www.thomsonreuters.com Open in urlscan Pro
2600:9000:206f:4c00:1b:b66f:bac0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Effective URL:
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Submission: On February 06 via manual (February 6th 2023, 2:43:12 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 9 countries across 31 domains to perform 95 HTTP transactions. The main IP is 2600:9000:206f:4c00:1b:b66f:bac0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.thomsonreuters.com. The Cisco Umbrella rank of the primary domain is 87906.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 27th 2022. Valid for: a year.

This is the only time www.thomsonreuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:214... 2600:9000:214f:de00:2:b30e:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:4c00:1b:b66f:bac0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2600:9000:206... 2600:9000:206f:5e00:15:d837:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:f70... 2a02:26f0:f700:495::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.195.9 151.101.195.9	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:5400:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.157.194.5 54.157.194.5	14618 (AMAZON-AES) (AMAZON-AES)
4	34.243.64.240 34.243.64.240	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
1	54.72.53.159 54.72.53.159	16509 (AMAZON-02) (AMAZON-02)
1	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1 1	18.203.152.154 18.203.152.154	16509 (AMAZON-02) (AMAZON-02)
1	34.253.167.75 34.253.167.75	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:80c::2004	15169 (GOOGLE) (GOOGLE)
1	143.204.215.65 143.204.215.65	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	34.241.37.119 34.241.37.119	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	54.76.136.152 54.76.136.152	16509 (AMAZON-02) (AMAZON-02)
8 8	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 2	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
11	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.89.51 143.204.89.51	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:8600:16:3030:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.247.96.153 34.247.96.153	16509 (AMAZON-02) (AMAZON-02)
95	37

1 2600:9000:214f:de00:2:b30e:75c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

ue.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:4c00:1b:b66f:bac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2600:9000:206f:5e00:15:d837:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

app-data.gcs.trstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f700:495::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.195.9 (United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:5400:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.157.194.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-194-5.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.243.64.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-64-240.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.53.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

westthomson.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

westthomsoncom.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.152.154 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.167.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-167-75.eu-west-1.compute.amazonaws.com

westservicesinc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.37.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-37-119.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.136.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-136-152.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.2.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.39.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-51.fra50.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:8600:16:3030:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.96.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-96-153.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	trstatic.net app-data.gcs.trstatic.net — Cisco Umbrella Rank: 32665	2 MB
11	qualtrics.com zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 978	90 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1000 sync-tm.everesttech.net — Cisco Umbrella Rank: 556	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	381 KB
6	split.io sdk.split.io — Cisco Umbrella Rank: 2729 auth.split.io — Cisco Umbrella Rank: 3128	421 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 385	177 KB
5	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 197 westthomson.demdex.net — Cisco Umbrella Rank: 30310	8 KB
5	thomsonreuters.com 1 redirects ue.thomsonreuters.com www.thomsonreuters.com — Cisco Umbrella Rank: 87906 api.thomsonreuters.com — Cisco Umbrella Rank: 87890	63 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	46 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 620 script.hotjar.com — Cisco Umbrella Rank: 815 vars.hotjar.com — Cisco Umbrella Rank: 855 in.hotjar.com — Cisco Umbrella Rank: 1661	73 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	118 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 660	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524	1 KB
2	doubleclick.net 1 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 211	813 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 349	140 B
2	omtrdc.net westthomsoncom.sc.omtrdc.net — Cisco Umbrella Rank: 91444 westservicesinc.tt.omtrdc.net — Cisco Umbrella Rank: 152315	1000 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 1964	232 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	748 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 872	452 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 417	273 B
1	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 3295	20 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 308	239 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 757	266 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 712	163 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1686	343 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 632	488 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 304	265 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	824 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 791	131 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 630	312 B
95	31

	Domain	Requested by
25	app-data.gcs.trstatic.net	www.thomsonreuters.com app-data.gcs.trstatic.net
10	siteintercept.qualtrics.com	app-data.gcs.trstatic.net
8	sync-tm.everesttech.net	8 redirects
6	cdn.cookielaw.org	www.thomsonreuters.com cdn.cookielaw.org app-data.gcs.trstatic.net
4	www.gstatic.com	app-data.gcs.trstatic.net www.google.com www.gstatic.com
4	www.google.com	app-data.gcs.trstatic.net www.google.com www.gstatic.com
4	dpm.demdex.net	app-data.gcs.trstatic.net www.thomsonreuters.com
4	sdk.split.io	app-data.gcs.trstatic.net
4	assets.adobedtm.com	www.thomsonreuters.com app-data.gcs.trstatic.net
2	sync.search.spotxchange.com	1 redirects
2	api.thomsonreuters.com	app-data.gcs.trstatic.net
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	fonts.gstatic.com	www.google.com
2	cm.g.doubleclick.net	1 redirects www.thomsonreuters.com
2	idsync.rlcdn.com	www.thomsonreuters.com
2	auth.split.io	app-data.gcs.trstatic.net
2	www.thomsonreuters.com	app-data.gcs.trstatic.net
1	partner.mediawallahscript.com
1	www.facebook.com
1	image2.pubmatic.com
1	us-u.openx.net
1	cdn.appdynamics.com	app-data.gcs.trstatic.net
1	zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com	app-data.gcs.trstatic.net
1	pixel.rubiconproject.com	www.thomsonreuters.com
1	sync.crwdcntrl.net	www.thomsonreuters.com
1	bttrack.com	www.thomsonreuters.com
1	ml314.com	1 redirects
1	cms.quantserve.com	1 redirects
1	match.adsrvr.org	www.thomsonreuters.com
1	in.hotjar.com	app-data.gcs.trstatic.net
1	vars.hotjar.com	app-data.gcs.trstatic.net
1	script.hotjar.com	app-data.gcs.trstatic.net
1	westservicesinc.tt.omtrdc.net	app-data.gcs.trstatic.net
1	cm.everesttech.net	1 redirects
1	westthomsoncom.sc.omtrdc.net	app-data.gcs.trstatic.net
1	westthomson.demdex.net	app-data.gcs.trstatic.net
1	fonts.googleapis.com	client
1	static.hotjar.com	app-data.gcs.trstatic.net
1	cdn.pendo.io	app-data.gcs.trstatic.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ue.thomsonreuters.com	1 redirects
95	42

This site contains links to these domains. Also see Links.

Domain
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA	`2022-06-27` - `2023-06-27`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
app-data.gcs.trstatic.net COMODO RSA Organization Validation Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-22`	a year	crt.sh
api.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA	`2022-07-01` - `2023-07-01`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Frame ID: 5F00EE0D2D8C55BF609986D83B5D72FB
Requests: 67 HTTP requests in this frame

Frame: https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: FEE64D91F1C6CD665CC232F0836D2534
Requests: 17 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html
Frame ID: 11A0BD6EEAAF0D52538DC3BB94C693B8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=tdg1m6c2iw09
Frame ID: 3E3FCE8EDBA4B75DC72012F61EF83E05
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay without signing in | Thomson ReuterslookupBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay HTTP 301
https://www.thomsonreuters.com/en-us/account/billing/guest/pay Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

95
Requests

88 %
HTTPS

34 %
IPv6

31
Domains

42
Subdomains

37
IPs

9
Countries

3078 kB
Transfer

11696 kB
Size

31
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/5dc91c0f-f1b7-4b6e-9d42-76043adaf72d.html
Title: For CA: Do not sell my info

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay HTTP 301
https://www.thomsonreuters.com/en-us/account/billing/guest/pay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://cm.everesttech.net/cm/dd?d_uuid=39465952415851002534175100988093867492 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ER_wAAAJBwiAN6

Request Chain 60

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=-T_2ff499S_iPqV-92m-Las_piriPfV0qTmJRysF

