www.thomsonreuters.com Open in urlscan Pro
2600:9000:2490:dc00:1b:b66f:bac0:93a1  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://cm.everesttech.net/cm/dd?d_uuid=21095179616811292352786868269069909132 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz2KuwAAAHfbUwN-

Request Chain 62

• https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=BacQTAv1QUse9UAYVqEOHAKjFU4epxMdAKBPM5i9

Request Chain 66

• https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
• https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3630538860721078407

Request Chain 72

• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=21095179616811292352786868269069909132?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=21095179616811292352786868269069909132?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 75

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXoyS3V3QUFBSGZiVXdOLQ== HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXoyS3V3QUFBSGZiVXdOLQ==&google_tc=

Request Chain 76

• https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yz2KuwAAAHfbUwN-&expires=90

Request Chain 81

• https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yz2KuwAAAHfbUwN- HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yz2KuwAAAHfbUwN-&C=1

Request Chain 87

• https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
• https://ib.adnxs.com/setuid?entity=158&code=Yz2KuwAAAHfbUwN- HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYz2KuwAAAHfbUwN-

Request Chain 90

• https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yz2KuwAAAHfbUwN-

Request Chain 91

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yz2KuwAAAHfbUwN-

Request Chain 92

• https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yz2KuwAAAHfbUwN-&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yz2KuwAAAHfbUwN-&img=1&__user_check__=1&sync_id=22496ed7-44b4-11ed-8909-1f932c7f0206

Request Chain 93

• https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
• https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yz2KuwAAAHfbUwN-&t=2592000&o=0

