www.thomsonreuters.com Open in urlscan Pro
2600:9000:2490:ee00:1b:b66f:bac0:93a1  Public Scan

Submitted URL: https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Effective URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Submission: On August 09 via api from US — Scanned from DE

Summary

This website contacted 39 IPs in 7 countries across 32 domains to perform 94 HTTP transactions. The main IP is 2600:9000:2490:ee00:1b:b66f:bac0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.thomsonreuters.com. The Cisco Umbrella rank of the primary domain is 55385.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 27th 2022. Valid for: a year.
This is the only time www.thomsonreuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:249... 16509 (AMAZON-02)
2 2600:9000:249... 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
22 2600:9000:224... 16509 (AMAZON-02)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 151.101.67.9 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
2 34.198.165.208 14618 (AMAZON-AES)
5 34.248.26.113 16509 (AMAZON-02)
1 108.138.17.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 52.215.111.225 16509 (AMAZON-02)
1 13.36.218.177 16509 (AMAZON-02)
1 1 34.242.156.102 16509 (AMAZON-02)
1 52.30.241.123 16509 (AMAZON-02)
1 52.222.236.122 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.40 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 34.255.240.59 16509 (AMAZON-02)
1 18.66.112.19 16509 (AMAZON-02)
1 52.213.138.32 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
8 104.17.208.240 13335 (CLOUDFLAR...)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 143.204.89.10 16509 (AMAZON-02)
1 1 34.111.234.236 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 54.216.202.57 16509 (AMAZON-02)
8 8 151.101.194.49 54113 (FASTLY)
1 2 142.250.185.226 15169 (GOOGLE)
3 104.17.209.240 13335 (CLOUDFLAR...)
1 69.173.144.138 26667 (RUBICONPR...)
1 2 104.18.19.126 13335 (CLOUDFLAR...)
1 2 37.252.173.27 29990 (ASN-APPNEX)
1 35.244.159.8 15169 (GOOGLE)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 52.50.240.127 16509 (AMAZON-02)
94 39
Apex Domain
Subdomains
Transfer
22 trstatic.net
app-data.gcs.trstatic.net — Cisco Umbrella Rank: 28903
1 MB
11 qualtrics.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 789
90 KB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 816
sync-tm.everesttech.net — Cisco Umbrella Rank: 623
2 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
367 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
westthomson.demdex.net — Cisco Umbrella Rank: 29317
9 KB
6 split.io
sdk.split.io — Cisco Umbrella Rank: 3075
auth.split.io — Cisco Umbrella Rank: 3511
18 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 434
176 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 642
script.hotjar.com — Cisco Umbrella Rank: 770
vars.hotjar.com — Cisco Umbrella Rank: 803
in.hotjar.com — Cisco Umbrella Rank: 1526
ws14.hotjar.com — Cisco Umbrella Rank: 56939
70 KB
5 thomsonreuters.com
ue.thomsonreuters.com
www.thomsonreuters.com — Cisco Umbrella Rank: 55385
api.thomsonreuters.com — Cisco Umbrella Rank: 128861
58 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
42 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 413
115 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 516
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
852 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 728
587 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 309
107 B
2 omtrdc.net
westthomsoncom.sc.omtrdc.net — Cisco Umbrella Rank: 121453
westservicesinc.tt.omtrdc.net — Cisco Umbrella Rank: 151772
1 KB
1 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 1415
232 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
571 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 869
225 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 396
273 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
239 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 736
380 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1492
343 B
1 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 2370
20 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 465
489 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 381
265 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2143
257 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
917 B
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 888
141 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 730
432 B
94 32
Domain Requested by
22 app-data.gcs.trstatic.net www.thomsonreuters.com
app-data.gcs.trstatic.net
10 siteintercept.qualtrics.com app-data.gcs.trstatic.net
8 sync-tm.everesttech.net 8 redirects
6 cdn.cookielaw.org www.thomsonreuters.com
cdn.cookielaw.org
app-data.gcs.trstatic.net
5 dpm.demdex.net app-data.gcs.trstatic.net
www.thomsonreuters.com
4 www.gstatic.com app-data.gcs.trstatic.net
www.google.com
www.gstatic.com
4 www.google.com app-data.gcs.trstatic.net
www.google.com
www.gstatic.com
4 sdk.split.io app-data.gcs.trstatic.net
4 assets.adobedtm.com www.thomsonreuters.com
app-data.gcs.trstatic.net
2 sync.search.spotxchange.com 1 redirects
2 ib.adnxs.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 cm.g.doubleclick.net 1 redirects
2 sync.crwdcntrl.net 2 redirects
2 api.thomsonreuters.com app-data.gcs.trstatic.net
2 fonts.gstatic.com www.google.com
2 idsync.rlcdn.com www.thomsonreuters.com
2 auth.split.io app-data.gcs.trstatic.net
2 www.thomsonreuters.com app-data.gcs.trstatic.net
1 partner.mediawallahscript.com
1 www.facebook.com
1 image2.pubmatic.com
1 us-u.openx.net
1 pixel.rubiconproject.com
1 bttrack.com
1 ml314.com 1 redirects
1 cdn.appdynamics.com app-data.gcs.trstatic.net
1 pixel.quantserve.com 1 redirects
1 zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com app-data.gcs.trstatic.net
1 match.adsrvr.org www.thomsonreuters.com
1 ws14.hotjar.com app-data.gcs.trstatic.net
1 vc.hotjar.io app-data.gcs.trstatic.net
1 in.hotjar.com app-data.gcs.trstatic.net
1 vars.hotjar.com app-data.gcs.trstatic.net
1 script.hotjar.com app-data.gcs.trstatic.net
1 westservicesinc.tt.omtrdc.net app-data.gcs.trstatic.net
1 cm.everesttech.net 1 redirects
1 westthomsoncom.sc.omtrdc.net app-data.gcs.trstatic.net
1 westthomson.demdex.net app-data.gcs.trstatic.net
1 fonts.googleapis.com client
1 static.hotjar.com app-data.gcs.trstatic.net
1 cdn.pendo.io app-data.gcs.trstatic.net
1 geolocation.onetrust.com cdn.cookielaw.org
1 ue.thomsonreuters.com 1 redirects
94 44

This site contains links to these domains. Also see Links.