Request Chain 61

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633415681351352361

Request Chain 67

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9FUl93QUFBSkJ3aUFONg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WV9FUl93QUFBSkJ3aUFONg==&google_tc=

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_ER_wAAAJBwiAN6&expires=90

Request Chain 73

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ER_wAAAJBwiAN6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ER_wAAAJBwiAN6&C=1

Request Chain 74

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y_ER_wAAAJBwiAN6 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_ER_wAAAJBwiAN6

Request Chain 79

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_ER_wAAAJBwiAN6

Request Chain 84

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_ER_wAAAJBwiAN6

Request Chain 85

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_ER_wAAAJBwiAN6&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_ER_wAAAJBwiAN6&img=1&__user_check__=1&sync_id=930c4509-a62c-11ed-85e4-190e06a80306

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_ER_wAAAJBwiAN6&t=2592000&o=0

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pay Show response
www.thomsonreuters.com/en-us/account/billing/guest/
Redirect Chain

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
https://www.thomsonreuters.com/en-us/account/billing/guest/pay

5 KB
3 KB

237ms
115ms

Document
text/html

2600:9000:206f:4c00:1b:b66f:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:4c00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1b3070fc5dec7a1e1549457dde49d68c5e368984889288134ca86e4b35b0330e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=900
content-disposition: inline
content-encoding: gzip
content-length: 1919
content-type: text/html;charset=utf-8
date: Mon, 06 Feb 2023 14:43:06 GMT
etag: "12f0-5f38e2928d240-gzip"
expires: Mon, 06 Feb 2023 14:58:06 GMT
last-modified: Tue, 31 Jan 2023 12:06:25 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,User-Agent
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-id: IjdjuD1OYpMy-ZHg8Rg3xUYMeP5D-iHAF3Lx6xPUGf48P_IX6hM0HA==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dispatcher: dispatcher2useast1
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-vhost: www.thomsonreuters.com

Redirect headers

cache-control: max-age=900
content-length: 270
content-type: text/html; charset=iso-8859-1
date: Mon, 06 Feb 2023 14:43:06 GMT
expires: Mon, 06 Feb 2023 14:58:06 GMT
location: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id: VrbuT9ltAD_tdG_Z2sDCMSGTr3zrEyA49LYSLmb3LALTnjb7YnmAfg==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 67ms
22ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4ki7PtkHDuSPC1vGdOaknQ==
age: 53336
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8384
x-ms-lease-status: unlocked
last-modified: Thu, 02 Feb 2023 13:33:36 GMT
server: cloudflare
etag: 0x8DB05221689032C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3a8b6a68-201e-0101-2064-379f4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7954a7fd297c2bca-FRA

GET
H2 200 bootstrap.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/ 184 KB
53 KB 159ms
24ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/bootstrap.js
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 652857521481ad91cfc0aa5d38787b5d626db0ca79742a045a43a4d34fcfacbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29888
etag: W/"8f023b2b9be00e5195914c396aee5f27"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: VQ5Z42gaU8hFe70mBV5A2u6lql5MvofZbsu3iJ5XdT596DBc481PHg==

GET
H2 200 143d5191-c678-49f6-8ac0-376dfe324de7.json Show response
cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ 5 KB
2 KB 55ms
25ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/143d5191-c678-49f6-8ac0-376dfe324de7.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: A9gHZn55h3f5NJaBoJG35A==
age: 58985
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1661
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jul 2022 12:46:07 GMT
server: cloudflare
etag: 0x8DA633B52D706CE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b6f8a47d-801e-0143-4a3f-95b45a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7954a7fd8cee8fc8-FRA
expires: Tue, 07 Feb 2023 14:43:06 GMT

GET
H2 200 launch-f185a872eb60.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ 326 KB
91 KB 264ms
152ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0ec7fcc5a801028acf2d61045f3b0aeba397355e0ba82aec2ff2e788f7c7753b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 18:52:28 GMT
server: AkamaiNetStorage
etag: "306e3b44df2929d6b7cbf18057366715:1663267948.484144"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Feb 2023 15:43:06 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 47ms
29ms XHR
application/json 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7954a7fdda589ba0-FRA
access-control-allow-headers: Content-Type

GET
H2 200 855.6e5c15f6.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 1 MB
366 KB 33ms
32ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ce2c6f17719501f781327dc503df3289a235f3dd33e4b2c777b3c90647405d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29887
etag: W/"ca62a865aa6fc4bd4cc1b6c8c7341a13"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: FLTB0XwGgTCYKHsRzIpINLNMm8XGxPrI_1IytyEjheA_QYtyg-QJ-g==

GET
H2 200 app-main.eeb8471f.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/ 379 KB
56 KB 16ms
16ms Stylesheet
text/css 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45a716a14825b596ef89d24a9d70e02ccbe60535a2ab12198bf5f03511b78406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1379
etag: W/"607ece1fd64b792d9d9268c39444fc0b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400,immutable
x-amz-cf-id: v0FDfNqPMRsVbhtQ7-KvHGALc4pQTUSUMH3AJljeyfmXNffPVWdU6g==

GET
H2 200 app-main.7f7f75e2.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 672 KB
129 KB 23ms
23ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/app-main.7f7f75e2.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d54b2383af8cc9fae9184c874a0f15a042644a20329df00b0813ca1fb1963f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1379
etag: W/"011718173555c4942e710594d16516aa"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: nyR7rvTqddYonVy7--Z8pO4B-iDkYfTZBn8gNCC-aq_jH72_dX2q7A==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 35ms
34ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 4643
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5f2b57c5-401e-017c-0f02-ef0386000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7954a7fe4b282bca-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/ 409 KB
65 KB 25ms
25ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TscT8/g6J4N6PovEsmWNuQ==
age: 25685
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 66415
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jul 2022 12:46:32 GMT
server: cloudflare
etag: 0x8DA633B622C3708
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 412d5dae-701e-003f-543b-956f3a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7954a7feadd48fc8-FRA
expires: Tue, 07 Feb 2023 14:43:06 GMT

OPTIONS
H2 200 anonymous
sdk.split.io/api/mySegments/ Frame 0
0 89ms
17ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.thomsonreuters.com
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Mon, 06 Feb 2023 14:43:06 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220041-HHN
x-timer: S1675694587.900779,VS0,VE0

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ Frame 0
0 49ms
17ms Preflight 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.thomsonreuters.com
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Mon, 06 Feb 2023 14:43:06 GMT
retry-after: 0
server: Varnish
strict-transport-security: max-age=15770000; includeSubdomains
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220041-HHN
x-timer: S1675694587.900857,VS0,VE0

GET
H2 200 anonymous Show response
sdk.split.io/api/mySegments/ 17 B
451 B 18ms
17ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.19.1
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubdomains
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 06 Feb 2023 14:43:06 GMT
age: 183005
x-cache: HIT, HIT
content-length: 37
x-request-id: 2gc07ax5keo
x-served-by: cache-iad-kcgs7200106-IAD, cache-hhn-etou8220041-HHN
x-timer: S1675694587.920554,VS0,VE2
etag: "1000002--gzip"
vary: Accept-Encoding, Origin, Authorization
content-type: application/json;charset=utf-8
trace: cache-iad-kcgs7200106-IAD-ffb5559b-3e33-4014-97d9-391b3ae26138; cache-hhn-etou8220033-HHN-a231fa56-1ff2-40f0-9268-a7830148cca4
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-Id
cache-control: no-transform, max-age=60, s-maxage=60
accept-ranges: bytes
x-cache-hits: 109, 1

