urlscan.io logo urlscan.io
SecurityTrails logo

safe.thomson.com Open in urlscan Pro
163.231.5.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thomsonreuters.service-now.com/incident.do?sysparm_query=number=INC1625943
Effective URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101...
Submission: On January 08 via manual from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 36 HTTP transactions. The main IP is 163.231.5.34, located in United States and belongs to WESTPUB-A - West Publishing Corporation, US. The main domain is safe.thomson.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 12th 2018. Valid for: 2 years.
This is the only time safe.thomson.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 149.96.16.164 16839 (SNC)
1 2 163.231.5.34 4583 (WESTPUB-A)
15 163.231.4.106 4583 (WESTPUB-A)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
36 5
17    149.96.16.164 (Santa Clara, United States)

ASN16839 (SNC - SERVICENOW, INC., US)
PTR: vip-149-96-16-164.cust.service-now.com
thomsonreuters.service-now.com
2    163.231.5.34 (United States)

ASN4583 (WESTPUB-A - West Publishing Corporation, US)
PTR: safe.ha.corptr.com
safe.thomson.com
15    163.231.4.106 (United States)

ASN4583 (WESTPUB-A - West Publishing Corporation, US)
PTR: safe.ha.corptr.com
safe.thomson.com
1    2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
3    2a00:1450:4001:820::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
Domain Requested by
17 safe.thomson.com 1 redirects thomsonreuters.service-now.com
safe.thomson.com
ajax.googleapis.com
17 thomsonreuters.service-now.com 1 redirects thomsonreuters.service-now.com
3 ssl.google-analytics.com safe.thomson.com
ssl.google-analytics.com
1 ajax.googleapis.com safe.thomson.com
36 4

This site contains no links.

Subject Issuer Validity Valid
*.service-now.com
Entrust Certification Authority - L1K		 2018-07-09 -
2019-04-01		 9 months crt.sh
*.thomson.com
COMODO RSA Organization Validation Secure Server CA		 2018-10-12 -
2020-10-11		 2 years crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Frame ID: DCD671492A92911626EF2EF582055CF4
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://thomsonreuters.service-now.com/incident.do?sysparm_query=number=INC1625943 HTTP 302
    https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2F... Page URL
  2. https://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWE... HTTP 302
    https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4ad... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

36
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

903 kB
Transfer

2949 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thomsonreuters.service-now.com/incident.do?sysparm_query=number=INC1625943 HTTP 302
    https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943 Page URL
  2. https://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943 HTTP 302
    https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://thomsonreuters.service-now.com/incident.do?sysparm_query=number=INC1625943 HTTP 302
  • https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
auth_redirect.do
thomsonreuters.service-now.com/
Redirect Chain
  • https://thomsonreuters.service-now.com/incident.do?sysparm_query=number=INC1625943
  • https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252Bn...
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
5ef880526e527466d7ab32abc3dcc6d2bc56486b5dc5e38b70e264397687622a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Host
thomsonreuters.service-now.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Is-Logged-In
false
Pragma
no-store,no-cache
Cache-control
no-cache,no-store,must-revalidate,max-age=-1
Expires
0
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Content-Length
7687
Date
Tue, 08 Jan 2019 10:23:41 GMT
Server
ServiceNow
Strict-Transport-Security
max-age=63072000; includeSubDomains