Domain
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
onetrust.com
Subject Issuer Validity Valid
www.thomsonreuters.com
COMODO RSA Organization Validation Secure Server CA
2022-06-27 -
2023-06-27
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
app-data.gcs.trstatic.net
COMODO RSA Organization Validation Secure Server CA
2022-07-11 -
2023-07-11
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-12-24 -
2023-01-25
a year crt.sh
cdn.pendo.io
Amazon
2022-07-30 -
2023-08-28
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-17 -
2023-03-07
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-11 -
2022-10-12
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.hotjar.io
Amazon
2022-07-18 -
2023-08-16
a year crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-04 -
2023-05-04
a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-17 -
2023-07-22
a year crt.sh
api.thomsonreuters.com
COMODO RSA Organization Validation Secure Server CA
2022-07-01 -
2023-07-01
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-21 -
2023-04-20
a year crt.sh
*.mediawallahscript.com
Amazon
2022-05-04 -
2023-06-01
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Frame ID: D3CA8994D67A89DC91C8051112674D39
Requests: 67 HTTP requests in this frame

Frame: https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: C8266A63312A9359B9A9AC3D096750A2
Requests: 17 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: ECFC32B6C33AD441F94994807CAE1D86
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Frame ID: 4347D70C6F3351A858EDD767812F2D4A
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Pay without signing in | Thomson ReutersBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://ue.thomsonreuters.com/en-us/account/billing/guest/pay HTTP 301
    https://www.thomsonreuters.com/en-us/account/billing/guest/pay Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

94
Requests

87 %
HTTPS

32 %
IPv6

32
Domains

44
Subdomains

39
IPs

7
Countries

2575 kB
Transfer

9869 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ue.thomsonreuters.com/en-us/account/billing/guest/pay HTTP 301
    https://www.thomsonreuters.com/en-us/account/billing/guest/pay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://cm.everesttech.net/cm/dd?d_uuid=27852797533145174982832266529328462879 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvJQYQAAAMH5TgMx
Request Chain 69
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=kvm5wZH76cGJ_enBx6nywsH-65WJ_b7AnahSC1lC
Request Chain 72
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629215436871565425
Request Chain 78
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=27852797533145174982832266529328462879?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=27852797533145174982832266529328462879?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Request Chain 80
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXZKUVlRQUFBTUg1VGdNeA== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXZKUVlRQUFBTUg1VGdNeA==&google_tc=
Request Chain 86
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvJQYQAAAMH5TgMx&expires=90
Request Chain 89
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJQYQAAAMH5TgMx HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJQYQAAAMH5TgMx&C=1
Request Chain 90
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YvJQYQAAAMH5TgMx HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvJQYQAAAMH5TgMx
Request Chain 91
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvJQYQAAAMH5TgMx
Request Chain 92
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvJQYQAAAMH5TgMx
Request Chain 93
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvJQYQAAAMH5TgMx&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvJQYQAAAMH5TgMx&img=1&__user_check__=1&sync_id=42d974c1-17dd-11ed-ad38-14604df00506
Request Chain 94
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvJQYQAAAMH5TgMx&t=2592000&o=0

94 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pay
www.thomsonreuters.com/en-us/account/billing/guest/
Redirect Chain
  • https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
  • https://www.thomsonreuters.com/en-us/account/billing/guest/pay
5 KB
3 KB
Document
General
Full URL
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ee00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
9a1de58cc92b203b13e7b9369963bddcabb9a8bed635b805c0c96d6a060e336f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15
cache-control
max-age=86400
content-disposition
inline
content-encoding
gzip
content-length
1858
content-type
text/html;charset=utf-8
date
Tue, 09 Aug 2022 12:17:21 GMT
etag
"1344-5e56c5f42df40-gzip"
expires
Wed, 10 Aug 2022 12:17:21 GMT
last-modified
Thu, 04 Aug 2022 15:55:01 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-id
eiYP6yqwCXzOz7YbM4h5pEj1WG5p0Vt2tZWVup87p0p7YQ0ft-vfTA==
x-amz-cf-pop
FRA56-P6
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-dispatcher
dispatcher2useast1
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-vhost
www.thomsonreuters.com