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request pay Show response www.thomsonreuters.com/en-us/account/billing/guest/	5 KB 3 KB	114ms 8ms	Document text/html	2600:9000:2490:dc00:1b:b66f:bac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:dc00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 4cebdf7a9df297fd1797d43f6ef14201a4a67d617ef3350f023b157ae70f57ce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 344 cache-control max-age=900 content-disposition inline content-encoding gzip content-length 1902 content-type text/html;charset=utf-8 date Wed, 05 Oct 2022 13:40:50 GMT etag "13a3-5e990c0d06ac0-gzip" expires Wed, 05 Oct 2022 13:55:50 GMT last-modified Mon, 26 Sep 2022 09:00:03 GMT server Apache strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding,User-Agent via 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront) x-amz-cf-id NWaiWmiVUJoN6ZCsUbd6kkkEa-buWhlYwwuCz09EWMGRFza-nNLGXA== x-amz-cf-pop FRA56-P6 x-cache Hit from cloudfront x-content-type-options nosniff x-dispatcher dispatcher2useast1 x-frame-options SAMEORIGIN x-ua-compatible IE=edge x-vhost www.thomsonreuters.com
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 8 KB	51ms 17ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Oct 2022 13:46:34 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 zvDmpz9S9y5z1XhncmOZ/w== age 7122 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 7151 x-ms-lease-status unlocked last-modified Tue, 04 Oct 2022 02:35:27 GMT server cloudflare etag 0x8DAA5B119096EDC vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id f2a38831-301e-00ff-3b9e-d7e57e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 75569aaf48c5903d-FRA
GET H2	200	bootstrap.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/	183 KB 53 KB	118ms 9ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/bootstrap.js Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8336a36434b3f88621c6241efabf3f1fa836d88fda421b3405881cc274c0d559 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:06 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85169 etag W/"d48fa0c129244dac1130f937b20d4eb6" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id _CgGgTRqm5jK2UREl4rlugZPgH02bm6iFnPm3HYEKyDdEVrkgROJ1g==
GET H2	200	143d5191-c678-49f6-8ac0-376dfe324de7.json Show response cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/	5 KB 2 KB	42ms 20ms	XHR application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/143d5191-c678-49f6-8ac0-376dfe324de7.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Oct 2022 13:46:34 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 A9gHZn55h3f5NJaBoJG35A== age 6741 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 1661 x-ms-lease-status unlocked last-modified Mon, 11 Jul 2022 12:46:07 GMT server cloudflare etag 0x8DA633B52D706CE vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b6f8a47d-801e-0143-4a3f-95b45a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 75569aaf8fb49b22-FRA expires Wed, 05 Oct 2022 17:46:34 GMT
GET H2	200	launch-f185a872eb60.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/	326 KB 91 KB	113ms 9ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 0ec7fcc5a801028acf2d61045f3b0aeba397355e0ba82aec2ff2e788f7c7753b Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:34 GMT content-encoding gzip last-modified Thu, 15 Sep 2022 18:52:28 GMT server AkamaiNetStorage etag "306e3b44df2929d6b7cbf18057366715:1663267948.484144" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 93045 expires Wed, 05 Oct 2022 14:46:34 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	153 B 364 B	82ms 32ms	XHR application/json	2606:4700:4400::6812:2962 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 75569aaffba69010-FRA access-control-allow-headers Content-Type
GET H2	200	841.af1c46de.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	1 MB 364 KB	13ms 12ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4d995b82ea02c35d64e2199b8f25d78a4019b758cbb13c55111f7c16f511c69a Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:48 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:34 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74147 etag W/"375e98d8006fcc3f240e5e18b5d42335" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id ZQcGZymBh2i2SBRWrDFh2cY1vnW7QoiIBBPWmDVVvkcvVN1lFA9NmA==
GET H2	200	app-main.a58c7c62.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/	375 KB 55 KB	60ms 59ms	Stylesheet text/css	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1cd0292b04ba66a63933ecc0bf8a0757353f4a031ea51b747dbff285e7d0cb80 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:07 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:20 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85168 etag W/"18194550fcd025039ef4323c1c11a8a0" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css cache-control max-age=86400,immutable x-amz-cf-id tT1C7QOqa4FKfCOLVGHG1IVsLL8MJTQUTNObQMMX1_p3VBqWByz9gQ==
GET H2	200	app-main.eb4db1e8.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	620 KB 121 KB	67ms 66ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/app-main.eb4db1e8.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/bootstrap.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 04acbeb7e6a02b8f26604e1e653c480d676189b1345ddadaa3a2146055a1d27c Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:07 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85168 etag W/"6516152ac16939b43d0635d7c66b0ab7" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id mCLznW9VwGcpq015D2Jnrv1xp0IOhOT0CsAA7zuQd_6dUuV_0pXddw==
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.16.0/	374 KB 83 KB	22ms 20ms	Script application/javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Oct 2022 13:46:34 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 dGCXlveaBvO7BI0nfZKP+g== age 8305 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 85065 x-ms-lease-status unlocked last-modified Thu, 06 May 2021 19:31:04 GMT server cloudflare etag 0x8D910C57D52F14C vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id fc994483-d01e-007d-116c-c4442e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 75569ab05b14903d-FRA
GET H/1.1	200 OK	id Show response dpm.demdex.net/	4 KB 2 KB	211ms 39ms	XHR application/json	79.125.44.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1664977595008 Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-44-37.eu-west-1.compute.amazonaws.com Software / Resource Hash 74e43011fd9e142d096d65e185f773f87d8a86ddc4054aa11e74ef2fa4f75d29 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers DCS dcs-prod-irl1-2-v044-0cad15b9d.edge-irl1.demdex.com 4 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID W/pNB5JGSRU= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.thomsonreuters.com Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 1331 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	EXae70bb9edaa44c4ba5127bb69de145a6-libraryCode_source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/	45 KB 17 KB	8ms 7ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/EXae70bb9edaa44c4ba5127bb69de145a6-libraryCode_source.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash fd924e7b3774a8fa2872a09019aa94a576f79d0ee24f14fb653a51f612e50d18 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip last-modified Thu, 15 Sep 2022 18:52:29 GMT server AkamaiNetStorage etag "77ee74d5bbc1c7685d9daae29d8cf862:1663267949.25603" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 16757 expires Wed, 05 Oct 2022 14:46:35 GMT
GET H2	200	AppMeasurement_Module_AudienceManagement.min.js Show response assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/	25 KB 9 KB	8ms 8ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js Requested by Host: assets.adobedtm.com URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers unused62 8096267 date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip last-modified Mon, 14 Feb 2022 16:35:31 GMT server AkamaiNetStorage etag "26a8cd142b539700557eb4710c3d56bd:1644856531.982003" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control no-cache accept-ranges bytes timing-allow-origin * content-length 8753 expires Wed, 05 Oct 2022 14:46:35 GMT
GET H2	200	hotjar-1846625.js Show response static.hotjar.com/c/	7 KB 3 KB	49ms 15ms	Script application/javascript	108.138.17.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1846625.js?sv=6 Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.17.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-17-117.fra56.r.cloudfront.net Software / Resource Hash 343a5418e65c6a8300935c6e1709ef3bf7510fd99d5693bb323ca2bd3d567949 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:45:54 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P7 age 41 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/dfe0f1cf6b57641522b6e85770c3ea11 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 x-amz-cf-id MV0GZv7NSH6h4dLdV3S_75abrKuQzAwqoaBTHXLTNn5871Nec992nw==