Redirect headers

Set-Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; Path=/; HttpOnly;Secure glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; Expires=Sun, 26-Jan-2087 13:37:49 GMT; Path=/; HttpOnly;Secure BIGipServerpool_thomsonreuters=662706954.39742.0000; path=/; Httponly; Secure
X-Is-Logged-In
false
Location
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Transfer-Encoding
chunked
Date
Tue, 08 Jan 2019 10:23:41 GMT
Server
ServiceNow
Strict-Transport-Security
max-age=63072000; includeSubDomains
css_includes_doctype.cssx
thomsonreuters.service-now.com/styles/ 		245 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/styles/css_includes_doctype.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
5a7af06f78f477653d7643121694841cb9960a0f673d5bbad1243ca2b397b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:42 GMT
source_sans_pro.cssx
thomsonreuters.service-now.com/styles/heisenberg/ 		2 KB
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/styles/heisenberg/source_sans_pro.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=null
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
e74b813f0c8790db2120c41289144f7cd781b1a0fae2361c931d605c928cdf61
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Content-Length
244
Expires
Sun, 12 Jan 2020 10:23:43 GMT
heisenberg_all.cssx
thomsonreuters.service-now.com/styles/heisenberg/ 		266 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/styles/heisenberg/heisenberg_all.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=null
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
2378ba5da8ced73587d80f495535a45fdd6b78a93a1273b744617c768a6eeda0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:26:36 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/css;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
js_includes_doctype.jsx
thomsonreuters.service-now.com/scripts/doctype/ 		998 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
ef70147e0fae7ed20a224b951768a6c56ba99d5564ae51aac796c4ef83a562b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:26:36 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
js_includes_customer.jsx
thomsonreuters.service-now.com/scripts/ 		223 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/js_includes_customer.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
a5fa493f9b96e6322eb88f762419d6788827ee4ee1f1a542b9f75a7c0692ecb4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
js_includes_legacy.jsx
thomsonreuters.service-now.com/scripts/doctype/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/doctype/js_includes_legacy.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
ab3b3846cfbe91390d2de6b689b989f00def9f120d4fb35755e4e749683ad2b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
js_guided_tours_includes.jsx
thomsonreuters.service-now.com/scripts/app.guided_tours/ 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/app.guided_tours/js_guided_tours_includes.jsx?v=09-05-2018_1933
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
098e54f6e6a1c8bccd539082a4c734ce295be66b71e64cbefef250d1d57f5bef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:26:36 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
js_includes_last_doctype.jsx
thomsonreuters.service-now.com/scripts/doctype/ 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/doctype/js_includes_last_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
af116a6b6d0a2acad7528a680d4468972ceddc55448bd54be1b282b4cf7c927c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
heisenberg_all.jsx
thomsonreuters.service-now.com/scripts/heisenberg/ 		128 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/heisenberg/heisenberg_all.jsx?v=09-05-2018_1933
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
920bdd89f95b4a567b734ca0715759be3e20d05221bafabd2f65d33c24ab65d1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-Cnection
close
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
js_includes_list_edit_doctype.jsx
thomsonreuters.service-now.com/scripts/ 		174 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/js_includes_list_edit_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
b00c9126bab2040bbbd10b37788fdcf1036d28e1a11538542cce7f88dd80583c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:06 GMT
Server
ServiceNow
Cache-Control
public
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
X-Cnection
close
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Expires
Sun, 12 Jan 2020 10:23:43 GMT
transaction_scope_includes.jsx
thomsonreuters.service-now.com/scripts/ 		849 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/transaction_scope_includes.jsx?v=09-05-2018_1933
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
d91f15f146f635c43db9a501f24651821a4e8674196f60e039c748dd43ea1265
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Dec 2018 08:38:07 GMT
Server
ServiceNow
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Content-Length
318
Expires
Sun, 12 Jan 2020 10:23:43 GMT
z_last_include.jsx
thomsonreuters.service-now.com/scripts/doctype/ 		1 KB
957 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/scripts/doctype/z_last_include.jsx?v=09-05-2018_1933
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
2771e4e74822121736662c759a072d6d4fe24276074f2724aea0ca8d0a864566
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Cookie
JSESSIONID=A14AE0A0D15F140F0DCE3E4764A8D70D; glide_user_route=glide.8b52da930e2573c5e01db788dda25eed; BIGipServerpool_thomsonreuters=662706954.39742.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Cache-Control
public
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/javascript;charset=UTF-8
X-Cnection
close
x-edge-enc-proxy-static
true
Content-Length
568
Expires
Sun, 12 Jan 2020 10:23:43 GMT
Cookie set legacy
thomsonreuters.service-now.com/api/now/ui/date_time/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/api/now/ui/date_time/legacy
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
application/json
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
X-UserToken
3d674e7e1332634c0cd0bd566144b02df4146dc501c94e93afb10a5bb47f4157e0ee8267
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
X-UserToken
3d674e7e1332634c0cd0bd566144b02df4146dc501c94e93afb10a5bb47f4157e0ee8267
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-store,no-cache
Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Set-Cookie
JSESSIONID=42C68EA85852708D6B6753E1B48830CC; Path=/; HttpOnly;Secure glide_user=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; HttpOnly;Secure glide_user_session=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/; HttpOnly;Secure glide_user_route=glide.369258c0ca5b88014772e6fc2b95d642; Expires=Sun, 26-Jan-2087 13:37:51 GMT; Path=/; HttpOnly;Secure BIGipServerpool_thomsonreuters=528489226.33854.0000; path=/; Httponly; Secure
Cache-control
no-cache,no-store,must-revalidate,max-age=-1
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Is-Logged-In
true
Expires
0
retina_icons.woff
thomsonreuters.service-now.com/styles/retina_icons/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/styles/retina_icons/retina_icons.woff?e66ca389049a7071b7ff59497b24694d
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Origin
https://thomsonreuters.service-now.com
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/styles/heisenberg/heisenberg_all.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=null
Cookie
JSESSIONID=42C68EA85852708D6B6753E1B48830CC; glide_user_route=glide.369258c0ca5b88014772e6fc2b95d642; BIGipServerpool_thomsonreuters=528489226.33854.0000
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://thomsonreuters.service-now.com/styles/heisenberg/heisenberg_all.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=null
Origin
https://thomsonreuters.service-now.com