Redirect headers

cache-control
max-age=86400
content-length
270
content-type
text/html; charset=iso-8859-1
date
Tue, 09 Aug 2022 12:17:36 GMT
expires
Wed, 10 Aug 2022 12:17:36 GMT
location
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
x-amz-cf-id
WRUSmIdzzmvB5Xl_VelmCLZtnld_efEsVE5rftTnmBfE_vLoKQJEfg==
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 12:17:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
9c22IGK2T1KyARgpJHRGhw==
age
13361
vary
Accept-Encoding
content-length
7101
x-ms-lease-status
unlocked
last-modified
Fri, 05 Aug 2022 08:01:52 GMT
server
cloudflare
etag
0x8DA76B8C1F98BBC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7d253c5b-601e-0002-08bb-a8da1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73806dfdea079b6e-FRA
bootstrap.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/
182 KB
52 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/bootstrap.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fae83b55eae52250dd38c43a3b098b79becf0ecfe8907b0c5772e6824f286918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:21:00 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:24 GMT
server
AmazonS3
age
57397
etag
W/"38677ff6ed536bb6cbbfdc1274592f29"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
EMEA9CFf_8u_us2w21XgOef2OGy6AzgOMS8US1ciGdILyT51co6vJA==
143d5191-c678-49f6-8ac0-376dfe324de7.json
cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/143d5191-c678-49f6-8ac0-376dfe324de7.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
A9gHZn55h3f5NJaBoJG35A==
age
13323
vary
Accept-Encoding
content-length
1661
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 12:46:07 GMT
server
cloudflare
etag
0x8DA633B52D706CE
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b6f8a47d-801e-0143-4a3f-95b45a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73806dfe7e289bbf-FRA
expires
Tue, 09 Aug 2022 16:17:37 GMT
launch-f185a872eb60.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/
317 KB
88 KB
Script
General
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:597::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:08 GMT
server
AkamaiNetStorage
etag
"d352069223c4b31c3d2f628b829b8a1b:1649342348.617182"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
90003
expires
Tue, 09 Aug 2022 13:17:37 GMT
825.ca455d95.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
1 MB
360 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4538ac0cfe407054edfec11d8d2dc638ea5bd27df1f6e7bacfade66d3554695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 07:44:42 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:36 GMT
server
AmazonS3
age
16376
etag
W/"bd04b6fce069e9ad1fe58a13dae4b434"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
qytpVYxe24pcgz0BFAelFTw2-j53-Qlnu8caQiBO_D-nrHsbPDQl1g==
app-main.4f8b704c.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/
377 KB
56 KB
Stylesheet
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d899ddf4c8a3c5c47ef57aa4b5ac660065f0d7edf0e6f9b7a52b1fd7c5db278

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:08:53 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:26 GMT
server
AmazonS3
age
525
etag
W/"5a755094e9296ade30acd62547bc06ed"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
eHtUBbV17XGtsgTes9mWUfQfdAMQQDGfRI2GC8E-l7Nm8s0IMfhOJw==
app-main.3c3fd19e.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
581 KB
126 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/app-main.3c3fd19e.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16be1c2967d54e00278b7984b75e3d8ab81afbfd28e71207bd6c582a0e882914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 15:31:20 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 09:01:39 GMT
server
AmazonS3
age
74778
etag
W/"91d083d6a28d1646bb30e2167e706530"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
2mhzvpfuw2ynCq_UjkGxf8kRl9v04sYK94lvtKU-qouYmhmG2acP9g==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
153 B
432 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
73806dfeff069261-FRA
access-control-allow-headers
Content-Type
anonymous
sdk.split.io/api/mySegments/ Frame
0
0
Preflight
General
Full URL
https://sdk.split.io/api/mySegments/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Tue, 09 Aug 2022 12:17:37 GMT
retry-after
0
server
Varnish
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4068-HHN
x-timer
S1660047457.314576,VS0,VE0
splitChanges
sdk.split.io/api/ Frame
0
0
Preflight
General
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Tue, 09 Aug 2022 12:17:37 GMT
retry-after
0
server
Varnish
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4068-HHN
x-timer
S1660047457.314546,VS0,VE0
anonymous
sdk.split.io/api/mySegments/
17 B
264 B
Fetch
General
Full URL
https://sdk.split.io/api/mySegments/anonymous
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
91545
x-cache
HIT, HIT
content-encoding
gzip
content-length
37
x-request-id
296qrczmays
x-served-by
cache-iad-kjyo7100100-IAD, cache-hhn4068-HHN
x-timer
S1660047457.340016,VS0,VE1
date
Tue, 09 Aug 2022 12:17:37 GMT
vary
Origin, Accept-Encoding, Authorization
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200035-IAD-9aa465c9-e0d2-4d27-a509-c020814861a7; cache-hhn4041-HHN-8cd37c89-2e91-4600-aca1-9901608b07af
accept-ranges
bytes
x-cache-hits
1, 1
splitChanges
sdk.split.io/api/
260 KB
17 KB
Fetch
General
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5aff160a1f678c92184dd85c68600b785d273cb23683d58763b2d7ae8fe96fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
content-encoding
gzip
etag
"-1199598777--gzip"
age
15
x-cache
MISS, HIT
content-length
16881
via
1.1 varnish, 1.1 varnish
x-request-id
2989957r4et
x-served-by
cache-iad-kiad7000023-IAD, cache-hhn4068-HHN
last-modified
Fri, 05 Aug 2022 21:22:06 GMT
x-timer
S1660047457.339977,VS0,VE2
date
Tue, 09 Aug 2022 12:17:37 GMT
vary
Origin, Accept-Encoding, Authorization
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kiad7000023-IAD-7a46f48f-5d2b-4e1e-a4ae-de6645126c2f; cache-hhn4043-HHN-dba02876-afbc-4b28-8086-147ec5a9ecce
accept-ranges
bytes
x-cache-hits
0, 1
pendo.js
cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/
456 KB
141 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
73b3e94622e546b9fa06d6e9e2a5056cfd3963676e2bef64c7c456adf7fc6704