GET H2	200	en.json Show response cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/	409 KB 65 KB	27ms 26ms	Fetch application/x-javascript	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 TscT8/g6J4N6PovEsmWNuQ== age 6742 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 66415 x-ms-lease-status unlocked last-modified Mon, 11 Jul 2022 12:46:32 GMT server cloudflare etag 0x8DA633B622C3708 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 412d5dae-701e-003f-543b-956f3a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 75569ab14c249b22-FRA expires Wed, 05 Oct 2022 17:46:35 GMT
OPTIONS H2	200	anonymous sdk.split.io/api/mySegments/ Frame	0 0	52ms 8ms	Preflight	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,splitsdkversion Access-Control-Request-Method GET Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-allow-origin https://www.thomsonreuters.com access-control-max-age 7200 allow HEAD,GET,OPTIONS,POST,PUT,DELETE content-length 37 date Wed, 05 Oct 2022 13:46:35 GMT retry-after 0 server Varnish vary Cookie via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-hhn4040-HHN x-timer S1664977595.264195,VS0,VE0
OPTIONS H2	200	splitChanges sdk.split.io/api/ Frame	0 0	18ms 7ms	Preflight	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,splitsdkversion Access-Control-Request-Method GET Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS access-control-allow-origin https://www.thomsonreuters.com access-control-max-age 7200 allow HEAD,GET,OPTIONS,POST,PUT,DELETE content-length 37 date Wed, 05 Oct 2022 13:46:35 GMT retry-after 0 server Varnish vary Cookie via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-hhn4040-HHN x-timer S1664977595.264293,VS0,VE0
GET H2	200	anonymous Show response sdk.split.io/api/mySegments/	17 B 393 B	17ms 10ms	Fetch application/json	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/mySegments/anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95 Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 SplitSDKVersion javascript-10.19.1 Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip via 1.1 varnish, 1.1 varnish date Wed, 05 Oct 2022 13:46:35 GMT age 235128 x-cache HIT, HIT content-length 37 x-request-id 2bdwjtvwcv7 x-served-by cache-iad-kcgs7200079-IAD, cache-hhn4040-HHN x-timer S1664977595.281983,VS0,VE1 etag "1000002--gzip" vary Accept-Encoding, Authorization trace cache-iad-kcgs7200166-IAD-a7228e71-f5b0-4315-846e-be57036d354b; cache-hhn4074-HHN-2edf86cc-5f75-4500-834e-8fee7b08026c content-type application/json access-control-allow-origin * cache-control no-transform, max-age=60, s-maxage=60 accept-ranges bytes x-cache-hits 15, 1
GET H2	200	splitChanges Show response sdk.split.io/api/	268 KB 18 KB	19ms 11ms	Fetch application/json	151.101.131.9 FASTLY
General Check archive.org Show headers Download Go to Full URL https://sdk.split.io/api/splitChanges?since=-1 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.131.9 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 6bdd85b774d2bf075bd0b25ce7a4c5ba80936df16a9fe10e10929ee4ebb6fe3d Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubDomains Request headers Accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 SplitSDKVersion javascript-10.19.1 Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/json Response headers strict-transport-security max-age=15770000; includeSubDomains content-encoding gzip via 1.1 varnish, 1.1 varnish date Wed, 05 Oct 2022 13:46:35 GMT age 40 x-cache MISS, HIT content-length 18562 x-request-id 2bhsiko5ndx x-served-by cache-iad-kjyo7100072-IAD, cache-hhn4040-HHN last-modified Mon, 03 Oct 2022 15:34:20 GMT x-timer S1664977595.281997,VS0,VE2 etag "437589517--gzip" vary Origin, Accept-Encoding, Authorization content-type application/json trace cache-iad-kjyo7100072-IAD-4d6b6835-3d3d-4ee8-bce3-9e122f696270; cache-hhn4082-HHN-e34f29ac-1f7f-4e43-aa14-b347ee31bccc access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin,X-Request-ID cache-control no-transform, max-age=60, s-maxage=60 accept-ranges bytes x-cache-hits 0, 1
GET H/1.1	200 OK	pendo.js Show response cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/	462 KB 143 KB	71ms 8ms	Script application/javascript	2600:9000:223f:8600:1f:aa31:7740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:8600:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash 27dfe65667390717df7600a23d199d1b19c136fce83262c880fc47a80e9ec937 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Date Wed, 05 Oct 2022 13:40:51 GMT Content-Encoding gzip Via 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-P5 Age 344 X-GUploader-UploadID ADPycdvnKCUqk12DRF-N1OFlUdPPLnkQH0POC-Y9HY42OaNasQUnMmrYkRDYdB3MhvicTTslMiLOiHuldJgAUpFIcMmz3pIBLsNd X-Cache Hit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip Connection keep-alive Content-Length 145573 Last-Modified Mon, 03 Oct 2022 18:17:28 GMT Server UploadServer ETag "53677551eecad4ca5996a5079f6c16a5" Vary Accept-Encoding x-goog-generation 1664821048068077 Content-Type application/javascript Access-Control-Allow-Origin * x-goog-hash crc32c=Jbmp4A==, md5=U2d1Ue7K1MpZlqUHn2wWpQ== Access-Control-Expose-Headers * Cache-Control max-age=450 x-goog-stored-content-length 145573 Accept-Ranges bytes X-Amz-Cf-Id LWyfyVskZ_VB4fgbAzakBw_U61iXeHjeyuP2RqsLPvvQO_x9LkZ69A== Expires Wed, 05 Oct 2022 13:48:21 GMT
GET H2	200	1.4ffe6f3c.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	25 KB 8 KB	10ms 10ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/1.4ffe6f3c.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 662e24137e9b792b6af90e6c6cef7e793a8f222ef915083cb588b2fe4bf94493 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:08 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:22 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85168 etag W/"3dcd87d41d154a1d09fb53c7ae19961a" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id rJwZO_Leqqc3z-5cyogtkBvmTE2gwVc4w3UvYMFiakRiIHn5WBcd3g==
GET H2	200	2.5292a700.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	28 KB 9 KB	12ms 9ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/2.5292a700.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 56898cc470f2fcbd6036b5afbdfa93006158019299cdcd799dba9563d1f79197 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:08 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:25 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85168 etag W/"e3dc1f016559466babd3bde2bfb1b105" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id ieXeSvPsMuGHmBiDBtjoiPJxUtgmLMZtDpdKy6eIy3EX5gWxurt2cg==
GET H2	200	3.ca3e1aee.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	15 KB 5 KB	13ms 11ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/3.ca3e1aee.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a8e0ee891d0040d6f5956ac76f30fbb288f27873f047bfc241cec13a5d3cf2c3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:40:50 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:26 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 40684 etag W/"f828f21854df3683d31e97cbd9d2b19c" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id ZbqU84AEIHB0qxn-12PbkOGz1mUgarrJ4kd1trzDEfj3to_hkvX8FQ==
GET H2	200	5.bd9e5b5b.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	13 KB 4 KB	31ms 29ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/5.bd9e5b5b.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8e53fe6649f453daba7c473dd18d62dc9dc9af1d6f615c4a565dcbe64ebfcb7e Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:52 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:29 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74144 etag W/"a4e8cc0639f726ebb25e1697fbe981b2" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id rqpmgdS3t620pMS3Pf-Le93mhHB23pQGQEyP45uXFAaAMyxgl_lhUQ==
GET H2	200	components-app.5e5b88cd.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/	10 KB 2 KB	14ms 12ms	Stylesheet text/css	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/components-app.5e5b88cd.chunk.css Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 796cb06ee58031725c1e52381d088d466d5a39bf33edac738eb0550bf1631a4d Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:40:50 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:20 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 61301 etag W/"fb4428df67ebe1302ce46e4e38292592" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css cache-control max-age=86400,immutable x-amz-cf-id Q8faOXQjcRIGzlfsn_ZF-Xe-uuCvqK4v34ibv9wDWZJT1SDbVN7qyw==
GET H2	200	components-app.e61ef1ef.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	3 MB 640 KB	15ms 14ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/components-app.e61ef1ef.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 130b1a23d1d5bbb80e5656aa911877688fce89010723ef5cb7b6afc39e47811a Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:40:50 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 40684 etag W/"5ea25ed6731226e2f3fa3324aaa55784" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id -bClEVAmkqAWNLTEix65QjPwLsYwXWXpSbtLzl_fz214iLmZfS097w==