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 2 MB
420 KB 288ms
287ms Fetch
application/json 151.101.195.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fdc0acf66756e0e8c93916654a2caf1ac789dc3faae814fa98b0ffe0643a742c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.19.1
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 06 Feb 2023 14:43:07 GMT
age: 0
x-cache: MISS, MISS
content-length: 429086
x-request-id: 2gf15robepa
x-served-by: cache-iad-kiad7000096-IAD, cache-hhn-etou8220041-HHN
last-modified: Tue, 31 Jan 2023 12:25:26 GMT
x-timer: S1675694587.920565,VS0,VE272
etag: "1249470335--gzip"
vary: Origin, Accept-Encoding, Authorization
content-type: application/json
trace: cache-iad-kiad7000096-IAD-aaa360ab-292d-4e66-9145-03824c6b6307; cache-hhn-etou8220041-HHN-a6d8c182-d08e-4a8f-88d7-695ffe883497
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/ 392 KB
131 KB 82ms
16ms Script
application/javascript 2600:9000:223f:5400:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e66a9914861488dc35e1a36724e615b771d163b115e88d74a079d74a66982a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:37:01 GMT
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 365
x-guploader-uploadid: ADPycdtimp5R3dEC9JfMfGtpMjtcn31Mv3ZR6ys9emgDBYqaYswSsXxFUYqZOOW-Z5sgil5qOTkdO7-GJsR4Oh8FmZqw
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 132750
last-modified: Fri, 03 Feb 2023 17:10:55 GMT
server: UploadServer
etag: "3f6e5bed6537f89c5dffd320c7aa598f"
vary: Accept-Encoding
x-goog-generation: 1675444255430131
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=akGHfA==, md5=P25b7WU3+Jxd/9Mgx6pZjw==
access-control-expose-headers: *
cache-control: max-age=450
x-goog-stored-content-length: 132750
accept-ranges: bytes
x-amz-cf-id: F0gZm1k4rhaHpI26tFOoaDq_2KORt1__ViPLnspbIUcLqYwZ7SsNkg==
expires: Mon, 06 Feb 2023 14:44:31 GMT

GET
H2 200 1.f4ab36bb.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 24 KB
7 KB 30ms
30ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/1.f4ab36bb.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8644710324ff0014732060fbbc79f987a32bf2d28798714cde7021e44719499e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:20:09 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1378
etag: W/"d8d4736ecbfdf695577e3bdab6138c28"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: iNBCutDYsRoHWxl46rtOxCKoNMAk2M5dSRBk4nc27vlWK4kCSLXFBQ==

GET
H2 200 2.579c6806.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 28 KB
9 KB 11ms
10ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/2.579c6806.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7dcd9ca9c43b07ee00bafe013058451537c42db0168d7d93485d7b1da05fb002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:20:09 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1378
etag: W/"01093f63cac38f7ee5a04e560bcf902a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: RtBCp6BTG9iDwdk4T6VYf4ypsENo5bSBcSNjti6F_IryutSI4pAYBA==

GET
H2 200 3.abc626ae.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 13 KB
4 KB 31ms
30ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/3.abc626ae.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3bc93cfe3efa2e13b87e350292562920ff3dd4697545a775c0e54e7aca9b84c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:25:01 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29886
etag: W/"8d4875cdc46802b325a9be88d1f3e5bb"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: kWRBF98mvCX8-Ymuxcss8Wh-BN4h0X06vnPu22CuOszk8fXdT7wt5g==

GET
H2 200 875.0680a5c5.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 3 MB
603 KB 13ms
13ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/875.0680a5c5.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91c52c153a931011afc7c880319b4d40e6cc3126abc4afa11c7bba24151c87f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1359
etag: W/"694d57470a1522c3e85dde4851880133"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: MqqFjowaDKQNCFufTH4oTfDRtBcVuDC60PTnj9LhgMWfaI3RMaMGIg==

GET
H2 200 components-app.dd9d13ef.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/ 10 KB
3 KB 11ms
11ms Stylesheet
text/css 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/components-app.dd9d13ef.chunk.css
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 591c4800abf00d5fd56bdbf085af0d1bac6f3652d80f71497d30c8667b089cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:20:28 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1359
etag: W/"c213d0dd442ab78872c24e0dee0c1418"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400,immutable
x-amz-cf-id: 8AKNuAanfDf9UzXr5YQTEhPF0IDIPhcFQu7NpDVPO6i8PnDyo-W6ow==

GET
H2 200 components-app.530d61f7.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 127 KB
30 KB 26ms
26ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/components-app.530d61f7.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85053191e89c28ddc71296ef932864f85b229a229adc43d76f7732cd7e37e574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:20:28 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1359
etag: W/"e444d7970f5f7dac6d79b37193f768b4"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: i0-Qw5TpChe_qVrHBJWtUMc-b3w8nJIKkIvNSgo3_Kbv1wnAXuhEpQ==

GET
H2 200 interact-localizaion-provider.45e8e18d.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 3 KB
2 KB 25ms
24ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/interact-localizaion-provider.45e8e18d.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d57a66d7886a616565a514af5cfc93b06db2f52a94937e0a8c23be8e0ca7f01d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1359
etag: W/"d22fdd252cbe3f5eb5ab089a04b28804"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: -x0atjD7M188bWRuPVk7toko8GxYx-L-JABB-cgkOc-JsuiyfHqnYg==

GET
H2 200 977.15356931.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 2 KB
1 KB 19ms
19ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/977.15356931.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b14e3709e98ea3dbba3a922badf60811308268cc689521d4d092fec031d1c61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29886
etag: W/"d8c37ec031bffe83e373f8e52c247f63"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: WeyRoP9EtLz6xFA5RVHK_ArHYe5WMpdE8guiO29wSEJrjCBYkTIg4Q==

GET
H2 200 971.5d40b8c4.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 8 KB
4 KB 26ms
25ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/971.5d40b8c4.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 295b8e6e5d80b0c0646f13ef8ebc5711aee5d4293cc12e436857468c27172e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1359
etag: W/"c9d87db0046072d16250dcbac7b494fd"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: Wb7puKSx2kmwjQtPGIEjhn64JkID9XOZLeSup-eMYSLUl-ti36CS2w==

GET
H2 200 976.694b2687.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 2 KB
1 KB 18ms
18ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/976.694b2687.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4af2e19f0214ecdd8e6d57bd1ee79e581c1e968d74c278988d83d04d7dadc2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:20:28 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1359
etag: W/"20bcd9ff6a0ef3432f6d2240c3808e47"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: EeYOLVCfqPfTTX6EZnMR0Ipy4G6l7RMqhJ3XaWvoxjqtleNTwV7OPw==

GET
H2 200 970.5d41ebe0.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 2 KB
1 KB 21ms
20ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/970.5d41ebe0.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7fef2cfb88eff01f6d1d79ebe81373ba2430a98539983edd648e0cf4b68acce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29886
etag: W/"6ca2d88a98832e8f6191fc896b4f2565"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: wN73tFXwd6S3G6-Uj1FQQpcBFtCrWoYP4fllxeDkuNhfjveISwxDsw==

GET
H/1.1 200
OK auth Show response
auth.split.io/api/v2/ 696 B
1 KB 110ms
109ms Fetch
application/json 54.157.194.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?users=anonymous

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.194.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-194-5.compute-1.amazonaws.com

Software

Resource Hash

f4908d874c973acabbf004190d7a7969394b6775b401f86852ad0e2357d56099

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.19.1
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 06 Feb 2023 14:43:07 GMT
strict-transport-security: max-age=15770000; includeSubdomains
access-control-allow-methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://www.thomsonreuters.com
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
Content-Length: 696

OPTIONS
H/1.1 200
OK auth
auth.split.io/api/v2/ Frame 0
0 473ms
113ms Preflight
application/json 54.157.194.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?users=anonymous

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.194.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-194-5.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 4
Content-Type: application/json; charset=utf-8
Date: Mon, 06 Feb 2023 14:43:07 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.thomsonreuters.com
strict-transport-security: max-age=15770000; includeSubdomains