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 12:17:37 GMT
Content-Encoding
gzip
Age
16
X-GUploader-UploadID
ADPycdvNqCVZOTBIeGbfrpYuFbaTkX6kgib_i2oz73FkI-Wxu247SrIlP_5d7kvr_qLg2feSndM9GzJGzbvuvMFQp5hg-bxL8KVM
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
143854
Access-Control-Allow-Origin
*
Last-Modified
Fri, 05 Aug 2022 19:14:53 GMT
Server
UploadServer
ETag
"7eba69422824c1cd0ba5ee1263419bc5"
Vary
Accept-Encoding
x-goog-hash
crc32c=UXwuKQ==, md5=frppQigkwc0Lpe4SY0GbxQ==
x-goog-generation
1659726893113642
Via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
143854
X-Amz-Cf-Pop
FRA56-P5
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
M4OYVI2y4uoaKGcXeJYH3eiOMTKuVt9tbnNRoMB4sPtyOTYeSei4_w==
Expires
Tue, 09 Aug 2022 12:24:51 GMT
1.1689bb4d.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
25 KB
8 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/1.1689bb4d.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60911940d14c0c28edeea187dbaa819be4c3edc04c878eed1295e04481cda7c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:26 GMT
server
AmazonS3
age
12381
etag
W/"f90f092865176f64117d66bd74998e5a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
_1qGIGTuwG3knyf9AUL6rHak420z0b6fImeNQbNFYuNulogVLxBpWQ==
2.c0a27255.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
28 KB
9 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/2.c0a27255.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a70507ec2c853430062b85b09eee4400f249a73784274e8d6dc577db595e84d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:28 GMT
server
AmazonS3
age
12381
etag
W/"00c1afa4f37b73c28f3397adc8012365"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
p84A1QC0s9wCrgRx79zeUDcle5X8yniIK_jgsUmzZU-5NsqoveT65w==
3.d0029289.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
15 KB
5 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/3.d0029289.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5733a26e043b6b3e4881fc87a475e001bc064bb8ea4d188c64d186dbc451b87b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:29 GMT
server
AmazonS3
age
12381
etag
W/"4804cae6271c3d8ca46ebd573a9adcf2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
PenqP-QDdvLglgn5SdO4s0_5Fw7Dms8SoQcp2BJvMFoKbD5LSkNZWw==
6.5de735db.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
13 KB
4 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/6.5de735db.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d85c205abc28cbb519d6ad2a0f69645354be91ff88768db7453d3da1cd1cc914