GET H2	200	interact-localizaion-provider.3980853a.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	3 KB 2 KB	29ms 29ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/interact-localizaion-provider.3980853a.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 18ae26db4be59992df2f1cfae71d73aa785f055409b3bd0cc33711964c59de2c Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:52 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:37 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74144 etag W/"2050e519c3b5974e4102ccc438eafd15" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id qReq3wPCPVETIbv4CtDN_1-oRnlrBlYV626zk3MX775sf2VXdXflhQ==
GET H2	200	952.c768d195.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	2 KB 1 KB	65ms 65ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/952.c768d195.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 322d8d85bf8b6094018272a53957cc3a68063f552590867cba627915470957b6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:08 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:36 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85168 etag W/"33c60685a5bff584bf385261780065d6" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id nERxI15mUBLjXTQDVGMfLDjFxI5spy8biXUBRLGzgKjhwfrH6uiLXw==
GET H2	200	947.93beaf5e.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	8 KB 4 KB	65ms 65ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/947.93beaf5e.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 129dec9e9b5e2e0a823a428212668914afd65b60eaf92ad7748df72189fab588 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:40:50 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:36 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 16034 etag W/"bb7e38b7a4dedf4988ef8bf86f7420d4" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id gpHtH4_tK8JgMn1yGnao_-o1Am_hO100uUKfWjwbeaeYG072PxQL6g==
GET H2	200	951.6b7cf164.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	2 KB 1 KB	65ms 64ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/951.6b7cf164.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 57809c17c85435c9d4702b43dc8ffbec020718e05a243971ae9b341a94ba6f64 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:08 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:36 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85168 etag W/"df755e341b63bcb5b6749a7a5616d6bc" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id cup6FzoTLL5EDwWAogzBIuLMxnZ4EgUoqTtN0_J9aXpSBFxq8Ac_qQ==
GET H2	200	946.0e035bee.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	2 KB 1 KB	64ms 62ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/946.0e035bee.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 30589f5c6b8c01d5eb885e142641d11b03e2f7b3eb107f446660fdad8fa118cd Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:52 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:36 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74144 etag W/"061a1ff45dcd4ad09c5d5bb6b5072198" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id DX0bK2wfU-iqcWeH9mQbD3i-ApX7nH4g3Jab8eWKn9IHLJFsv3OHmQ==
GET H/1.1	200 OK	dest5.html Show response westthomson.demdex.net/ Frame 36E0	7 KB 3 KB	161ms 53ms	Document text/html	54.229.34.254 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomson.demdex.net/dest5.html?d_nsid=0 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.229.34.254 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-34-254.eu-west-1.compute.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.thomsonreuters.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 2791 Content-Type text/html;charset=UTF-8 DCS dcs-prod-irl1-1-v044-0c2abce33.edge-irl1.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID 9sPPCueKRtw= content-encoding gzip date Wed, 5 Oct 2022 13:46:35 GMT last-modified Thu, 29 Sep 2022 16:18:55 GMT vary accept-encoding
GET H2	200	id Show response westthomsoncom.sc.omtrdc.net/	2 B 272 B	104ms 23ms	XHR application/x-javascript	13.36.218.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=21020361826685403572792685048679008858&ts=1664977595310 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-36-218-177.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 05 Oct 2022 13:46:35 GMT x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://www.thomsonreuters.com p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=Yz2KuwAAAHfbUwN- dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=21095179616811292352786868269069909132 https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz2KuwAAAHfbUwN-	42 B 942 B	33ms 33ms	Image image/gif	79.125.44.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz2KuwAAAHfbUwN- Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol HTTP/1.1 Server 79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-44-37.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v044-020c6b503.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID MhnMurSiTXc= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yz2KuwAAAHfbUwN- Date Wed, 05 Oct 2022 13:46:35 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
POST H2	200	delivery Show response westservicesinc.tt.omtrdc.net/rest/v1/	358 B 788 B	142ms 70ms	XHR application/json	13.36.218.177 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=3ec4f27826024b12b6183ad96b7e848e&version=2.9.0 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-36-218-177.eu-west-3.compute.amazonaws.com Software jag / Resource Hash 0c2cc63720928948c9e090e51465a5be12d118c2505c38aa573bc5d73e103f57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type text/plain Response headers date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip x-content-type-options nosniff accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List server jag vary origin,access-control-request-method,access-control-request-headers,accept-encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://www.thomsonreuters.com cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true timing-allow-origin * x-xss-protection 1; mode=block x-request-id 50cc005e-76ce-438e-93e0-c538fe6c658e
GET H2	200	auth Show response auth.split.io/api/v2/	696 B 1 KB	103ms 102ms	Fetch application/json	54.225.196.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/v2/auth?users=anonymous Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.225.196.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-225-196-15.compute-1.amazonaws.com Software / Resource Hash e0c2679b1f14fb96ddbc3e174ee7e64b11fb2abbbbfd878da2a5d071097622af Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept application/json Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 SplitSDKVersion javascript-10.19.1 Authorization Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/json Response headers date Wed, 05 Oct 2022 13:46:35 GMT strict-transport-security max-age=15770000; includeSubdomains access-control-allow-methods GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.thomsonreuters.com access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion content-length 696
OPTIONS H2	200	auth auth.split.io/api/v2/ Frame	0 0	327ms 101ms	Preflight application/json	54.225.196.15 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://auth.split.io/api/v2/auth?users=anonymous Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.225.196.15 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-225-196-15.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15770000; includeSubdomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type,splitsdkversion Access-Control-Request-Method GET Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion access-control-allow-methods GET, OPTIONS access-control-allow-origin https://www.thomsonreuters.com content-length 4 content-type application/json; charset=utf-8 date Wed, 05 Oct 2022 13:46:35 GMT strict-transport-security max-age=15770000; includeSubdomains
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.16.0/assets/	12 KB 3 KB	37ms 37ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 DKM3/i+7h7Fs8cEMor3s2A== age 10598 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2938 x-ms-lease-status unlocked last-modified Thu, 06 May 2021 19:30:47 GMT server cloudflare etag 0x8D910C572DA86E8 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id bec2c92d-801e-002a-669c-2cada3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 75569ab318169b22-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/6.16.0/assets/	62 KB 15 KB	33ms 32ms	Fetch application/json	2606:4700::6810:9440 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcCenter.json Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 YaY1oSnUSTaZJLZwfr9VDQ== age 2398 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14978 x-ms-lease-status unlocked last-modified Thu, 06 May 2021 19:30:47 GMT server cloudflare etag 0x8D910C5734D5AA0 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 3ad90e27-101e-012b-7ce5-29ea0b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 75569ab328199b22-FRA