Response headers

Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:26:36 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
application/font-woff;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Expires
Sun, 12 Jan 2020 10:23:44 GMT
SourceSansPro-Regular.otf.woff
thomsonreuters.service-now.com/styles/fonts/source-sans-pro/ 		130 KB
131 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thomsonreuters.service-now.com/styles/fonts/source-sans-pro/SourceSansPro-Regular.otf.woff
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.96.16.164 Santa Clara, United States, ASN16839 (SNC - SERVICENOW, INC., US),
Reverse DNS
vip-149-96-16-164.cust.service-now.com
Software
ServiceNow /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Pragma
no-cache
Origin
https://thomsonreuters.service-now.com
Accept-Encoding
gzip, deflate, br
Host
thomsonreuters.service-now.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://thomsonreuters.service-now.com/styles/heisenberg/source_sans_pro.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=null
Cookie
JSESSIONID=42C68EA85852708D6B6753E1B48830CC; glide_user_route=glide.369258c0ca5b88014772e6fc2b95d642; BIGipServerpool_thomsonreuters=528489226.33854.0000
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://thomsonreuters.service-now.com/styles/heisenberg/source_sans_pro.cssx?v=09-05-2018_1933&c=2016-03-06_20:45:29_ea93539113fe67480cd0bd566144b075&theme=null
Origin
https://thomsonreuters.service-now.com

Response headers

Date
Tue, 08 Jan 2019 10:23:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Sep 2018 16:21:08 GMT
Server
ServiceNow
Transfer-Encoding
chunked
Content-Type
application/font-woff;charset=UTF-8
Cache-Control
public
x-edge-enc-proxy-static
true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Accept-Ranges
bytes
Expires
Sun, 12 Jan 2020 10:23:44 GMT
Primary Request Cookie set router
safe.thomson.com/auth/
Redirect Chain
  • https://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNo...
  • https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvG...
27 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Requested by
Host: thomsonreuters.service-now.com
URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.5.34 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
f509a333d4c1c26d40ba152c3ffdc62f3c70563003223c70e07f15a5c5c01079

Request headers

Host
safe.thomson.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943
Accept-Encoding
gzip, deflate, br
Cookie
BIGipServerSAFE-443=1113122723.47873.0000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943

Response headers

Cache-Control
no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Content-Language
en-US
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
Set-Cookie
safe2.protectionlevel=SAFE5; Secure JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1; Path=/ safe2.target=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943; Secure safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; Secure
X-Powered-By
ASP.NET
Date
Tue, 08 Jan 2019 10:23:45 GMT
Connection
close
Content-Length
9304

