 23 Nov 2021 19:38:27 GMT X-Proxy-Origin 78.47.208.26; 78.47.208.26; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid d2bca84c-7982-4a01-9be1-a336edc80526 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYZ1DMQAAABoMcQQz Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DMQAAABoMcQQz	43 B 275 B	33ms 17ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DMQAAABoMcQQz Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/16.220.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers pragma no-cache date Tue, 23 Nov 2021 19:38:27 GMT via 1.1 google server OXGW/16.220.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:27 GMT via 1.1 varnish server Varnish x-timer S1637696307.304023,VS0,VE0 x-served-by cache-fra19169-FRA x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZ1DMQAAABoMcQQz cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DMQAAABoMcQQz	1 B 547 B	52ms 13ms	Image text/html	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DMQAAABoMcQQz Protocol H2 Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 19:38:26 GMT cache-control no-store, no-cache, private x-lat amspug001:0:764 server nginx content-type text/html; charset=utf-8 content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:27 GMT via 1.1 varnish server Varnish x-timer S1637696307.405952,VS0,VE0 x-served-by cache-fra19169-FRA x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZ1DMQAAABoMcQQz cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DMQAAABoMcQQz&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DMQAAABoMcQQz&img=1&__user_check__=1&sync_id=ee2624b5-4c94-11ec-a4fb-11e121d60406	43 B 548 B	26ms 26ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZ1DMQAAABoMcQQz&img=1&__user_check__=1&sync_id=ee2624b5-4c94-11ec-a4fb-11e121d60406 Protocol HTTP/1.1 Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 23 Nov 2021 19:38:27 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 86 Connection keep-alive Content-Length 43 Redirect headers Date Tue, 23 Nov 2021 19:38:27 GMT Server nginx Location /partner?adv_id=6409&uid=YZ1DMQAAABoMcQQz&img=1&__user_check__=1&sync_id=ee2624b5-4c94-11ec-a4fb-11e121d60406 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 8 Connection keep-alive Content-Length 0
GET H2	200	b.php www.facebook.com/fr/ Frame F24F Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DMQAAABoMcQQz&t=2592000&o=0	43 B 1 KB	116ms 101ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DMQAAABoMcQQz&t=2592000&o=0 Protocol H2 Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 23 Nov 2021 11:38:27 PST content-encoding br x-content-type-options nosniff document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 x-fb-rlafr 0 pragma public x-fb-debug I26f0lpyp3a0c4BmAeFACymp6kPboBELSgt0j3fq6lI/9XCfuAthcXyBnWS40mFvWgTWgeH1wmMAjreRaq4TYA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups strict-transport-security max-age=15552000; preload report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type image/gif vary Accept-Encoding cache-control public, max-age=0 expires Tue, 23 Nov 2021 11:38:27 PST Redirect headers pragma no-cache date Tue, 23 Nov 2021 19:38:27 GMT via 1.1 varnish server Varnish x-timer S1637696308.606917,VS0,VE0 x-served-by cache-fra19169-FRA x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZ1DMQAAABoMcQQz&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 No Content	/ partner.mediawallahscript.com/ Frame F24F Redirect Chain https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=76435087190298009503418263559283696490&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=76435087190298009503418263559283696490&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=...	0 638 B	35ms 35ms	Image text/plain	34.255.68.26 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=76435087190298009503418263559283696490&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=ee46c950-4c94-11ec-b8f3-378e5fd55318&timestamp=2021-11-23T19%3A38%3A27.813Z Protocol HTTP/1.1 Server 34.255.68.26 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-255-68-26.eu-west-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Tue, 23 Nov 2021 19:38:27 GMT Cache-Control private, no-cache, must-revalidate, no-store, max-age=0 Server nginx/1.18.0 Connection keep-alive P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Expires Sat, 26 Jul 1997 05:00:00 GMT Redirect headers Date Tue, 23 Nov 2021 19:38:27 GMT Server nginx/1.18.0 Vary Accept, Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Location /?account_id=2011&partner_id=2021&uid=76435087190298009503418263559283696490&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb=&final=true&reqid=ee46c950-4c94-11ec-b8f3-378e5fd55318&timestamp=2021-11-23T19%3A38%3A27.813Z Cache-Control private, no-cache, must-revalidate, no-store, max-age=0 Connection keep-alive Content-Type text/plain; charset=utf-8 Content-Length 268 Expires Sat, 26 Jul 1997 05:00:00 GMT