GET H2	200	modules.cbd9768ba80ba0be5b17.js Show response script.hotjar.com/	254 KB 65 KB	80ms 9ms	Script application/javascript	52.222.236.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-63.fra56.r.cloudfront.net Software / Resource Hash 5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 18:47:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 68369 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 66229 last-modified Tue, 04 Oct 2022 18:46:48 GMT etag "483a48bedf96c50163b542fb95446039" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id OCTeyc8yxVGYhkgIu1boTfKaoMmz6NQV_Drh6-8aroLgkIoEcispNg==
GET H2	200	box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response vars.hotjar.com/ Frame CD80	2 KB 1 KB	42ms 7ms	Document text/html	18.66.147.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.147.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-147-116.fra60.r.cloudfront.net Software / Resource Hash 867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers Referer https://www.thomsonreuters.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 101907 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 04 Oct 2022 09:28:08 GMT etag "f6a9ca04b0687ea3c0d98e8430c8c77b" last-modified Tue, 04 Oct 2022 07:09:34 GMT strict-transport-security max-age=2592000; includeSubDomains vary Accept-Encoding via 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront) x-amz-cf-id NJZUgGNu1yPdMHZSdvLNFPsxC076eR9uperm8yIkOWkw1QDtseZLlg== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-robots-tag none
GET H2	200	knowledge2017-black-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	39 KB 39 KB	36ms 16ms	Font binary/octet-stream	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Mon, 09 May 2022 09:13:37 GMT via 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 12889979 x-cache Hit from cloudfront content-length 39444 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "3327c2a7977db98e49b5369fcafc658c" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id -xFS9n7-cH7nacNb3whEL6cbI9NwayVDcgHyCH4f-SQA57t61U5AtA==
GET H2	200	knowledge2017-regular-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	28ms 10ms	Font binary/octet-stream	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221 Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 01 Jun 2022 20:42:58 GMT via 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 10861418 x-cache Hit from cloudfront content-length 39408 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "de994d71a311e3119703dd67ef632f04" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id HVWFVqcAZimyz3NbrVIjG5wByoegw4vNnSqbMOf0eV90iHsW9Dhb5A==
GET H2	200	css fonts.googleapis.com/	2 KB 917 B	43ms 18ms	Stylesheet text/css	2a00:1450:4001:806::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 05 Oct 2022 13:46:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 05 Oct 2022 12:23:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 05 Oct 2022 13:46:35 GMT
GET H2	200	1057.e01e5d8f.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	188 KB 42 KB	9ms 8ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/1057.e01e5d8f.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6aa06343da62d1e38d9f208fe420f6cc0aa15779cb3e3648a55dbe3f7367c65 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 14:07:09 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:23 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 85167 etag W/"b5554f8a1ebe591e2fa5cc3e69757c19" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id gqoOFHh-Y6vyih7ambgU8VM-eGjflcp1HycPEFeh3qezbbFax8YCEg==
GET H2	200	0.9542fd26.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	20 KB 6 KB	9ms 8ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/0.9542fd26.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7a51e26bc2bd7bef2ed47902280f3c626340621d5b12e21421770a540b549dca Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:40:51 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:22 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74143 etag W/"84930af746a038a7affe7dc6f0d31aa6" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id LMR46cPel3M2qx5NtpMRqL85ICNdONmQiTJMPzOuHX9t-yysx5bIYQ==
GET H2	200	7.e3bcf318.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	189 KB 45 KB	9ms 8ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/7.e3bcf318.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1dafcb779f5e1876c26aa85ad6ecdb50fca632a9c7f98c8e0d3610dc207afcf3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:40:51 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:33 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 16033 etag W/"ae4b231c2613560d068161cca7dc5c55" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id ezkf_wJIwQ-X6WH7qjzFsBGKgy-u74kckEwdMwcHu68I5T9GKkR1Zg==
GET H2	200	925.05e4b7e4.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	21 KB 8 KB	12ms 12ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/925.05e4b7e4.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5b52e97e8c5041c40c428717d32926e4f8a36e8c304d3b9ed0bd313865012005 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:53 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:36 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74143 etag W/"be6318553cd8080ef34859bc531de24f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id N4nDnFS33nl92JQP_DVZAgyaE3L7HVXhWYK6X5x_dNoLMGr7BddCaA==
GET H2	200	867.a692f9b6.chunk.css app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/	5 KB 2 KB	14ms 14ms	Stylesheet text/css	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/867.a692f9b6.chunk.css Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8ca89c8020ffc6e60c06e25b81017d656dd6c2a293ea389ac46984aa4a5d83d7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:53 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:18 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74143 etag W/"48b4ab8837c2d563a11bc6402205dfe2" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/css cache-control max-age=86400,immutable x-amz-cf-id WS7OxcNxYbgbwa_3NAscyfUI0RoG2RS6lQGfxHOx3h4MBuQ9vHvEEQ==
GET H2	200	867.bd354b61.chunk.js Show response app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/	36 KB 11 KB	12ms 12ms	Script application/javascript	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/867.bd354b61.chunk.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash af73013ba317ce8722d1f28a716cc930c46aff7f0d12276fa241fe527284ffd6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:10:53 GMT content-encoding br via 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront) last-modified Thu, 22 Sep 2022 22:06:35 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 74143 etag W/"063f4fab1a41ae5ac8f54158762c7b96" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400,immutable x-amz-cf-id Qc1RGalUiPqxbVqFxMZx10gw8HvqtoGgdPuOGLoGhHmT1rS1_ViyvA==
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	13 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	974 B 1 KB	43ms 19ms	Script text/javascript	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 745a4a489740bd75eb167559dd324a1d58ed2df01cf1db1f543a174ae12397f8 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 615 x-xss-protection 1; mode=block expires Wed, 05 Oct 2022 13:46:36 GMT
GET H2	451	365868.gif idsync.rlcdn.com/ Frame 36E0	0 98 B	76ms 18ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/365868.gif?partner_uid=21095179616811292352786868269069909132 Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:36 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	translations.interact.en_us.json Show response www.thomsonreuters.com/content/ue-settings/endpointsMapping/	214 KB 61 KB	16ms 16ms	Fetch application/json	2600:9000:2490:dc00:1b:b66f:bac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:dc00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash 355f5e20ba5534345e562f9c927aa454f9fc5a9379c4c1ac8f8eb58bc24c61cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://www.thomsonreuters.com/en-us/account/billing/guest/pay adrum isAjax:true accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-dispatcher dispatcher1useast1 date Wed, 05 Oct 2022 13:40:51 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip via 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P6 x-vhost www.thomsonreuters.com x-cache Hit from cloudfront age 345 content-length 61514 x-ua-compatible IE=edge server Apache x-frame-options SAMEORIGIN vary Accept-Encoding,User-Agent content-type application/json;charset=utf-8 x-amz-cf-id BAccbjhe51a7BQP9VSpnJYQMyWGHdkUyqLe3GYkxGpUJ3b1sL6znng==
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/	392 KB 157 KB	95ms 23ms	Script text/javascript	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.thomsonreuters.com/ Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Sat, 01 Oct 2022 15:17:11 GMT content-encoding gzip x-content-type-options nosniff age 340165 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 160114 x-xss-protection 0 last-modified Mon, 26 Sep 2022 04:02:34 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 01 Oct 2023 15:17:11 GMT