Redirect headers

Cache-control
no-store
Location
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Content-Length
0
Set-Cookie
BIGipServerSAFE-443=1113122723.47873.0000; path=/
Cookie set style_min.css
safe.thomson.com/safe-ui/css/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/css/style_min.css
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
c531168567600088d6bc7f6663ba22c4d16883069b3a61f3c6a1bc539cf7ea90

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Dec 2016 11:20:08 GMT
Server
Microsoft-IIS/7.5
ETag
"0648b5b8e57d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=604800
Set-Cookie
BIGipServerSAFE-443=576251811.47873.0000; path=/
Accept-Ranges
bytes
Content-Length
5286
Cookie set respond.min.js
safe.thomson.com/safe-ui/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/js/respond.min.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
712bd07564cb32b21c51129e5b9fcaee8c79182473e16cdaacfe6ffadbd7a5eb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Nov 2014 21:04:39 GMT
Server
Microsoft-IIS/7.5
ETag
"80df543733d01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Set-Cookie
BIGipServerSAFE-443=1113122723.47873.0000; path=/
Accept-Ranges
bytes
Content-Length
1715
Cookie set DwrMethodController.js
safe.thomson.com/auth/dwr/interface/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/interface/DwrMethodController.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
e54dc140bf29aa03bccecdd6ffc6c4c0b9c6320fcbf86c614b0b9cc7e9f4595c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
safe2.protectionlevel=SAFE5; safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
ETag
"1546770278000"
Last-Modified
Sun, 06 Jan 2019 10:24:38 GMT
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Set-Cookie
safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; Secure JSESSIONID=0000FgoneHlZP8wdmbPwpKX4-y1:-1; Path=/ BIGipServerSAFE-443=1096345507.47873.0000; path=/
Content-Type
text/javascript; charset=utf-8
Content-Length
579
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cookie set engine.js
safe.thomson.com/auth/dwr/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/engine.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
5f270b4dada904a5b43cbb16e3b1bf8201e60f4dccf96e158b62d15dd3baf58e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
safe2.protectionlevel=SAFE5; safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
ETag
"1546774187000"
Last-Modified
Sun, 06 Jan 2019 11:29:47 GMT
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Set-Cookie
safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; Secure BIGipServerSAFE-443=1113122723.47873.0000; path=/
Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
close
Content-Type
text/javascript; charset=utf-8
Content-Length
25098
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cookie set util.js
safe.thomson.com/auth/dwr/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/util.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
0b077275b97f382827dd8c70f4ee8d7eccd1be9b9fab33a0800de5fdea82e79a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
safe2.protectionlevel=SAFE5; safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
ETag
"1546774187000"
Last-Modified
Sun, 06 Jan 2019 11:29:47 GMT
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Set-Cookie
safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; Secure BIGipServerSAFE-443=1113122723.47873.0000; path=/
Cache-Control
no-cache="set-cookie, set-cookie2"
Connection
close
Content-Type
text/javascript; charset=utf-8
Content-Length
14519
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cookie set captcha
safe.thomson.com/auth/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/auth/captcha
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
bc3a9be2b6366b936edd665b0ea47552e4f49b523a87eebc4fb8519af4115b55

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
safe2.protectionlevel=SAFE5; safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; JSESSIONID=0000mC6T3pAuHP-4jN262dlSp0B:-1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Content-Language
en-US
Set-Cookie
safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; Secure JSESSIONID=0000Q1oT1fK-8B5jRborWzmP-a-:-1; Path=/ BIGipServerSAFE-443=2165893027.47873.0000; path=/
Cache-Control
private,no-cache,no-store
Connection
close
Content-Type
image/png
Content-Length
9569
Expires
Thu, 01 Dec 1994 16:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.1/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Dec 2018 06:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1568981
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
32124
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Dec 2019 06:34:05 GMT
Cookie set __System.pageLoaded.dwr
safe.thomson.com/auth/dwr/call/plaincall/ 		200 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/auth/dwr/call/plaincall/__System.pageLoaded.dwr
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/dwr/engine.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 WebSphere Application Server/7.0 / ASP.NET
Resource Hash
e73b1f3fe0b587758b797e3481dad7346cb7cb0c10e703d727f29adf5dd8b6b7