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:33 GMT
server
AmazonS3
age
12381
etag
W/"badad19d0851b9b58b6eb4d51da762a8"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
yv7V3GcqzyKjP32OiWAS4S9_6_3IriLCMeGY9DsfeOvAPKmVv4lWiQ==
components-app.a6becbae.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/
10 KB
2 KB
Stylesheet
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/components-app.a6becbae.chunk.css
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32d81bf0b62655c81b3dc9c48ce9f63c955417280f2c0f653185fa51433311bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:26 GMT
server
AmazonS3
age
12381
etag
W/"1734b7a6d316e98f4f6a6f63d068c544"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
hby_ddk88gXD7lvKzmjS0qWQAiOTgqOZ7C-D29xNsK5lXgJUr8IF4w==
components-app.181146dc.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
3 MB
627 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/components-app.181146dc.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2213623bb5e82d4dce30cd8caae6bd0b8c2c515268819b5b8f67a1833cb2f3d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:39 GMT
server
AmazonS3
age
12381
etag
W/"44757058aae5811f83549a5208d03852"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
nTW55D5AvEsSPQDf1U0KYWzCg0aHB68DtaAmZapXs9cm-GAiSNYkNw==
interact-localizaion-provider.a33c4b3f.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
3 KB
2 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/interact-localizaion-provider.a33c4b3f.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a01df7c93f410ff7a7e62e8fc02504dc54cd8ea10f5c5b84eac6b2a0850f1478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:39 GMT
server
AmazonS3
age
12381
etag
W/"33409cecafeea503976ff78b237f0d88"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
TXqk9RgpGkIfCWepJ8zwNQn-Vbecla_vKwCneqVrZ7Ol2qmAz1f1rg==
932.d897cda9.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
2 KB
1 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/932.d897cda9.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8305795b776c76b5e217b66c2d5d9839d16a204c68139d33265bfedc9dfc02c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:38 GMT
server
AmazonS3
age
12381
etag
W/"8e4a77cd14b35311bacb6ffdc91b0bbd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
bLVrfdhTpB0XCuyiEYiQHcHoc1nrNwvFhQQ4c71Ihlotb40MPSmJuA==
927.d520e25b.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
8 KB
4 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/927.d520e25b.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3778b49855d7ebaf5d1948623c501d5d578d7a0d237a93f12f93a8f297f172c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:08:54 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:38 GMT
server
AmazonS3
age
524
etag
W/"0d86dc46c059e43bc587695f84198fe4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
SZwfBQuCzV3XzS9jFrGt2Lwr_UC8dghGxSVYXm15KShju_BG7gKrIw==
931.54ab26e9.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
2 KB
1 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/931.54ab26e9.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b66f9b029211596a6fa79a1db0f81af0d963142750ecceef30525ccf8359dbdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:38 GMT
server
AmazonS3
age
12381
etag
W/"e7f1396cca175dc2367b4298862b3e6e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
G7ybhHKDsmK301LT6gOL-rspOIznmM-wxZp-JX3vTI2iTFwF4U-uqQ==
926.8c798f4d.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
2 KB
1 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/926.8c798f4d.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a1cf258f604f22cf17359279315bac92ae131ecd679f7211e59f31bc83d5712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:38 GMT
server
AmazonS3
age
12381
etag
W/"896fc56c686d29bcd5fc8b9a28bca2c9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
-LntoaC6IGKJpFGVTaY-esfjQ3d4PFBYLbdizkbggSWbZHoYEeCjYQ==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.16.0/
374 KB
83 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dGCXlveaBvO7BI0nfZKP+g==
age
237
vary
Accept-Encoding
content-length
85065
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:31:04 GMT
server
cloudflare
etag
0x8D910C57D52F14C
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1b57f3ba-101e-0146-1681-134025000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73806e000d289b6e-FRA
auth
auth.split.io/api/v2/ Frame
0
0
Preflight
General
Full URL
https://auth.split.io/api/v2/auth?users=anonymous
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.165.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-165-208.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
content-length
4
content-type
application/json; charset=utf-8
date
Tue, 09 Aug 2022 12:17:37 GMT
strict-transport-security
max-age=15770000; includeSubdomains
auth
auth.split.io/api/v2/
696 B
1 KB
Fetch
General
Full URL
https://auth.split.io/api/v2/auth?users=anonymous
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.165.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-165-208.compute-1.amazonaws.com
Software
/
Resource Hash
627d82e6f88abffdbcbf58641772691b42ccbfa9261f5a657da472625e859c2c
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.19.1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
strict-transport-security
max-age=15770000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thomsonreuters.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length
696
id
dpm.demdex.net/
4 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1660047457320
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
fb0934a67fc09549429ca885425bda635b18a56b09c6f5fc266c7c062e37e875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v038-0b8e60313.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
54ol1GLrQZg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thomsonreuters.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1312
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/
45 KB
17 KB
Script
General
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:597::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:09 GMT
server
AkamaiNetStorage
etag
"60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16755
expires
Tue, 09 Aug 2022 13:17:37 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:597::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"66be6e24d6b0c77126d28b9abcd4eb38:1634593036.81505"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8761
expires
Tue, 09 Aug 2022 13:17:37 GMT
hotjar-1846625.js
static.hotjar.com/c/
7 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1846625.js?sv=6
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-83.fra56.r.cloudfront.net
Software
/
Resource Hash
1afe1e3ca6d140358d37643a791f30fb9a07f7977e17ff6ae29a977ec0b583d1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
16
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/d78ca59299e183bf292dea608c719ea5
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
TZzjrWp22IHZ4sG2Ty9sp7DEh2705nAARF-6OzKWAv0JBW0d3fJ9rQ==
en.json
cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/
409 KB
65 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TscT8/g6J4N6PovEsmWNuQ==
age
13170
vary
Accept-Encoding
content-length
66415
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 12:46:32 GMT
server
cloudflare
etag
0x8DA633B622C3708
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
412d5dae-701e-003f-543b-956f3a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73806e00aacf9bbf-FRA
expires
Tue, 09 Aug 2022 16:17:37 GMT
css
fonts.googleapis.com/
2 KB
917 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 11:53:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 12:17:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 12:17:37 GMT
1035.c0c9c5bd.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
168 KB
38 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/1035.c0c9c5bd.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef14a263b48a01e2260c5383d81a22ddcd5f5f139379add2649c16f6148a3cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 08:51:17 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:26 GMT
server
AmazonS3
age
12380
etag
W/"efb0f8d2dbb8f9fdb077ffd10727fa99"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
TZZrbPatQsOfJ-qnWiEzlyQwbIQrwCMImson-eqqgA6jsv2cUFU7RA==
877.acee92e9.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/877.acee92e9.chunk.css
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f4204c9ad7b923bd04b724a4ec819b3d732f3e7a1e4ac6c64f20c5a118a9c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:25 GMT
server
AmazonS3
age
16372
etag
W/"552ff47a2c5c006934f1889827891ee4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
IV7t_JTB3nbEUHKwS73jlGaDMkr4wrwIoAArM48uLY7sA127ttf_0Q==
877.d7b180f9.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/
23 KB
8 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/877.d7b180f9.chunk.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80de657d3b32d908643ae89f7ae05969f84e653dc552427025a7686f909cc5fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
br
last-modified
Wed, 20 Jul 2022 09:01:37 GMT
server
AmazonS3
age
16372
etag
W/"42545e8922051ee98f370420ba6c64d0"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
wySgaPIzFjF6EOBGYeyDMrYfCEBWROjXhAVic0BsY9OkI76L3WEgMw==
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
38 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 20:42:58 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5931280
x-cache
Hit from cloudfront
content-length
39408
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"de994d71a311e3119703dd67ef632f04"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
JCyaAQM0yG1df8pBPMsJOE2R7KsJ37lXu7xfACK34LJPD-zJLqNXXA==
enterprise.js
www.google.com/recaptcha/
974 B
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a2d168a979b563a664718348f462dd659009c60fbb35473bab0ec5f036eef44d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
617
x-xss-protection
1; mode=block
expires
Tue, 09 Aug 2022 12:17:37 GMT
dest5.html
westthomson.demdex.net/ Frame C826
7 KB
3 KB
Document
General
Full URL
https://westthomson.demdex.net/dest5.html?d_nsid=0
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.111.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-111-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v038-09764aab8.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
VGHsnI6UTcU=
content-encoding
gzip
date
Tue, 9 Aug 2022 12:17:37 GMT
last-modified
Wed, 3 Aug 2022 11:53:45 GMT
vary
accept-encoding
id
westthomsoncom.sc.omtrdc.net/
2 B
322 B
XHR
General
Full URL
https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=27950822530965153722820193220207528649&ts=1660047457613
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-pvwkk
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YvJQYQAAAMH5TgMx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=27852797533145174982832266529328462879
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvJQYQAAAMH5TgMx
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvJQYQAAAMH5TgMx
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v038-040ebce15.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
j6v+4aoXSFo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YvJQYQAAAMH5TgMx
Date
Tue, 09 Aug 2022 12:17:37 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
westservicesinc.tt.omtrdc.net/rest/v1/
358 B
726 B
XHR
General
Full URL
https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=83ff95729f09479aaf56d3000abe99bc&version=2.7.0
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.241.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-241-123.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ed28649f105f04de8fec66a67b1baf720de4a721cff99492939219f55db485b4