GET H2	451	365868.gif idsync.rlcdn.com/ Frame 36E0	0 42 B	17ms 16ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/365868.gif?partner_uid=21095179616811292352786868269069909132 Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:36 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	knowledge2017-light-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	9ms 8ms	Font binary/octet-stream	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Sun, 08 May 2022 20:37:18 GMT via 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 12935359 x-cache Hit from cloudfront content-length 39336 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "9423006fb52301a35a4ce76f99e114af" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id tuORQahEbRmZcqVJCYFkuoWheqJPw7I3ihdDxytDbnqEOG4OGWc2nQ==
GET H2	200	knowledge2017-medium-webfont.woff2 app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/	38 KB 39 KB	10ms 10ms	Font binary/octet-stream	2600:9000:236e:2000:15:d837:3240:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:2000:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d Request headers Referer https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/css/app-main.a58c7c62.chunk.css Origin https://www.thomsonreuters.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Sat, 28 May 2022 08:11:10 GMT via 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 11252127 x-cache Hit from cloudfront content-length 39304 last-modified Tue, 08 Dec 2020 19:37:11 GMT server AmazonS3 etag "20dca63d8ee3254b712c7171ae987713" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type binary/octet-stream access-control-allow-origin * cache-control max-age=365000000,immutable vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id wArYiRqu7Cqvfmr4piURIERARjcntcZvlwSJ6CN4UefqkD5vzqB5hQ==
GET H3	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 5FD2	42 KB 22 KB	57ms 34ms	Document text/html	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6b41a78bb8b5b4e509af9c85074f56b52397bc3d8cdcd33ed2c9f0398021d6b3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-WCsXNa6afkf9qqWGJpr7fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.thomsonreuters.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22053 content-security-policy script-src 'report-sample' 'nonce-WCsXNa6afkf9qqWGJpr7fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 05 Oct 2022 13:46:36 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame 36E0	70 B 265 B	119ms 38ms	Image image/gif	35.71.131.137 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.thomsonreuters.com&ttd_tpi=1 Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.131.137 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type image/gif pragma no-cache date Wed, 05 Oct 2022 13:46:36 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 5FD2	52 KB 24 KB	65ms 20ms	Stylesheet text/css	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 29 Sep 2022 20:08:24 GMT content-encoding gzip x-content-type-options nosniff age 495492 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Mon, 26 Sep 2022 04:02:34 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 29 Sep 2023 20:08:24 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 5FD2	392 KB 156 KB	82ms 38ms	Script text/javascript	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Sat, 01 Oct 2022 15:17:11 GMT content-encoding gzip x-content-type-options nosniff age 340165 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 160114 x-xss-protection 0 last-modified Mon, 26 Sep 2022 04:02:34 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 01 Oct 2023 15:17:11 GMT
GET H/1.1	200 OK	ibs:dpid=1175&&dpuuid=BacQTAv1QUse9UAYVqEOHAKjFU4epxMdAKBPM5i9 dpm.demdex.net/ Frame 36E0 Redirect Chain https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=BacQTAv1QUse9UAYVqEOHAKjFU4epxMdAKBPM5i9	42 B 942 B	36ms 36ms	Image image/gif	79.125.44.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=BacQTAv1QUse9UAYVqEOHAKjFU4epxMdAKBPM5i9 Requested by Host: www.thomsonreuters.com URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Protocol HTTP/1.1 Server 79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-44-37.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v044-05525f3f4.edge-irl1.demdex.com 5 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID NGArf2lERlk= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 05 Oct 2022 13:46:36 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=BacQTAv1QUse9UAYVqEOHAKjFU4epxMdAKBPM5i9 cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 5FD2	2 KB 2 KB	20ms 19ms	Image image/png	2a00:1450:400d:807::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 29 Sep 2022 09:16:38 GMT x-content-type-options nosniff age 534598 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 06 Oct 2022 09:16:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5FD2	15 KB 16 KB	87ms 24ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Thu, 29 Sep 2022 21:19:52 GMT x-content-type-options nosniff age 491204 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Sep 2023 21:19:52 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 5FD2	15 KB 15 KB	93ms 30ms	Font font/woff2	2a00:1450:400d:80a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Tue, 04 Oct 2022 17:57:25 GMT x-content-type-options nosniff age 71351 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 04 Oct 2023 17:57:25 GMT
GET H/1.1	200 OK	ibs:dpid=22052&dpuuid=3630538860721078407 dpm.demdex.net/ Frame 36E0 Redirect Chain https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3630538860721078407	42 B 942 B	33ms 33ms	Image image/gif	79.125.44.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3630538860721078407 Protocol HTTP/1.1 Server 79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-44-37.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers DCS dcs-prod-irl1-2-v044-0eb4cc283.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID UhuN1somQgg= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers pragma no-cache date Wed, 05 Oct 2022 13:46:36 GMT via 1.1 google server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type text/html; charset=utf-8 location https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3630538860721078407 p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 185 expires 0,Thu, 06 Oct 2022 09:46:36 GMT
GET H3	200	webworker.js www.google.com/recaptcha/enterprise/ Frame 5FD2	102 B 134 B	18ms 17ms	Other text/javascript	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:36 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Wed, 05 Oct 2022 13:46:36 GMT
GET H2	200	RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/	818 B 748 B	9ms 9ms	Script application/x-javascript	2a02:26f0:3500:587::1e80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ab1a98e195c0/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash f0908b5d060ffd0a2a143b6eff456a30d7ad388b8eaae960af83e83c321ff347 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:36 GMT content-encoding gzip last-modified Thu, 15 Sep 2022 18:52:29 GMT server AkamaiNetStorage etag "77ee74d5bbc1c7685d9daae29d8cf862:1663267949.25603" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin https://www.thomsonreuters.com cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 478 expires Wed, 05 Oct 2022 14:46:36 GMT
GET H2	200	/ Show response zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/	7 KB 4 KB	136ms 48ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60f7c0aff340255db420c2baac717706ea36d65d75eaf6bdd9c0af9d1589e531 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 70880 cf-polished origSize=8487 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"2127-l5Gx21KbUGZeWN0qsgITl80ZyWc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abd38049162-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	user bttrack.com/dmp/adobe/ Frame 36E0	35 B 263 B	431ms 95ms	Image image/gif	192.132.33.46 BIDTELLECT
General Check archive.org Show headers Download Go to Show image Full URL https://bttrack.com/dmp/adobe/user?dd_uuid=21095179616811292352786868269069909132 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US), Reverse DNS 46.bidtellect.com Software Microsoft-IIS/8.5 / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers x-servername Track004-iad pragma no-cache date Wed, 05 Oct 2022 13:45:48 GMT x-aspnetmvc-version 5.2 server Microsoft-IIS/8.5 x-aspnet-version 4.0.30319 content-type image/gif p3p CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC" cache-control private,no-cache content-length 35 expires -1
GET H2	200	adrum-ext.54a9a330b6d789bd61edecd89332c15b.js Show response cdn.appdynamics.com/	51 KB 20 KB	239ms 13ms	Script application/javascript	143.204.89.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.appdynamics.com/adrum-ext.54a9a330b6d789bd61edecd89332c15b.js Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-10.fra50.r.cloudfront.net Software nginx/1.16.1 / Resource Hash d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Sun, 18 Sep 2022 05:41:06 GMT content-encoding gzip via 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 age 1497931 x-cache Hit from cloudfront last-modified Fri, 11 Dec 2020 18:05:04 GMT server nginx/1.16.1 etag W/"5fd3b4d0-cc03" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=2678400, s-max-age=14400 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id 5qQ8SgvTvUUjv74vW9uM5BS4SjVtulVpaihw5m5xe92Efek7nFgT0A==