Request headers

Pragma
no-cache
Origin
https://safe.thomson.com
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain
Accept
*/*
Cache-Control
no-cache
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Cookie
safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; safe2.protectionlevel=SAFE5; safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; JSESSIONID=0000FgoneHlZP8wdmbPwpKX4-y1:-1; BIGipServerSAFE-443=1113122723.47873.0000
Connection
keep-alive
Content-Length
1403
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Origin
https://safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5 WebSphere Application Server/7.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Language
en-US
Cache-Control
no-cache="set-cookie, set-cookie2"
Set-Cookie
safe2.target=HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943; Secure
Content-Type
text/javascript; charset=utf-8
Content-Length
269
Expires
Thu, 01 Dec 1994 16:00:00 GMT
wrap-bg.png
safe.thomson.com/safe-ui/img/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/wrap-bg.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
f63903515e837208b0de93a9725b15ae86427d969574301b7d01e9d900e99872

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
Cookie
JSESSIONID=0000FgoneHlZP8wdmbPwpKX4-y1:-1; BIGipServerSAFE-443=1113122723.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:39 GMT
Server
Microsoft-IIS/7.5
ETag
"d9f92e44733d01:0"
Content-Type
image/png
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
952
sprite.gif
safe.thomson.com/safe-ui/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/sprite.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
02cf1424531a5cd6441fa74fb2cf625e2363c3df8e25aeccb77cb847769bf33a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
Cookie
JSESSIONID=0000FgoneHlZP8wdmbPwpKX4-y1:-1; BIGipServerSAFE-443=1113122723.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:31 GMT
Server
Microsoft-IIS/7.5
ETag
"ab94a53f733d01:0"
Content-Type
image/gif
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
10433
thomsonreuters_transparent.gif
safe.thomson.com/safe-ui/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/thomsonreuters_transparent.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
be135e2279b56f4dc64c4b104ac2aa151bb6ad95b31b9d7581f48f5f1aad6fd3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
Cookie
JSESSIONID=0000FgoneHlZP8wdmbPwpKX4-y1:-1; BIGipServerSAFE-443=1113122723.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"ab28633c733d01:0"
Content-Type
image/gif
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
4958
header-bg.gif
safe.thomson.com/safe-ui/img/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/header-bg.gif
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
d407d69bd83898e45f38abe172695de9fdd5d045ec1ca6fffa7b583858efabb2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
Cookie
JSESSIONID=0000FgoneHlZP8wdmbPwpKX4-y1:-1; BIGipServerSAFE-443=1113122723.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:39 GMT
Server
Microsoft-IIS/7.5
ETag
"59955e44733d01:0"
Content-Type
image/gif
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
842
icon-lock.png
safe.thomson.com/safe-ui/img/ 		543 B
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/icon-lock.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
c9b87a12835f4faa9901181d23a83eccd52804829f46c4551df0fa1a7385a238

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
Cookie
JSESSIONID=0000Q1oT1fK-8B5jRborWzmP-a-:-1; BIGipServerSAFE-443=2165893027.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:31 GMT
Server
Microsoft-IIS/7.5
ETag
"181d7d3f733d01:0"
Content-Type
image/png
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
543
input-bg.png
safe.thomson.com/safe-ui/img/ 		119 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safe.thomson.com/safe-ui/img/input-bg.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
d3f1c02cda72c02f23c27dbbb6604c3887d053c8e74203ea2ecd7df721f8e080