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thomsonreuters.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
7faa57133813dff66102c038dd17576b
otFlat.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/
12 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
DKM3/i+7h7Fs8cEMor3s2A==
age
8571
vary
Accept-Encoding
content-length
2938
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:30:47 GMT
server
cloudflare
etag
0x8D910C572DA86E8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9de90fd5-601e-00e7-3a86-18c8eb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73806e024de29bbf-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.16.0/assets/
62 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcCenter.json
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YaY1oSnUSTaZJLZwfr9VDQ==
age
8571
vary
Accept-Encoding
content-length
14978
x-ms-lease-status
unlocked
last-modified
Thu, 06 May 2021 19:30:47 GMT
server
cloudflare
etag
0x8D910C5734D5AA0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2251dced-a01e-001f-7abe-4f03f6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
73806e024de59bbf-FRA
modules.0e32ccb9bfd67090f5ca.js
script.hotjar.com/
249 KB
64 KB
Script
General
Full URL
https://script.hotjar.com/modules.0e32ccb9bfd67090f5ca.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 16:18:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
417570
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64991
access-control-allow-origin
*
last-modified
Thu, 04 Aug 2022 16:17:15 GMT
etag
"1c50abd15784ee393d3fe4003e188eef"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
kM5QveTMal_6qLitUQMe1j4S4X35S1E2llkP4Dam_zLWRPWTlKeX-Q==
translations.interact.en_us.json
www.thomsonreuters.com/content/ue-settings/endpointsMapping/
189 KB
53 KB
Fetch
General
Full URL
https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ee00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
08796442f80b7d0963ccae5f840a6428826805f0af05a115f6d4d55e2cef0771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
adrum
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-dispatcher
dispatcher2useast1
date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P6
x-vhost
www.thomsonreuters.com
x-cache
Miss from cloudfront
vary
Accept-Encoding,User-Agent
content-length
53899
x-ua-compatible
IE=edge
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-id
EBLxz6mOkROLTSLiIYdm-y-dmMgkv9rwj8GpQHl-uzvMfOc4Ky5cxg==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/
387 KB
155 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thomsonreuters.com/
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158422
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 12:14:15 GMT
knowledge2017-black-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
39 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 09 May 2022 09:13:37 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7959841
x-cache
Hit from cloudfront
content-length
39444
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"3327c2a7977db98e49b5369fcafc658c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
H1CkWY5zafyVcgN1iXYzW_2L6gqgQcd3Xw4tUKV5YDgQGlwRSOO1AA==
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
38 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 08 May 2022 20:37:18 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
8005220
x-cache
Hit from cloudfront
content-length
39336
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"9423006fb52301a35a4ce76f99e114af"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
VIZQIQ5RAO7cUcd-fls_m9PE_o8_BP8WVssVsww-48gzN297sjuxEA==
knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
38 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:7800:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/css/app-main.4f8b704c.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sat, 28 May 2022 08:11:10 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
6321988
x-cache
Hit from cloudfront
content-length
39304
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"20dca63d8ee3254b712c7171ae987713"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
BEhXoVWg9FVgcH_fAUxfwVIlnYEPs68t8ZBBZwBduKJNN_f05uTmgQ==
box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
vars.hotjar.com/ Frame ECFC
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-40.fra60.r.cloudfront.net
Software
/
Resource Hash
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
685770
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Aug 2022 13:48:07 GMT
etag
"b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified
Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
x-amz-cf-id
7EbFjgHJ3P6MSt4xaaJdscLWrxI9Ok5AH3Q6tKSpWmH1N2aXvH_Fyg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
anchor
www.google.com/recaptcha/enterprise/ Frame 4347
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03a49fb97c0e005dae80c6b0ae20513b87eb1618a9cab6de6c7724573b9a4f8a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gvAf37Sz0qfmN20NIPx8MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22265
content-security-policy
script-src 'report-sample' 'nonce-gvAf37Sz0qfmN20NIPx8MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 12:17:37 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
365868.gif
idsync.rlcdn.com/ Frame C826
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=27852797533145174982832266529328462879
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
visit-data
in.hotjar.com/api/v2/client/sites/1846625/
147 B
322 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.240.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-240-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
1846625
vc.hotjar.io/sessions/
0
257 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/1846625?s=0.25&r=0.025477988112234895
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-19.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
keJeiVa7Ecn3gmjWmixl2rxS82wNAHROUU4PmDA5OSfwqNBBJ25Rkg==
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 4347
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 09:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 09:36:58 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 4347
387 KB
155 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158422
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 12:14:15 GMT
365868.gif
idsync.rlcdn.com/ Frame C826
0
9 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=27852797533145174982832266529328462879
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content
ws14.hotjar.com/api/v2/sites/1846625/recordings/
66 B
257 B
XHR
General
Full URL
https://ws14.hotjar.com/api/v2/sites/1846625/recordings/content
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.138.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-138-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1aeb12b30267413bfa7009511c9bbfdcb7b81b4cb3be828b88148b621d9164e0