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 26ms
26ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 35970
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2584f982-501e-0023-0cc1-11b72d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7954a8009f498fc8-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 62 KB
15 KB 23ms
23ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcCenter.json

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 06 Feb 2023 14:43:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YaY1oSnUSTaZJLZwfr9VDQ==
age: 62565
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14978
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C5734D5AA0
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2251dced-a01e-001f-7abe-4f03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7954a8009f4d8fc8-FRA

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 222ms
33ms XHR
application/json 34.243.64.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1675694587027

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.243.64.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-64-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0c3e42a1ba245ebb2a4d20e104d84f2d0663ee1789e25f730c2eb2c5c70e8405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-0dc3ea27c.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 2Ihr9+nATcU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thomsonreuters.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1329
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXae70bb9edaa44c4ba5127bb69de145a6-libraryCode_source.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/ 45 KB
17 KB 39ms
38ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/EXae70bb9edaa44c4ba5127bb69de145a6-libraryCode_source.min.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fd924e7b3774a8fa2872a09019aa94a576f79d0ee24f14fb653a51f612e50d18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 18:52:29 GMT
server: AkamaiNetStorage
etag: "77ee74d5bbc1c7685d9daae29d8cf862:1663267949.25603"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 16757
expires: Mon, 06 Feb 2023 15:43:07 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 25 KB
9 KB 19ms
18ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8753
expires: Mon, 06 Feb 2023 15:43:07 GMT

GET
H2 200 hotjar-1846625.js Show response
static.hotjar.com/c/ 11 KB
5 KB 57ms
38ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1846625.js?sv=6

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

1dac44509c6d7ff6e8ea877691a7d8b5f9be6587c7e11e05b2c114e7a2a53334

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/06b885c076e20b1a63cbb0d2b86ef0e0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: QtSPIrZHnJmG--k4hd7Z3K91Wt7ZGZP581__nJnGnQWbIe3-fp_Tcw==

GET
H2 200 knowledge2017-black-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 39 KB
39 KB 28ms
8ms Font
binary/octet-stream 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 03:50:15 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 7210373
x-cache: Hit from cloudfront
content-length: 39444
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "3327c2a7977db98e49b5369fcafc658c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: n5mg2shQIFnduvbhrFG9SdOJn1pyrlvK_Hhlm4scLAmZ-81p4dvXQw==

GET
H2 200 knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 27ms
8ms Font
binary/octet-stream 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 06:45:22 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 11001466
x-cache: Hit from cloudfront
content-length: 39408
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "de994d71a311e3119703dd67ef632f04"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 0EgWSebxGjvjHrlgCwkAP1sLCasW3OWztgBIl6P4qlGubrb97EUEQA==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
824 B 192ms
76ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Feb 2023 13:31:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Feb 2023 14:43:07 GMT

GET
H/1.1 200
OK dest5.html Show response
westthomson.demdex.net/ Frame FEE6 7 KB
3 KB 199ms
31ms Document
text/html 54.72.53.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westthomson.demdex.net/dest5.html?d_nsid=0

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.53.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-53-159.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thomsonreuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-000256d3c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: SZz2fmf1QLA=
content-encoding: gzip
date: Mon, 6 Feb 2023 14:43:07 GMT
last-modified: Wed, 9 Nov 2022 04:30:17 GMT
vary: accept-encoding

GET
H2 200 id Show response
westthomsoncom.sc.omtrdc.net/ 2 B
272 B 93ms
17ms XHR
application/x-javascript 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=39385241628733570674151647706944705330&ts=1675694587410

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.thomsonreuters.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y_ER_wAAAJBwiAN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=39465952415851002534175100988093867492
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ER_wAAAJBwiAN6

42 B
942 B

34ms
34ms

Image
image/gif

34.243.64.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ER_wAAAJBwiAN6

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

34.243.64.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-64-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-001bf2e72.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7IxYEgtBTKU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_ER_wAAAJBwiAN6
Date: Mon, 06 Feb 2023 14:43:07 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
westservicesinc.tt.omtrdc.net/rest/v1/ 358 B
728 B 172ms
53ms XHR
application/json 34.253.167.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=29792b1206934e01a7c86665df4bf0f9&version=2.9.0
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.167.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-167-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 3fc3bdc83cc95fa2c7105c3d18db61101e87e05689ccba087e39293a71086733

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thomsonreuters.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 203f72909e5e393787b653dc1ed3533d

GET
H2 200 modules.bca0d1c28285412bb689.js Show response
script.hotjar.com/ 260 KB
67 KB 32ms
8ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bca0d1c28285412bb689.js

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 13:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 264781
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 67924
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
etag: "e923aa360dc485b9df86355bd040c998"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: WNxKNFLbJOIBVISSk7A8jWSYd8Z0t7t7qrTAU93MqMSQrKiDvaNcYw==

GET
H2 200 1082.7051262c.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 204 KB
45 KB 14ms
13ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/1082.7051262c.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d43c8ddc29bf70dc4cf3f10dbabb4294e02b2f4bb889411ea759aec0210af5ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 02:07:33 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 45335
etag: W/"21372209336efeb3b8a125e09811bab5"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: lXO64_50tkjC1qc-H6zZP5hewkv1MvNN0U5G_fvQF1U6a0Sz3DA0Wg==

GET
H2 200 0.f0518360.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 20 KB
6 KB 11ms
10ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/0.f0518360.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c1d8154a87c73a8ab62368e5cbe0dacaacb57e24b4a835c8fa5024044f6f23f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:20:28 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1360
etag: W/"965f0a7d2fe1f27f6d8f6fd68ccf0382"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: OzE2hZJ6_-VTm0NVbpqnnp4-8-oLyZSQzHinm4TpFbx_lvAacIpVbA==

GET
H2 200 6.975d63bf.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 189 KB
45 KB 23ms
22ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/6.975d63bf.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15fec3a0d4ef1437c8b2452c42f52329b125f6efabb7b92f3459380dbe7bc188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 13:36:36 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3992
etag: W/"c2448cf5be71f5c01411d0c0092890f1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: vbR7yGO4Q3Oq2aYSB24Vo_upiKGydbr8b7dG8NqsAbDokvB7whmh3w==

GET
H2 200 949.afe592fe.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 21 KB
8 KB 18ms
18ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/949.afe592fe.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dd8881b3547a3a2db40ab5a6cf0e4ddb7d38ee4c9285885ef790b675274e94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 16:04:45 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 81503
etag: W/"aff7f5bce0b4cf1b7ef74d1a595740d7"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: oEAoofyyZVztevLfjItOJ4QiAXgvr8cF7U22ElbCzI2oCZQg9uRtuQ==

GET
H2 200 883.44ce16e3.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/ 6 KB
2 KB 14ms
14ms Stylesheet
text/css 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/883.44ce16e3.chunk.css
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b69813b1d83ea9e7c8d35268bcca7a6ed885d45a3f66f357cf6a92c46b2291b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:56:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 60979
etag: W/"f8edf8f9297df9c313070a1134a6e02a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400,immutable
x-amz-cf-id: wo16V57SObW_L0_pKrR8tB_6TBoFy4jQTQkyXNUpmFynoXfBu5mang==

GET
H2 200 883.09a2e8f2.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/ 39 KB
11 KB 12ms
12ms Script
application/javascript 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/883.09a2e8f2.chunk.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5b24629e42c21e498da9a0754ee614001823564967cafacc5b8041dd6a85630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 21:46:49 GMT
content-encoding: br
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified: Fri, 27 Jan 2023 18:57:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 60979
etag: W/"7cbcbe1cbf803a97f58e81074e49fa4c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,immutable
x-amz-cf-id: XoUe0eeY9qqQcgHTUz6nAsm0g33c7Ftu0IJIuxkuMOKTFEMJUtYXQw==