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
Cookie
JSESSIONID=0000Q1oT1fK-8B5jRborWzmP-a-:-1; BIGipServerSAFE-443=2165893027.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Referer
https://safe.thomson.com/safe-ui/css/style_min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Last-Modified
Tue, 18 Nov 2014 21:04:38 GMT
Server
Microsoft-IIS/7.5
ETag
"392fe543733d01:0"
Content-Type
image/png
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
119
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: safe.thomson.com
URL: https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
906
date
Tue, 08 Jan 2019 10:08:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17168
expires
Tue, 08 Jan 2019 12:08:41 GMT
script.min.js
safe.thomson.com/safe-ui/js/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/js/script.min.js?_=1546943027918
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
1628d9552e67d29d36791070b49c58c24462a8fb1e4386ad35c84ca529569c01

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
X-Requested-With
XMLHttpRequest
Cookie
JSESSIONID=0000Q1oT1fK-8B5jRborWzmP-a-:-1; BIGipServerSAFE-443=2165893027.47873.0000
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Nov 2014 21:04:31 GMT
Server
Microsoft-IIS/7.5
ETag
"8059303f733d01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
3131
__utm.gif
ssl.google-analytics.com/p/ 		35 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/p/__utm.gif
Requested by
Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Origin
https://safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Jan 2019 10:23:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
https://safe.thomson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
plugins.min.js
safe.thomson.com/safe-ui/js/ 		24 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://safe.thomson.com/safe-ui/js/plugins.min.js?_=1546943028063
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.231.4.106 , United States, ASN4583 (WESTPUB-A - West Publishing Corporation, US),
Reverse DNS
safe.ha.corptr.com
Software
Microsoft-IIS/7.5 /
Resource Hash
3d55f11a265e107bdbe4945dddaf4197a29d0bf050dce3ba5355cc2de2e2fc8c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
X-Requested-With
XMLHttpRequest
Cookie
JSESSIONID=0000Q1oT1fK-8B5jRborWzmP-a-:-1; BIGipServerSAFE-443=2165893027.47873.0000; __utma=232658333.402336500.1546943028.1546943028.1546943028.1; __utmc=232658333; __utmz=232658333.1546943028.1.1.utmcsr=thomsonreuters.service-now.com|utmccn=(referral)|utmcmd=referral|utmcct=/auth_redirect.do; __utmt=1; __utmb=232658333.1.10.1546943028
Connection
keep-alive
Cache-Control
no-cache
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 08 Jan 2019 10:23:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Nov 2014 21:04:26 GMT
Server
Microsoft-IIS/7.5
ETag
"069353c733d01:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=604800
Accept-Ranges
bytes
Content-Length
7693
__utm.gif
ssl.google-analytics.com/p/ 		35 B
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/p/__utm.gif
Requested by
Host: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safe.thomson.com/auth/router?action=Login&ProtectionLevel=SAFE5&TYPE=33554433&REALMOID=06-4adfa57b-7644-43cd-8101-842e88965ef7&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$gNW0md%2bsMuvGQzbDDuh6DYs%2bNZBvIyDUm03q6eXS44rjYkLiEidwAshKyiJ0AjbI&TARGET=$SM$HTTPS%3a%2f%2fsafe%2ethomson%2ecom%2fSAML2%2fsso%2fSAML2Service%3fSAMLRequest%3dnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT$%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5$%2FZ3u$%2B7d2mvkeDkE4CJ$%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F$%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg$%3D$%3D%26RelayState%3dhttps$%3A$%2F$%2Fthomsonreuters%2eservice-now%2ecom$%2Fsaml_redirector%2edo$%3Fsysparm_nostack$%3Dtrue$%26sysparm_uri$%3D$%252Fnav_to%2edo$%253Furi$%253D$%25252Fincident%2edo$%25253Fsysparm_query$%25253Dnumber$%25253DINC1625943
Origin
https://safe.thomson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Jan 2019 10:23:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
https://safe.thomson.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| getQueryVariable object| respond string| jsSafeEnvironment string| envSuffix string| jsRoot string| cssRoot string| imageRoot string| docRoot string| dwrRoot string| dwrRoot2 undefined| SAFELogo object| dwr object| DwrMethodController string| httpMethod function| $ function| jQuery object| _gaq function| getCaptchaResults function| createSpan function| getCaptchaButtonText object| isMobile function| buildHTML object| jQuery161017015871062174215 object| _gat object| gaGlobal object| entityToCode object| charToEntity string| entityName function| UnescapeEntities function| EscapeEntities boolean| bInvalid string| completeHREF string| baseurl function| fireClickEvent function| getBaseUrl function| isDefined function| createMessageSpan function| invalidFrmInputs string| paramString function| log