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4347
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
580670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 09 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4347
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 17:06:41 GMT
x-content-type-options
nosniff
age
587457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Aug 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4347
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 22:21:19 GMT
x-content-type-options
nosniff
age
50179
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 4347
102 B
133 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Tue, 09 Aug 2022 12:17:38 GMT
generic
match.adsrvr.org/track/cmf/ Frame C826
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/
818 B
746 B
Script
General
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:597::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8f8b4e66310f27eda90f44c558f8715554a45a03d3756ea8942fd6af21b29d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:09 GMT
server
AkamaiNetStorage
etag
"60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
476
expires
Tue, 09 Aug 2022 13:17:38 GMT
/
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/
7 KB
4 KB
Script
General
Full URL
https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec257a4d2f39fe07e7cf09412780b279902144ec2416a1e0cb42134122c7386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
151227
cf-polished
origSize=8435
cf-ray
73806e076dd368fe-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-CMMhJnXT5jIcMtDJb7gcUs5OEAo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
ibs:dpid=1175&&dpuuid=kvm5wZH76cGJ_enBx6nywsH-65WJ_b7AnahSC1lC
dpm.demdex.net/ Frame C826
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=kvm5wZH76cGJ_enBx6nywsH-65WJ_b7AnahSC1lC
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=kvm5wZH76cGJ_enBx6nywsH-65WJ_b7AnahSC1lC
Protocol
HTTP/1.1
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-02137e098.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9WVvtY/+SFQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=kvm5wZH76cGJ_enBx6nywsH-65WJ_b7AnahSC1lC
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
adrum-ext.54a9a330b6d789bd61edecd89332c15b.js
cdn.appdynamics.com/
51 KB
20 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum-ext.54a9a330b6d789bd61edecd89332c15b.js
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-10.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 04:08:54 GMT
content-encoding
gzip
age
1843724
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 11 Dec 2020 18:05:04 GMT
server
nginx/1.16.1
etag
W/"5fd3b4d0-cc03"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
w4wmkZxeR6o7021ZPxjWb-T9G6mmla9bem4WGwbuaJiYR69_4NMH7A==
reload
www.google.com/recaptcha/enterprise/ Frame 4347
33 KB
19 KB
XHR
General
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33314aa6a6248e6c37b6335dcd5e77effe57921ee00c5e82067ce4468778dcb9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=j44dsw3pcbn
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19285
x-xss-protection
1; mode=block
expires
Tue, 09 Aug 2022 12:17:38 GMT
ibs:dpid=22052&dpuuid=3629215436871565425
dpm.demdex.net/ Frame C826
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629215436871565425
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629215436871565425
Protocol
HTTP/1.1
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-0fa96cdec.edge-irl1.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gE1VBtrvSUQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:38 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629215436871565425
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Wed, 10 Aug 2022 08:17:38 GMT
verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/
22 B
1 KB
Fetch
General
Full URL
https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:4e00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thomsonreuters.com/
Authorization
Bearer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
authorization
Bearer
sec-fetch-dest
empty
x-tr-cloudfront-api-gateway
d1uy6ivt6fb41q
cloudfront-forwarded-proto
https
host
api.thomsonreuters.com
cloudfront-viewer-asn
31103
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
accept
application/json, text/plain, */*
cache-control
no-cache
referer
https://www.thomsonreuters.com/
access-control-allow-headers
sec-fetch-mode
cors
date
Tue, 09 Aug 2022 12:17:39 GMT
via
1.1 446bee891dd83b01c5073753e095144e.cloudfront.net (CloudFront), 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
origin
https://www.thomsonreuters.com
cloudfront-is-desktop-viewer
true
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
x-forwarded-proto
https
content-length
22
cloudfront-is-smarttv-viewer
false
x-tr-verify-origin
FlLfNcJSVX6Yv_g8AUvq3
cloudfront-viewer-country
DE
cloudfront-is-mobile-viewer
false
x-forwarded-for
2001:1b60:2:240:3247::11, 64.252.86.96
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
access-control-max-age
3628800
pragma
no-cache
cloudfront-is-tablet-viewer
false
sec-fetch-site
same-site
x-forwarded-port
443
x-amz-cf-id
CrFsuK9tg9xmgZZqkqmFk771PrMZjhHIrBWpCtybe4GWKndoCyTmtg==
verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame
0
0
Preflight
General
Full URL
https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:4e00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept
*/*
accept-encoding
gzip, deflate, br
access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3628800
access-control-request-headers
authorization,content-type
access-control-request-method
POST
cache-control
no-cache
cloudfront-forwarded-proto
https
cloudfront-is-desktop-viewer
true
cloudfront-is-mobile-viewer
false
cloudfront-is-smarttv-viewer
false
cloudfront-is-tablet-viewer
false
cloudfront-viewer-asn
31103
cloudfront-viewer-country
DE
content-length
0
date
Tue, 09 Aug 2022 12:17:38 GMT
host
api.thomsonreuters.com
origin
https://www.thomsonreuters.com
pragma
no-cache
referer
https://www.thomsonreuters.com/
sec-fetch-dest
empty
sec-fetch-mode
cors
sec-fetch-site
same-site
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
via
1.1 dac778515428438a28ce2e7165574466.cloudfront.net (CloudFront), 1.1 015d563c1df00e18321ce956266180b0.cloudfront.net (CloudFront)
x-amz-cf-id
OBJyGSjFKModvoj7G9F-a0q0Wcq7mzh630Ky_onZbAQCQZZW0cP5rA==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
x-forwarded-for
2001:1b60:2:240:3247::11, 64.252.88.90
x-forwarded-port
443
x-forwarded-proto
https
x-tr-cloudfront-api-gateway
d1uy6ivt6fb41q
x-tr-verify-origin
FlLfNcJSVX6Yv_g8AUvq3
11.43a1a428a12277de24be.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
60 KB
19 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.43a1a428a12277de24be.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2faace9efc06ad6a3279c4ea7da78bd51d6ccbdc405caa789f63caec34a2696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553948
cf-polished
origSize=62687
cf-ray
73806e07ce3568fe-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"f4df-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
9 KB
2 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c2ccaa87a11ad22f6e194a69983add7b23d6998b0d5522f6f03e4bd8f25fdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
bb62a7323d89a777
cf-ray
73806e081eba68fe-FRA
user
bttrack.com/dmp/adobe/ Frame C826
35 B
380 B
Image
General
Full URL
https://bttrack.com/dmp/adobe/user?dd_uuid=27852797533145174982832266529328462879
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Tue, 09 Aug 2022 12:17:10 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame C826
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=27852797533145174982832266529328462879?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=27852797533145174982832266529328462879?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Protocol
HTTP/1.1
Server
34.248.26.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-26-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v038-0fa96cdec.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,300
X-TID
+jZZHeFBRq0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires
0
cache-control
no-cache
x-server
10.45.15.152
content-length
0
x-consent
absent
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/
102 KB
32 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ca8ecaeb278f382026638d391665f9bd64e573ca091482efc1c41ebe857754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553937
cf-polished
origSize=105087
cf-ray