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
935 B 189ms
73ms Script
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2a1303942cc4997cac784a5ce321a36bf65db7635817f7345c02b53322e1bc4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 615
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:43:07 GMT

GET
H2 200 box-e031119f9e9e307a08fa610f85dbfb52.html Show response
vars.hotjar.com/ Frame 11A0 2 KB
1 KB 27ms
7ms Document
text/html 143.204.215.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-e031119f9e9e307a08fa610f85dbfb52.html

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-65.fra53.r.cloudfront.net

Software

Resource Hash

f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.thomsonreuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 264781
cache-control: max-age=31536000
content-encoding: br
content-length: 1034
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 03 Feb 2023 13:10:06 GMT
etag: "112fdf47cdb80b9ce3d033ed09717460"
last-modified: Fri, 03 Feb 2023 13:09:45 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
x-amz-cf-id: KJeYhedRv5J01AQlCXlCx7E3oUlCOfnx5nFND5JfkAH_20xdBn1hzg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame FEE6 0
98 B 68ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=39465952415851002534175100988093867492
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 translations.interact.en_us.json Show response
www.thomsonreuters.com/content/ue-settings/endpointsMapping/ 204 KB
58 KB 422ms
422ms Fetch
application/json 2600:9000:206f:4c00:1b:b66f:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:4c00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

486fe5e55cedeb31ee1bf8564780d86053a10392f3cbd7d0d2277b4ef29adf3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
adrum: isAjax:true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Mon, 06 Feb 2023 14:43:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-vhost: www.thomsonreuters.com
x-cache: Miss from cloudfront
content-length: 58872
x-ua-compatible: IE=edge
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=utf-8
x-amz-cf-id: qw6rtKx_4agrQ9chksvfbIr7gYS-gdYdVvNdnXes1FrTYG9Qy3FpSw==

GET
H2 200 knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 8ms
7ms Font
binary/octet-stream 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 08:20:10 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 11686978
x-cache: Hit from cloudfront
content-length: 39336
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "9423006fb52301a35a4ce76f99e114af"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: XvSSPXwSAKuei1HFhz6J6nqyOVuHZ0uYcGvhRuVGVnb-9-kkZQ02Lg==

GET
H2 200 knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 8ms
8ms Font
binary/octet-stream 2600:9000:206f:5e00:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/css/app-main.eeb8471f.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 20:28:45 GMT
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 14148863
x-cache: Hit from cloudfront
content-length: 39304
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "20dca63d8ee3254b712c7171ae987713"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: TpphY6h5978aaIjo1-QDt_xNlWC18IRZn1K4rgFi_sbeUAaoJH3mxg==

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame FEE6 0
42 B 21ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=39465952415851002534175100988093867492
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 406 KB
162 KB 178ms
49ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thomsonreuters.com/
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:52:32 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1846625/ 148 B
323 B 101ms
36ms XHR
application/json 34.241.37.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.37.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-37-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 06 Feb 2023 14:43:08 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FEE6 70 B
265 B 122ms
36ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.thomsonreuters.com&ttd_tpi=1
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=-T_2ff499S_iPqV-92m-Las_piriPfV0qTmJRysF
dpm.demdex.net/ Frame FEE6
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=-T_2ff499S_iPqV-92m-Las_piriPfV0qTmJRysF

42 B
942 B

33ms
33ms

Image
image/gif

34.243.64.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=-T_2ff499S_iPqV-92m-Las_piriPfV0qTmJRysF

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

34.243.64.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-64-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: U+9DJqbmRGs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=-T_2ff499S_iPqV-92m-Las_piriPfV0qTmJRysF
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3633415681351352361
dpm.demdex.net/ Frame FEE6
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633415681351352361

42 B
942 B

34ms
34ms

Image
image/gif

34.243.64.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633415681351352361

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

34.243.64.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-64-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0492369ce.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fNxh0/PXS+E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html; charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633415681351352361
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: 0,Tue, 07 Feb 2023 09:43:08 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 3E3F 46 KB
25 KB 89ms
88ms Document
text/html 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=tdg1m6c2iw09

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bb3ca7b96231732703e43b46e741c9753a77db79c84c0f4ff98e11ff79f288e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JVG1jY1LuJBV8VskS_6UrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thomsonreuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25604
content-security-policy: script-src 'report-sample' 'nonce-JVG1jY1LuJBV8VskS_6UrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 14:43:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 user
bttrack.com/dmp/adobe/ Frame FEE6 35 B
163 B 341ms
109ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/dmp/adobe/user?dd_uuid=39465952415851002534175100988093867492

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

46.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-servername: Track001-iad
pragma: no-cache
date: Mon, 06 Feb 2023 14:42:37 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 3E3F 55 KB
24 KB 143ms
47ms Stylesheet
text/css 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=tdg1m6c2iw09

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 14:11:05 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 3E3F 406 KB
162 KB 167ms
72ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 08:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165540
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Feb 2024 08:52:32 GMT

GET
H2 404 tpid=39465952415851002534175100988093867492
sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame FEE6 49 B
266 B 111ms
32ms Image
image/gif 54.76.136.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=39465952415851002534175100988093867492?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.136.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-136-152.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.238
content-length: 49
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9FUl93QUFBSkJ3aUFONg==
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WV9FUl93QUFBSkJ3aUFONg==&google_tc=

170 B
243 B

72ms
71ms

Image
image/png

142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WV9FUl93QUFBSkJ3aUFONg==&google_tc=

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WV9FUl93QUFBSkJ3aUFONg==&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_ER_wAAAJBwiAN6&expires=90

0
239 B

54ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_ER_wAAAJBwiAN6&expires=90
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn-etou8220061-HHN
pragma: no-cache
date: Mon, 06 Feb 2023 14:43:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675694589.651163,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_ER_wAAAJBwiAN6&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3E3F 2 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 516107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E3F 15 KB
16 KB 166ms
48ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options: nosniff
age: 168956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E3F 15 KB
15 KB 177ms
59ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:33:49 GMT
x-content-type-options: nosniff
age: 230959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 22:33:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 3E3F 102 B
133 B 70ms
69ms Other
text/javascript 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=tdg1m6c2iw09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:43:08 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ER_wAAAJBwiAN6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ER_wAAAJBwiAN6&C=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_ER_wAAAJBwiAN6&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 14:43:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 14:43:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y_ER_wAAAJBwiAN6&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y_ER_wAAAJBwiAN6
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_ER_wAAAJBwiAN6

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_ER_wAAAJBwiAN6

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 14:43:09 GMT
AN-X-Request-Uuid: a820edda-91f6-4376-8ac7-28858f09c2e4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Feb 2023 14:43:09 GMT
AN-X-Request-Uuid: c8fc4f6b-04eb-4c65-b907-d21491da23be
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DY_ER_wAAAJBwiAN6
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/ 818 B
748 B 41ms
41ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f0908b5d060ffd0a2a143b6eff456a30d7ad388b8eaae960af83e83c321ff347

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 18:52:29 GMT
server: AkamaiNetStorage
etag: "77ee74d5bbc1c7685d9daae29d8cf862:1663267949.25603"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 478
expires: Mon, 06 Feb 2023 15:43:09 GMT

GET
H2 200 / Show response
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
4 KB 121ms
34ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425c5009dce4222b969e2cacd6ae6334d2b68a6ecc9ad4702815426c5e1a5c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 330314
cf-polished: origSize=8487
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"2127-Fo6KGrBQcbiVGDcQD7br0yT0DJA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a80dddb79b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 adrum-ext.54a9a330b6d789bd61edecd89332c15b.js Show response
cdn.appdynamics.com/ 51 KB
20 KB 43ms
8ms Script
application/javascript 143.204.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.54a9a330b6d789bd61edecd89332c15b.js
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-51.fra50.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 14 Jan 2023 03:53:08 GMT
content-encoding: gzip
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 2026201
x-cache: Hit from cloudfront
last-modified: Fri, 11 Dec 2020 18:05:04 GMT
server: nginx/1.16.1
etag: W/"5fd3b4d0-cc03"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-max-age=14400
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EXam-Ae6w3kx69rNHBDqkL0FE3FciJWverbhw-KuKNDtbgZXHfPZBQ==