9 Cookies

Domain/Path Name / Value
.safe.thomson.com/ Name: __utmb
Value: 232658333.2.9.1546943028
.safe.thomson.com/ Name: __utmt
Value: 1
.safe.thomson.com/ Name: __utmz
Value: 232658333.1546943028.1.1.utmcsr=thomsonreuters.service-now.com|utmccn=(referral)|utmcmd=referral|utmcct=/auth_redirect.do
.safe.thomson.com/ Name: __utmc
Value: 232658333
safe.thomson.com/auth Name: safe2.protectionlevel
Value: SAFE5
.safe.thomson.com/ Name: __utma
Value: 232658333.402336500.1546943028.1546943028.1546943028.1
safe.thomson.com/ Name: JSESSIONID
Value: 0000Q1oT1fK-8B5jRborWzmP-a-:-1
safe.thomson.com/auth Name: safe2.target
Value: HTTPS://safe.thomson.com/SAML2/sso/SAML2Service?SAMLRequest=nVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%2BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%2FZ3u%2B7d2mvkeDkE4CJ%2FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%2FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%3D%3D&RelayState=https%3A%2F%2Fthomsonreuters.service-now.com%2Fsaml_redirector.do%3Fsysparm_nostack%3Dtrue%26sysparm_uri%3D%252Fnav_to.do%253Furi%253D%25252Fincident.do%25253Fsysparm_query%25253Dnumber%25253DINC1625943
safe.thomson.com/ Name: BIGipServerSAFE-443
Value: 2165893027.47873.0000