GET H/1.1	200 OK	ibs:dpid=121998&dpuuid= dpm.demdex.net/ Frame 36E0 Redirect Chain https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=21095179616811292352786868269069909132?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=21095179616811292352786868269069909132?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} https://dpm.demdex.net/ibs:dpid=121998&dpuuid=	42 B 960 B	31ms 31ms	Image image/gif	79.125.44.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=121998&dpuuid= Protocol HTTP/1.1 Server 79.125.44.37 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-79-125-44-37.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v044-0ea413a51.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID 6/XfdKxaRQY= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private X-Error 300,104 Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers expires 0 pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://dpm.demdex.net/ibs:dpid=121998&dpuuid= cache-control no-cache x-server 10.45.10.188 content-length 0 x-consent absent
GET H2	200	11.49f0b3e462d2d1363ad2.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	61 KB 19 KB	40ms 39ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/11.49f0b3e462d2d1363ad2.chunk.js?Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 711e4f7ae971755ded70fdcb76fb9d44e4ed166b0c94380d0cf9f876168b3c6e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 47078 cf-polished origSize=63474 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Sep 2022 22:49:47 GMT cf-bgj minify server cloudflare etag W/"f7f2-18381245af8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abd88aa9162-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
POST H3	200	reload Show response www.google.com/recaptcha/enterprise/ Frame 5FD2	33 KB 19 KB	188ms 188ms	XHR application/json	2a00:1450:4001:800::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 023d422f641105ab579282c763c849ac9498ca4aaf338737d02682840fa4ba1a Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&cb=njidhosthje9 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/x-protobuffer Response headers date Wed, 05 Oct 2022 13:46:37 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19220 x-xss-protection 1; mode=block expires Wed, 05 Oct 2022 13:46:37 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXoyS3V3QUFBSGZiVXdOLQ== https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXoyS3V3QUFBSGZiVXdOLQ==&google_tc=	170 B 188 B	91ms 45ms	Image image/png	142.251.39.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXoyS3V3QUFBSGZiVXdOLQ==&google_tc= Protocol H3 Server 142.251.39.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS bud02s38-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXoyS3V3QUFBSGZiVXdOLQ==&google_tc= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 345 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yz2KuwAAAHfbUwN-&expires=90	0 239 B	59ms 11ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yz2KuwAAAHfbUwN-&expires=90 Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 611afce88997db6fdd35eb213e662871 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers x-served-by cache-hhn4070-HHN pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT via 1.1 varnish server Varnish x-timer S1664977597.251688,VS0,VE0 x-cache HIT location https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yz2KuwAAAHfbUwN-&expires=90 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
POST H2	200	Targeting.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	9 KB 2 KB	61ms 61ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 730c5ab133a3bff49dca166abe4ed25711e9929e218a9cc017df8e511cff5115 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin https://www.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id ddf5772ac19e4874 cf-ray 75569abeebf49162-FRA timing-allow-origin *
POST H2	200	verifyCaptcha Show response api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/	22 B 1 KB	158ms 157ms	Fetch application/json	2600:9000:223c:a600:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a600:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55 Request headers Accept application/json, text/plain, */* Referer https://www.thomsonreuters.com/ Accept-Language de-DE,de;q=0.9 Authorization Bearer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-Type application/json Response headers accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 authorization Bearer sec-fetch-dest empty cloudfront-viewer-country DE x-tr-cloudfront-api-gateway d1uy6ivt6fb41q cloudfront-forwarded-proto https pragma no-cache host api.thomsonreuters.com cloudfront-viewer-asn 201011 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD content-type application/json access-control-allow-origin * accept application/json, text/plain, */* referer https://www.thomsonreuters.com/ cache-control no-cache access-control-allow-headers sec-fetch-mode cors date Wed, 05 Oct 2022 13:46:37 GMT via 1.1 78625398098865017bd1106f5a87345e.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront) origin https://www.thomsonreuters.com cloudfront-is-desktop-viewer true x-amz-cf-pop FRA56-P2 x-forwarded-for 2a01:4a0:2b::8, 64.252.86.77 x-cache Miss from cloudfront x-forwarded-proto https content-length 22 cloudfront-is-smarttv-viewer false x-tr-verify-origin RRlNeRgX96JQHZ-wOfFIJ cloudfront-is-mobile-viewer false user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 access-control-max-age 3628800 cloudfront-is-tablet-viewer false sec-fetch-site same-site x-forwarded-port 443 x-amz-cf-id oJbLh4pP9XN9E0UtvjcvNGuB_FYpQGXOvbJgjkVZOrrq78DpM6TrAQ==
OPTIONS H2	200	verifyCaptcha api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame	0 0	180ms 37ms	Preflight	2600:9000:223c:a600:16:3030:f80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:a600:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://www.thomsonreuters.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers accept */* accept-encoding gzip, deflate, br access-control-allow-credentials true access-control-allow-headers authorization, content-type access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3628800 access-control-request-headers authorization,content-type access-control-request-method POST cache-control no-cache cloudfront-forwarded-proto https cloudfront-is-desktop-viewer true cloudfront-is-mobile-viewer false cloudfront-is-smarttv-viewer false cloudfront-is-tablet-viewer false cloudfront-viewer-asn 201011 cloudfront-viewer-country DE content-length 0 date Wed, 05 Oct 2022 13:46:37 GMT host api.thomsonreuters.com origin https://www.thomsonreuters.com pragma no-cache referer https://www.thomsonreuters.com/ sec-fetch-dest empty sec-fetch-mode cors sec-fetch-site same-site user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 via 1.1 c65432f67aada8913e44bd025281bff4.cloudfront.net (CloudFront), 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront) x-amz-cf-id QKQWuFwZ8RU7pctF0PlNB0v1v-9rQn4T9acDmkjZ7PRvm87uWOJDMg== x-amz-cf-pop FRA56-P2 x-cache Miss from cloudfront x-forwarded-for 2a01:4a0:2b::8, 64.252.87.149 x-forwarded-port 443 x-forwarded-proto https x-tr-cloudfront-api-gateway d1uy6ivt6fb41q x-tr-verify-origin RRlNeRgX96JQHZ-wOfFIJ
GET H2	200	CoreModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	102 KB 32 KB	32ms 32ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29f66cd58ab7a9a6fb498dff8ee00de9d546098b9f7f98d4e3f8ddf4eaa8f7cc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 38653 cf-polished origSize=105183 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Sep 2022 22:49:47 GMT cf-bgj minify server cloudflare etag W/"19adf-18381245af8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abf5ceb9162-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yz2KuwAAAHfbUwN- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yz2KuwAAAHfbUwN-&C=1	43 B 766 B	9ms 9ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yz2KuwAAAHfbUwN-&C=1 Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 13:46:37 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Wed, 05 Oct 2022 13:46:37 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=88&external_user_id=Yz2KuwAAAHfbUwN-&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H2	200	4.089a920b5f7cd88395b8.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	2 KB 910 B	34ms 34ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/4.089a920b5f7cd88395b8.chunk.js?Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 133e6986ed172e215083a620f66c879557cc205bfecd9324ac9ab6002da1eb39 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 47072 cf-polished origSize=2539 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Sep 2022 22:49:47 GMT cf-bgj minify server cloudflare etag W/"9eb-18381245af8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abfbdd79162-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	1.835255fa57a989ccfebe.chunk.js Show response siteintercept.qualtrics.com/dxjsmodule/	28 KB 7 KB	41ms 40ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/1.835255fa57a989ccfebe.chunk.js?Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=web&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9888651ad0d8e5c44006b55fadce3b677c890480ae464b84be2f416585d2a6bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 149346 cf-polished origSize=29568 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Sep 2022 22:49:47 GMT cf-bgj minify server cloudflare etag W/"7380-18381245af8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abfbdd99162-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	FeedbackButtonModule.js Show response siteintercept.qualtrics.com/dxjsmodule/	64 KB 24 KB	48ms 48ms	Script application/javascript	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b5aceeabb3acd528746d88da082a178e77658bbeea164b0f382469c6e23b8de Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 22823 cf-polished origSize=66295 edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 27 Sep 2022 22:49:47 GMT cf-bgj minify server cloudflare etag W/"102f7-18381245af8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800 permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abfbddb9162-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept timing-allow-origin *