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 3E3F 33 KB
19 KB 114ms
113ms XHR
application/json 2a00:1450:400d:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b2d9bc68e535454918bbe24d7d37ff63d3475db86e5ddf7a85b50b963d91cef5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=tdg1m6c2iw09
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19469
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 14:43:09 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_ER_wAAAJBwiAN6

43 B
273 B

72ms
24ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_ER_wAAAJBwiAN6
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Feb 2023 14:43:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220061-HHN
pragma: no-cache
date: Mon, 06 Feb 2023 14:43:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675694589.103390,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_ER_wAAAJBwiAN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 13.5e21898857f4389ff4e3.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 63 KB
19 KB 35ms
32ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/13.5e21898857f4389ff4e3.chunk.js?Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522e538cd9ea2a806f286634886f1a15b9ee4e1ffeb3ea1e337d49623f6424c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 483919
cf-polished: origSize=64856
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 23:23:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fd58-18604fe92b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a80e1e259b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 verifyCaptcha Show response
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ 22 B
1 KB 98ms
97ms Fetch
application/json 2600:9000:223c:8600:16:3030:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8600:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thomsonreuters.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
authorization: Bearer
sec-fetch-dest: empty
cloudfront-viewer-country: DE
x-tr-cloudfront-api-gateway: d1uy6ivt6fb41q
cloudfront-forwarded-proto: https
pragma: no-cache
host: api.thomsonreuters.com
cloudfront-viewer-asn: 39351
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
accept: application/json, text/plain, */*
referer: https://www.thomsonreuters.com/
cache-control: no-cache
access-control-allow-headers
sec-fetch-mode: cors
date: Mon, 06 Feb 2023 14:43:09 GMT
via: 1.1 4f34cef24f337a56e60109433816e570.cloudfront.net (CloudFront), 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
origin: https://www.thomsonreuters.com
cloudfront-is-desktop-viewer: true
x-amz-cf-pop: FRA56-P2
x-forwarded-for: 2a03:1b20:6:f011::8e, 64.252.88.80
x-cache: Miss from cloudfront
x-forwarded-proto: https
content-length: 22
cloudfront-is-smarttv-viewer: false
x-tr-verify-origin: TMkKUPiRNzuCB9SF6AD81
cloudfront-is-mobile-viewer: false
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
access-control-max-age: 3628800
cloudfront-is-tablet-viewer: false
sec-fetch-site: same-site
x-forwarded-port: 443
x-amz-cf-id: GdGRaY-Jgd_rYon4znz_iQrN-X2rcQbFL2TzsbZySUTSR9Oc1pB3PQ==

OPTIONS
H2 200 verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame 0
0 153ms
36ms Preflight 2600:9000:223c:8600:16:3030:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:8600:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

accept: */*
accept-encoding: gzip, deflate, br
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3628800
access-control-request-headers: authorization,content-type
access-control-request-method: POST
cache-control: no-cache
cloudfront-forwarded-proto: https
cloudfront-is-desktop-viewer: true
cloudfront-is-mobile-viewer: false
cloudfront-is-smarttv-viewer: false
cloudfront-is-tablet-viewer: false
cloudfront-viewer-asn: 39351
cloudfront-viewer-country: DE
content-length: 0
date: Mon, 06 Feb 2023 14:43:09 GMT
host: api.thomsonreuters.com
origin: https://www.thomsonreuters.com
pragma: no-cache
referer: https://www.thomsonreuters.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
via: 1.1 b512e16f8badddbde11b46c001331de8.cloudfront.net (CloudFront), 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-id: 3hee22_TVtXTKFP8907C7YGR0NYLY5CVvusCWCi0tsODXOvrpxjp4g==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-forwarded-for: 2a03:1b20:6:f011::8e, 64.252.86.194
x-forwarded-port: 443
x-forwarded-proto: https
x-tr-cloudfront-api-gateway: d1uy6ivt6fb41q
x-tr-verify-origin: TMkKUPiRNzuCB9SF6AD81

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 8 KB
2 KB 129ms
129ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac9fc3508bb931c7cd219cac90653604f02fac270533beee74fc7959693b5ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: f7c6e4f89cc7d789
cf-ray: 7954a80e7e919b7d-FRA
timing-allow-origin: *

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_ER_wAAAJBwiAN6

1 B
452 B

124ms
15ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_ER_wAAAJBwiAN6
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 06 Feb 2023 14:43:08 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn-etou8220061-HHN
pragma: no-cache
date: Mon, 06 Feb 2023 14:43:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675694589.204054,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_ER_wAAAJBwiAN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_ER_wAAAJBwiAN6&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_ER_wAAAJBwiAN6&img=1&__user_check__=1&sync_id=930c4509-a62c-11ed-85e4-190e06a80306

43 B
548 B

16ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_ER_wAAAJBwiAN6&img=1&__user_check__=1&sync_id=930c4509-a62c-11ed-85e4-190e06a80306
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 06 Feb 2023 14:43:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 06 Feb 2023 14:43:09 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y_ER_wAAAJBwiAN6&img=1&__user_check__=1&sync_id=930c4509-a62c-11ed-85e4-190e06a80306
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 17
Connection: keep-alive
Content-Length: 0

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 30ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

729d6411c6631a4b21c42200ac8a537fb9ec5c00986b2253be6b99be8203b4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482821
cf-polished: origSize=105381
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 23:23:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19ba5-18604fe92b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a80f5f9a9b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 6.6e08dbc9e19a3929413c.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
906 B 35ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/6.6e08dbc9e19a3929413c.chunk.js?Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75803624116cc0f098ab693133a61d7c495a4260d654088a9a1fa0b946dde4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 483919
cf-polished: origSize=2539
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 23:23:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9eb-18604fe92b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a80fc8279b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.1f5c76280b1df4a7d118.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 34ms
33ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.1f5c76280b1df4a7d118.chunk.js?Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97b51a1edf3aad3037eb6439103dbb313fcde1875cdcd1f5e7bf784cfeef8dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 483919
cf-polished: origSize=29628
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 23:23:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"73bc-18604fe92b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a80fc82a9b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
24 KB 29ms
29ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5aceeabb3acd528746d88da082a178e77658bbeea164b0f382469c6e23b8de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 482804
cf-polished: origSize=66295
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 23:23:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"102f7-18604fe92b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a80fc82b9b7d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
1 KB 100ms
66ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=32&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfdb130c44a2ba73e21684b8aaea8796414c572ef74c1a9225798f98b6dac9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

servershortname
date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Feb 2023 14:43:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a810097c30e2-FRA
expires: Thu, 03 Feb 2033 14:43:09 GMT

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
627 B 107ms
73ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=27&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c0b0f41c886852db222c01c8e72e333a8163b051b16d40a8d240cf7f965b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

servershortname
date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Feb 2023 14:43:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 7954a810097d30e2-FRA
expires: Thu, 03 Feb 2033 14:43:09 GMT

GET
H2

200

b.php
www.facebook.com/fr/ Frame FEE6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_ER_wAAAJBwiAN6&t=2592000&o=0

43 B
748 B

51ms
32ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_ER_wAAAJBwiAN6&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 06:43:09 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: PK8VMGB7dz/wz7WnJ8RDrIGBiSWviqxeWfGZt3qCLJ8H5dBoH0YT8j44IWxla+SBxCJz+u/Iehu+8VPPLvxEDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
priority: u=3,i
expires: Mon, 06 Feb 2023 06:43:09 PST