15 Console Messages

Source Level URL
Text
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
running inline scripts, count: 0
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
runBeforeRender
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
runAfterAllLoaded, functions: 7
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
fireAllChangeHandlers start
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
fireAllChangeHandlers end
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
late load functions: 4
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
Clearing event handlers reference cache
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
[00:00:00.040] runAfterAllLoaded finished
console-api log URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943(Line 122)
Message:
+-- Parse times
console-api log URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943(Line 123)
Message:
| CSS parse: 989.5000010728836
console-api log URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943(Line 124)
Message:
| JS doctype: 673.5000014305115
console-api log URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943(Line 125)
Message:
| JS at end of page: 52.299998700618744
console-api log URL: https://thomsonreuters.service-now.com/auth_redirect.do?sysparm_url=https%3A%2F%2Fsafe.thomson.com%2FSAML2%2Fsso%2FSAML2Service%3FSAMLRequest%3DnVLLTsMwEPyVyPe8SwtWU6m0QlQqEDWBAzcnWbeWEjt4nRT%252BnjQJarlUiJu1nt2Zndk5sqoMarpszEHu4KMBNNZnVUqkw09EGi2pYiiQSlYBUpPTZPm0pYHj0Voro3JVEmuJCNoIJVdKYlOBTkC3IofX3TYiB2NqpK5rDqpCJTU0BjQ6OEBsqY5OripXsrZme3AKRax1J0RIdpp47kfGwRmH9B0nIYGLqIbXyEmsB6Vz6HeKCGcldqXNOiLJ8yoIpxmbePl0dsP9jE9ZyMNsMuPTkM1mwIsOiDFDFC2cWxEb2Eg0TJqIBJ5%252FZ3u%252B7d2mvkeDkE4CJ%252FS9d2LFoxv3QhZC7q9blw0gpI9pGtvxS5L2A1pRgH7u0P9y7a0D9I51DGQx7yOkvXx9mep1ZewnSrL4m4S5e0k00tb0tMVmHatS5F%252FWsizVcaWBmW4zo5shpIqZ61pOFVHYvIfSRmINueACCuIuRtrfx7v4Bg%253D%253D%26RelayState%3Dhttps%253A%252F%252Fthomsonreuters.service-now.com%252Fsaml_redirector.do%253Fsysparm_nostack%253Dtrue%2526sysparm_uri%253D%25252Fnav_to.do%25253Furi%25253D%2525252Fincident.do%2525253Fsysparm_query%2525253Dnumber%2525253DINC1625943(Line 126)
Message:
+-- All parsing: 1715.5000008642673
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
after page loaded starting
console-api log URL: https://thomsonreuters.service-now.com/scripts/doctype/js_includes_doctype.jsx?v=09-05-2018_1933&lp=Thu_May_03_13_21_13_PDT_2018&c=20_322(Line 781)
Message:
[00:00:00.018] after page loaded complete, functions called: 5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
safe.thomson.com
ssl.google-analytics.com
thomsonreuters.service-now.com
149.96.16.164
163.231.4.106
163.231.5.34
2a00:1450:4001:808::200a
2a00:1450:4001:820::2008
02cf1424531a5cd6441fa74fb2cf625e2363c3df8e25aeccb77cb847769bf33a
098e54f6e6a1c8bccd539082a4c734ce295be66b71e64cbefef250d1d57f5bef
0b077275b97f382827dd8c70f4ee8d7eccd1be9b9fab33a0800de5fdea82e79a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1628d9552e67d29d36791070b49c58c24462a8fb1e4386ad35c84ca529569c01
2378ba5da8ced73587d80f495535a45fdd6b78a93a1273b744617c768a6eeda0
2771e4e74822121736662c759a072d6d4fe24276074f2724aea0ca8d0a864566
3d55f11a265e107bdbe4945dddaf4197a29d0bf050dce3ba5355cc2de2e2fc8c
5a7af06f78f477653d7643121694841cb9960a0f673d5bbad1243ca2b397b0a3
5ef880526e527466d7ab32abc3dcc6d2bc56486b5dc5e38b70e264397687622a
5f270b4dada904a5b43cbb16e3b1bf8201e60f4dccf96e158b62d15dd3baf58e
712bd07564cb32b21c51129e5b9fcaee8c79182473e16cdaacfe6ffadbd7a5eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
920bdd89f95b4a567b734ca0715759be3e20d05221bafabd2f65d33c24ab65d1
a5fa493f9b96e6322eb88f762419d6788827ee4ee1f1a542b9f75a7c0692ecb4
ab3b3846cfbe91390d2de6b689b989f00def9f120d4fb35755e4e749683ad2b0
af116a6b6d0a2acad7528a680d4468972ceddc55448bd54be1b282b4cf7c927c
b00c9126bab2040bbbd10b37788fdcf1036d28e1a11538542cce7f88dd80583c
bc3a9be2b6366b936edd665b0ea47552e4f49b523a87eebc4fb8519af4115b55
be135e2279b56f4dc64c4b104ac2aa151bb6ad95b31b9d7581f48f5f1aad6fd3
c531168567600088d6bc7f6663ba22c4d16883069b3a61f3c6a1bc539cf7ea90
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
c9b87a12835f4faa9901181d23a83eccd52804829f46c4551df0fa1a7385a238
d3f1c02cda72c02f23c27dbbb6604c3887d053c8e74203ea2ecd7df721f8e080
d407d69bd83898e45f38abe172695de9fdd5d045ec1ca6fffa7b583858efabb2
d91f15f146f635c43db9a501f24651821a4e8674196f60e039c748dd43ea1265
e54dc140bf29aa03bccecdd6ffc6c4c0b9c6320fcbf86c614b0b9cc7e9f4595c
e73b1f3fe0b587758b797e3481dad7346cb7cb0c10e703d727f29adf5dd8b6b7
e74b813f0c8790db2120c41289144f7cd781b1a0fae2361c931d605c928cdf61
ef70147e0fae7ed20a224b951768a6c56ba99d5564ae51aac796c4ef83a562b3
f509a333d4c1c26d40ba152c3ffdc62f3c70563003223c70e07f15a5c5c01079
f63903515e837208b0de93a9725b15ae86427d969574301b7d01e9d900e99872