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	1 KB 786 B	75ms 54ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=27&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers expires Sat, 02 Oct 2032 13:40:52 GMT date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 345 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Wed, 05 Oct 2022 13:40:52 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abfdd956922-FRA servershortname
GET H2	200	Asset.php Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	2 KB 1 KB	68ms 47ms	XHR application/json	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=22&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=webAdobeLaunch Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers expires Fri, 01 Oct 2032 19:51:14 GMT date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 64523 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" edge-control max-age=604800 referrer-policy strict-origin-when-cross-origin last-modified Tue, 04 Oct 2022 19:51:14 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * cache-control public, max-age=604800, s-maxage=604800, max-age=315360000 access-control-allow-credentials false permissions-policy camera=(), geolocation=(), microphone=() cf-ray 75569abfdd9a6922-FRA servershortname
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D https://ib.adnxs.com/setuid?entity=158&code=Yz2KuwAAAHfbUwN- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYz2KuwAAAHfbUwN-	43 B 1 KB	10ms 10ms	Image image/gif	37.252.173.62 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYz2KuwAAAHfbUwN- Protocol HTTP/1.1 Server 37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Pragma no-cache Date Wed, 05 Oct 2022 13:46:37 GMT AN-X-Request-Uuid bf8bf591-1d4b-4fbd-843c-6882e5f38a62 Server nginx/1.21.3 Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive X-Proxy-Origin 81.95.5.37; 81.95.5.37; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Wed, 05 Oct 2022 13:46:37 GMT AN-X-Request-Uuid 8941d105-5302-4da2-8a38-403f1377e106 Server nginx/1.21.3 Content-Type text/html; charset=utf-8 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYz2KuwAAAHfbUwN- Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 81.95.5.37; 81.95.5.37; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	/ Show response siteintercept.qualtrics.com/WRSiteInterceptEngine/	45 B 221 B	136ms 136ms	XHR text/plain	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.78.1&Q_CLIENTTYPE=webAdobeLaunch&r=1664977597480 Requested by Host: app-data.gcs.trstatic.net URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v13.2.8/static/js/841.af1c46de.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.thomsonreuters.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload referrer-policy strict-origin-when-cross-origin cf-cache-status DYNAMIC content-encoding br x-content-type-options nosniff server cloudflare vary Accept-Encoding content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.thomsonreuters.com cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true permissions-policy camera=(), geolocation=(), microphone=() trace-id 597c9d432cc9dbd2 cf-ray 75569ac04e746922-FRA
GET H2	200	wr-dialog-close-btn-black.png siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/	256 B 550 B	34ms 33ms	Image image/png	104.17.209.240 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.thomsonreuters.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers expires Thu, 26 Feb 2032 16:15:51 GMT date Wed, 05 Oct 2022 13:46:37 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 18912646 cf-polished origSize=757 p3p CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE" x-envoy-upstream-service-time 6 content-length 256 referrer-policy strict-origin-when-cross-origin last-modified Wed, 23 Feb 2022 00:33:55 GMT cf-bgj imgq:85,h2pri server cloudflare vary Accept-Encoding content-type image/png cache-control max-age=315360000, public accept-ranges bytes cf-ray 75569ac04f429162-FRA trace-id 0f438752c2e165b3 servershortname
GET H2	200	sd us-u.openx.net/w/1.0/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yz2KuwAAAHfbUwN-	43 B 273 B	204ms 17ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yz2KuwAAAHfbUwN- Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers x-served-by cache-hhn4070-HHN pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT via 1.1 varnish server Varnish x-timer S1664977598.559787,VS0,VE0 x-cache HIT location https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yz2KuwAAAHfbUwN- cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yz2KuwAAAHfbUwN-	0 225 B	104ms 20ms	Image text/html	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yz2KuwAAAHfbUwN- Protocol H2 Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Wed, 05 Oct 2022 13:46:37 GMT cache-control no-store, no-cache, private content-encoding gzip server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers x-served-by cache-hhn4070-HHN pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT via 1.1 varnish server Varnish x-timer S1664977598.662690,VS0,VE0 x-cache HIT location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yz2KuwAAAHfbUwN- cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yz2KuwAAAHfbUwN-&img=1 https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yz2KuwAAAHfbUwN-&img=1&__user_check__=1&sync_id=22496ed7-44b4-11ed-8909-1f932c7f0206	43 B 548 B	26ms 26ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yz2KuwAAAHfbUwN-&img=1&__user_check__=1&sync_id=22496ed7-44b4-11ed-8909-1f932c7f0206 Protocol HTTP/1.1 Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Date Wed, 05 Oct 2022 13:46:37 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 38 Connection keep-alive Content-Length 43 Redirect headers Date Wed, 05 Oct 2022 13:46:37 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Location /partner?adv_id=6409&uid=Yz2KuwAAAHfbUwN-&img=1&__user_check__=1&sync_id=22496ed7-44b4-11ed-8909-1f932c7f0206 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 103 Connection keep-alive Content-Length 0
GET H2	200	b.php www.facebook.com/fr/ Frame 36E0 Redirect Chain https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yz2KuwAAAHfbUwN-&t=2592000&o=0	43 B 576 B	380ms 34ms	Image image/gif	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yz2KuwAAAHfbUwN-&t=2592000&o=0 Protocol H2 Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers date Wed, 05 Oct 2022 06:46:38 PDT content-encoding br x-content-type-options nosniff strict-transport-security max-age=15552000; preload document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-fb-rlafr 0 pragma public x-fb-debug fjuuFg9kvmkjpGSSUnWDhdetlASZenRSkTK6HQtAqZ6Ibkz5fwanGLtoaGJO7CAvR4sBRSwUD9LaRX5Qqqhkeg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type image/gif cache-control public, max-age=0 priority u=3,i expires Wed, 05 Oct 2022 06:46:38 PDT Redirect headers x-served-by cache-hhn4070-HHN pragma no-cache date Wed, 05 Oct 2022 13:46:37 GMT via 1.1 varnish server Varnish x-timer S1664977598.862633,VS0,VE0 x-cache HIT location https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yz2KuwAAAHfbUwN-&t=2592000&o=0 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H/1.1	204 NO CONTENT	/ partner.mediawallahscript.com/ Frame 36E0	0 232 B	318ms 29ms	Image text/html	99.80.48.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=21095179616811292352786868269069909132&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.80.48.23 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-80-48-23.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://westthomson.demdex.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36 Response headers Expires 0 Pragma no-cache Date Wed, 05 Oct 2022 13:46:38 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx/1.20.0 Connection keep-alive Content-Type text/html; charset=UTF-8