Redirect headers

x-served-by: cache-hhn-etou8220061-HHN
pragma: no-cache
date: Mon, 06 Feb 2023 14:43:09 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675694589.431638,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_ER_wAAAJBwiAN6&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame FEE6 0
232 B 194ms
29ms Image
text/html 34.247.96.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=39465952415851002534175100988093867492&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.96.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-96-153.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 06 Feb 2023 14:43:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.22.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
210 B 153ms
153ms XHR
text/plain 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.84.0&Q_CLIENTTYPE=webAdobeLaunch&r=1675694589538

Requested by

Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v16.3.4/static/js/855.6e5c15f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: f093916bde4e6177
cf-ray: 7954a8109a6530e2-FRA

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 256 B
550 B 31ms
31ms Image
image/png 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Thu, 26 Feb 2032 16:15:51 GMT
date: Mon, 06 Feb 2023 14:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29629638
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 6
content-length: 256
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 00:33:55 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, public
accept-ranges: bytes
cf-ray: 7954a81099299b7d-FRA
trace-id: 0f438752c2e165b3
servershortname

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:47:26	Name: _GRECAPTCHA Value: 09ANKMWslQoqpL2xPHfArtkAZT5r1QnEbj8djyvx37r-wCj2mHi0tYfGxGUIUPgOSBoZfhwrSDlEqZaCxAFKI1gOE
ue.thomsonreuters.com/	1970-01-20 09:38:19	Name: AWSALB Value: U7PL/s6T1uttyc1QhtAL7sYJPxw37qWul+LXkcZmtIcZI4IDTekQEIsqH3zADmhiBvlpJXhliQpTrq7W9Hvfw48lIFENGp/Jql2dKOA8cugVvunRpDrFRHwoQ7bq
ue.thomsonreuters.com/	1970-01-20 09:38:19	Name: AWSALBCORS Value: U7PL/s6T1uttyc1QhtAL7sYJPxw37qWul+LXkcZmtIcZI4IDTekQEIsqH3zADmhiBvlpJXhliQpTrq7W9Hvfw48lIFENGp/Jql2dKOA8cugVvunRpDrFRHwoQ7bq
.thomsonreuters.com/	1969-12-31 23:59:59	Name: at_check Value: true
.thomsonreuters.com/	1970-01-20 18:13:50	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Feb+06+2023+14%3A43%3A07+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=00948899-c46c-4e06-8c38-63b268212528&interactionCount=0&landingPath=https%3A%2F%2Fwww.thomsonreuters.com%2Fen-us%2Faccount%2Fbilling%2Fguest%2Fpay&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.demdex.net/	1970-01-20 13:47:26	Name: demdex Value: 39465952415851002534175100988093867492
.thomsonreuters.com/	1969-12-31 23:59:59	Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 18:13:50	Name: everest_g_v2 Value: g_surferid~Y_ER_wAAAJBwiAN6
.thomsonreuters.com/	1970-01-20 19:04:14	Name: mbox Value: session#29792b1206934e01a7c86665df4bf0f9#1675696448\|PC#29792b1206934e01a7c86665df4bf0f9.37_0#1738939388
.dpm.demdex.net/	1970-01-20 13:47:26	Name: dpm Value: 39465952415851002534175100988093867492
.thomsonreuters.com/	1970-01-20 19:04:14	Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19395%7CMCMID%7C39385241628733570674151647706944705330%7CMCAAMLH-1676299387%7C6%7CMCAAMB-1676299387%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675701787s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19402%7CvVersion%7C5.4.0
.thomsonreuters.com/	1970-01-20 18:13:50	Name: _hjSessionUser_1846625 Value: eyJpZCI6IjgyM2VmYTAyLTU5NjQtNWYwOC1hMTI3LTc1MGRkOTNjYWNmMiIsImNyZWF0ZWQiOjE2NzU2OTQ1ODc4NTEsImV4aXN0aW5nIjpmYWxzZX0=
.thomsonreuters.com/	1970-01-20 09:28:16	Name: _hjFirstSeen Value: 1
www.thomsonreuters.com/	1970-01-20 09:28:14	Name: _hjIncludedInSessionSample Value: 0
.thomsonreuters.com/	1970-01-20 09:28:16	Name: _hjSession_1846625 Value: eyJpZCI6IjYwZGUyZWE4LWY3ZTgtNGU4YS1iZTc2LTQ1MmQ3OGM3ZjY3YSIsImNyZWF0ZWQiOjE2NzU2OTQ1ODc5MjMsImluU2FtcGxlIjpmYWxzZX0=
www.thomsonreuters.com/	1970-01-20 09:28:14	Name: _hjIncludedInPageviewSample Value: 1
.thomsonreuters.com/	1970-01-20 09:28:16	Name: _hjAbsoluteSessionInProgress Value: 0
.quantserve.com/	1970-01-20 11:37:50	Name: d Value: EN8BDAGdKLmvYA
.quantserve.com/	1970-01-20 18:58:28	Name: mc Value: 63e111fc-2628e-ad35f-1f8f5
www.thomsonreuters.com/	1970-01-20 09:38:19	Name: AWSALB Value: yXO5LDHjrqUc6FsWXbUapcxhqSNAkkKXdBXy9to0PfdzeVCcQA7YrOROgt7yBqNR/zvb/N4q3ddfpjuI7Qfyelt0xtSEA/vXBHWt5E3pJA/hwrt3LZPnsmn4UAod
www.thomsonreuters.com/	1970-01-20 09:38:19	Name: AWSALBCORS Value: yXO5LDHjrqUc6FsWXbUapcxhqSNAkkKXdBXy9to0PfdzeVCcQA7YrOROgt7yBqNR/zvb/N4q3ddfpjuI7Qfyelt0xtSEA/vXBHWt5E3pJA/hwrt3LZPnsmn4UAod
.doubleclick.net/	1970-01-20 09:28:15	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 18:13:50	Name: CMID Value: Y.ER-CzFCp-gNFsx0pPc2wAA
.casalemedia.com/	1970-01-20 11:37:50	Name: CMPS Value: 3317
.casalemedia.com/	1970-01-20 11:37:50	Name: CMPRO Value: 3317
.adnxs.com/	1970-01-20 11:37:50	Name: uuid2 Value: 62728153368832218
.adnxs.com/	1970-01-20 11:37:50	Name: anj Value: dTM7k!M4.FErk#WF']wIg2In=KkQzm!@wnfH)iR8PMp-v=0C#L595tiJ%Dg[FE^[hZ6=hnl3GZ(j#iP(Md+uBZ.Nkx3I%>7McMo<wEexQ67Oe!@HDA[07U
.pubmatic.com/	1970-01-20 11:37:50	Name: KRTBCOOKIE_218 Value: 4056-Y_ER_wAAAJBwiAN6&KRTB&22978-Y_ER_wAAAJBwiAN6&KRTB&23194-Y_ER_wAAAJBwiAN6&KRTB&23209-Y_ER_wAAAJBwiAN6
.pubmatic.com/	1970-01-20 10:11:26	Name: PugT Value: 1675694588
.spotxchange.com/	1970-01-20 10:08:33	Name: audience Value: 930c44b4-a62c-11ed-85e4-190e06a80306
.demdex.net/	1970-01-20 13:47:26	Name: dextp Value: 60-1-1675694587797\|477-1-1675694587918\|903-1-1675694588019\|1175-1-1675694588119\|22052-1-1675694588220\|49276-1-1675694588345\|121998-1-1675694588446\|144230-1-1675694588547\|144231-1-1675694588647\|144232-1-1675694588774\|144233-1-1675694589002\|144234-1-1675694589102\|144235-1-1675694589203\|144236-1-1675694589304\|144237-1-1675694589411\|444422-1-1675694589514

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=39465952415851002534175100988093867492 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=39465952415851002534175100988093867492 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=39465952415851002534175100988093867492?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thomsonreuters.com
app-data.gcs.trstatic.net
assets.adobedtm.com
auth.split.io
bttrack.com
cdn.appdynamics.com
cdn.cookielaw.org
cdn.pendo.io
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
ml314.com
partner.mediawallahscript.com
pixel.rubiconproject.com
script.hotjar.com
sdk.split.io
siteintercept.qualtrics.com
static.hotjar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
ue.thomsonreuters.com
us-u.openx.net
vars.hotjar.com
westservicesinc.tt.omtrdc.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
www.facebook.com
www.google.com
www.gstatic.com
www.thomsonreuters.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
104.17.208.240
13.32.27.107
13.37.25.97
142.251.39.34
143.204.215.65
143.204.89.51
151.101.195.9
151.101.2.49
18.203.152.154
18.66.97.10
185.64.189.110
185.80.39.216
185.94.180.126
192.132.33.46
2600:9000:206f:4c00:1b:b66f:bac0:93a1
2600:9000:206f:5e00:15:d837:3240:93a1
2600:9000:214f:de00:2:b30e:75c0:93a1
2600:9000:223c:8600:16:3030:f80:93a1
2600:9000:223f:5400:1f:aa31:7740:93a1
2606:4700::6810:9440
2606:4700::6812:1a55
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:400d:802::200a
2a00:1450:400d:805::2003
2a00:1450:400d:806::2003
2a00:1450:400d:80c::2004
2a02:26f0:f700:495::1e80
2a03:2880:f11c:8183:face:b00c:0:25de
34.111.234.236
34.241.37.119
34.243.64.240
34.247.96.153
34.253.167.75
35.244.159.8
35.244.174.68
37.252.172.123
52.223.40.198
54.157.194.5
54.72.53.159
54.76.136.152
69.173.144.165
07664fd6a9195b3edd30b67c88838d1322752e5ae983c4bca5ae5fad4b6b4f34
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c3e42a1ba245ebb2a4d20e104d84f2d0663ee1789e25f730c2eb2c5c70e8405
0dd8881b3547a3a2db40ab5a6cf0e4ddb7d38ee4c9285885ef790b675274e94d
0ec7fcc5a801028acf2d61045f3b0aeba397355e0ba82aec2ff2e788f7c7753b
15fec3a0d4ef1437c8b2452c42f52329b125f6efabb7b92f3459380dbe7bc188
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff
1b3070fc5dec7a1e1549457dde49d68c5e368984889288134ca86e4b35b0330e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dac44509c6d7ff6e8ea877691a7d8b5f9be6587c7e11e05b2c114e7a2a53334
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
295b8e6e5d80b0c0646f13ef8ebc5711aee5d4293cc12e436857468c27172e6a
2a1303942cc4997cac784a5ce321a36bf65db7635817f7345c02b53322e1bc4d
2b5aceeabb3acd528746d88da082a178e77658bbeea164b0f382469c6e23b8de
2c1d8154a87c73a8ab62368e5cbe0dacaacb57e24b4a835c8fa5024044f6f23f
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3bc93cfe3efa2e13b87e350292562920ff3dd4697545a775c0e54e7aca9b84c9
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc3bdc83cc95fa2c7105c3d18db61101e87e05689ccba087e39293a71086733
425c5009dce4222b969e2cacd6ae6334d2b68a6ecc9ad4702815426c5e1a5c56
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a716a14825b596ef89d24a9d70e02ccbe60535a2ab12198bf5f03511b78406
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
486fe5e55cedeb31ee1bf8564780d86053a10392f3cbd7d0d2277b4ef29adf3f
4af2e19f0214ecdd8e6d57bd1ee79e581c1e968d74c278988d83d04d7dadc2ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce2c6f17719501f781327dc503df3289a235f3dd33e4b2c777b3c90647405d5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1
522e538cd9ea2a806f286634886f1a15b9ee4e1ffeb3ea1e337d49623f6424c4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965
591c4800abf00d5fd56bdbf085af0d1bac6f3652d80f71497d30c8667b089cf9
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
652857521481ad91cfc0aa5d38787b5d626db0ca79742a045a43a4d34fcfacbd
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
729d6411c6631a4b21c42200ac8a537fb9ec5c00986b2253be6b99be8203b4c6
74c0b0f41c886852db222c01c8e72e333a8163b051b16d40a8d240cf7f965b02
75803624116cc0f098ab693133a61d7c495a4260d654088a9a1fa0b946dde4eb
7ac9fc3508bb931c7cd219cac90653604f02fac270533beee74fc7959693b5ae
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dcd9ca9c43b07ee00bafe013058451537c42db0168d7d93485d7b1da05fb002
83f8393c6593831a76ea84324c946029082b5c72507176c13387468d21c651ff
85053191e89c28ddc71296ef932864f85b229a229adc43d76f7732cd7e37e574
8644710324ff0014732060fbbc79f987a32bf2d28798714cde7021e44719499e
8a2eec716594a088e751fb0238d964df99bbab6d347cd0ad8f61316ae4caa0b9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91c52c153a931011afc7c880319b4d40e6cc3126abc4afa11c7bba24151c87f9
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
97b51a1edf3aad3037eb6439103dbb313fcde1875cdcd1f5e7bf784cfeef8dae
9b14e3709e98ea3dbba3a922badf60811308268cc689521d4d092fec031d1c61
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d9bc68e535454918bbe24d7d37ff63d3475db86e5ddf7a85b50b963d91cef5
b5b24629e42c21e498da9a0754ee614001823564967cafacc5b8041dd6a85630
b69813b1d83ea9e7c8d35268bcca7a6ed885d45a3f66f357cf6a92c46b2291b3
b7fef2cfb88eff01f6d1d79ebe81373ba2430a98539983edd648e0cf4b68acce
bb3ca7b96231732703e43b46e741c9753a77db79c84c0f4ff98e11ff79f288e6
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
cfdb130c44a2ba73e21684b8aaea8796414c572ef74c1a9225798f98b6dac9da
d43c8ddc29bf70dc4cf3f10dbabb4294e02b2f4bb889411ea759aec0210af5ac
d54b2383af8cc9fae9184c874a0f15a042644a20329df00b0813ca1fb1963f7d
d57a66d7886a616565a514af5cfc93b06db2f52a94937e0a8c23be8e0ca7f01d
d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66a9914861488dc35e1a36724e615b771d163b115e88d74a079d74a66982a42
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55
f0908b5d060ffd0a2a143b6eff456a30d7ad388b8eaae960af83e83c321ff347
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f4908d874c973acabbf004190d7a7969394b6775b401f86852ad0e2357d56099
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
f92333a45b532bdb5248178674b041b1c35edfd33a55df48192256f0bfe49e4e
fd924e7b3774a8fa2872a09019aa94a576f79d0ee24f14fb653a51f612e50d18
fdc0acf66756e0e8c93916654a2caf1ac789dc3faae814fa98b0ffe0643a742c
fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

www.thomsonreuters.com Open in urlscan Pro 2600:9000:206f:4c00:1b:b66f:bac0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

88 %HTTPS

34 %IPv6

31 Domains

42 Subdomains

37 IPs

9 Countries

3078 kBTransfer

11696 kBSize

31 Cookies

3 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thomsonreuters.com Open in urlscan Pro
2600:9000:206f:4c00:1b:b66f:bac0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

88 %
HTTPS

34 %
IPv6

31
Domains

42
Subdomains

37
IPs

9
Countries

3078 kB
Transfer

11696 kB
Size

31
Cookies

95 HTTP transactions
2 data transactions