73806e09082b68fe-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"19a7f-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
pixel
cm.g.doubleclick.net/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXZKUVlRQUFBTUg1VGdNeA==
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXZKUVlRQUFBTUg1VGdNeA==&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXZKUVlRQUFBTUg1VGdNeA==&google_tc=
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXZKUVlRQUFBTUg1VGdNeA==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.c4c4311e93af68a7390f.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
2 KB
916 B
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.c4c4311e93af68a7390f.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78540a28cea0abc67cbbd820fd2571c463f71a5b14fa6921e46b7e2658cec4f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553947
cf-polished
origSize=2539
cf-ray
73806e0978b768fe-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"9eb-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.04bbbcfbec571d58289d.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
28 KB
7 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.04bbbcfbec571d58289d.chunk.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
438c07b22e07ff3cf4c6407d502886d52378440c7ba2678254d134d843b0d03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553947
cf-polished
origSize=29269
cf-ray
73806e0978b968fe-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"7255-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/
64 KB
24 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
553380
cf-polished
origSize=66436
cf-ray
73806e0978bd68fe-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 25 Jul 2022 21:26:54 GMT
server
cloudflare
etag
W/"10384-18237417930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
1 KB
728 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=27&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Aug 2022 12:17:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 06 Aug 2032 12:17:38 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
73806e09c9cfbb5f-FRA
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
2 KB
1 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=22&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Aug 2022 12:17:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 06 Aug 2032 12:17:38 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
73806e09c9d3bb5f-FRA
servershortname
tap.php
pixel.rubiconproject.com/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvJQYQAAAMH5TgMx&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvJQYQAAAMH5TgMx&expires=90
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660047459.879995,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YvJQYQAAAMH5TgMx&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/
45 B
222 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.75.0&Q_CLIENTTYPE=webAdobeLaunch&r=1660047458939
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.9.10/static/js/825.ca455d95.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
1b560090759a9e3f
cf-ray
73806e0a7ad6bb5f-FRA
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/
256 B
551 B
Image
General
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
17045631
cf-polished
origSize=757
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
5
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
content-length
256
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 10 Jan 2022 17:59:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
trace-id
6980c840f1b8143f
cf-ray
73806e0a79e468fe-FRA
servershortname
expires
Thu, 22 Jan 2032 05:23:47 GMT
rum
dsum-sec.casalemedia.com/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJQYQAAAMH5TgMx
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJQYQAAAMH5TgMx&C=1
43 B
942 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YvJQYQAAAMH5TgMx&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray
73806e0b8f419152-FRA
pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrkBbW3ZFqipsT1PVfI%2Bj6oclalkAeQPEA3ETJHmoF1DLy7Dy87wDFD0Sz2t51HZ7PGnjuAk5IyFXepfIPC18h5rElwPtKlSGMEa8vogUaz%2B7O6AikcHWJ1NznvFLbuko7ZtnpdGkF10vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkT3PeIK32iEPyb%2B%2Bibo8%2Bw9oYtD45PVpCNt2UjcEoBzQIXCfShdZlQGaFArk2LQCfVCXIZjoOKQswtJLiqjA7xSnhrrFA1Ul1LIbnZugcQhcIg%2FDHtjGwkZLIFFsIL4w1jqdTHmrbkARg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=88&external_user_id=YvJQYQAAAMH5TgMx&C=1
cache-control
no-cache
cf-ray
73806e0b1fdc9bd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
bounce
ib.adnxs.com/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YvJQYQAAAMH5TgMx
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvJQYQAAAMH5TgMx
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvJQYQAAAMH5TgMx
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 12:17:39 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6dec09c7-d6c1-4d5d-951e-6a99e64698b2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 12:17:39 GMT
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
acd3ecb7-d5af-448b-9039-d8314aff0ca4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYvJQYQAAAMH5TgMx
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvJQYQAAAMH5TgMx
43 B
273 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvJQYQAAAMH5TgMx
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660047459.182222,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YvJQYQAAAMH5TgMx
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvJQYQAAAMH5TgMx
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvJQYQAAAMH5TgMx
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 12:17:37 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660047459.292200,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YvJQYQAAAMH5TgMx
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvJQYQAAAMH5TgMx&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvJQYQAAAMH5TgMx&img=1&__user_check__=1&sync_id=42d974c1-17dd-11ed-ad38-14604df00506
43 B
547 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YvJQYQAAAMH5TgMx&img=1&__user_check__=1&sync_id=42d974c1-17dd-11ed-ad38-14604df00506
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Tue, 09 Aug 2022 12:17:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
1
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 09 Aug 2022 12:17:39 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YvJQYQAAAMH5TgMx&img=1&__user_check__=1&sync_id=42d974c1-17dd-11ed-ad38-14604df00506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
20
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame C826
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvJQYQAAAMH5TgMx&t=2592000&o=0
43 B
571 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvJQYQAAAMH5TgMx&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 05:17:39 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
A7Zgw9Cn54HdKRiQoYE3gqupkrGOGth7ZU2O6Pui3R1g/dg7FcQADo4kzoIeuanlBq2GhCRL1/zReg6McVQIXg==
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
expires
Tue, 09 Aug 2022 05:17:39 PDT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 12:17:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1660047459.484290,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YvJQYQAAAMH5TgMx&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
partner.mediawallahscript.com/ Frame C826
0
232 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=27852797533145174982832266529328462879&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.240.127 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-240-127.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 12:17:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
nginx/1.20.0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| digitalData object| OneTrustStub function| OptanonWrapper function| getKeyValue function| allowPerformanceCookies string| launchScriptSrc object| launchScript object| webpackJsonp@dcl-ue/bundle-interact function| setImmediate function| clearImmediate object| regeneratorRuntime number| adrum-start-time object| adrum-config object| ADRUM object| pendo string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| eventListenerMap object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| hj object| _hjSettings function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| domain string| s_account object| s number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL function| webpackJsonpCoveo__temporary object| Coveo object| _ function| Globalize function| __extends object| trIdStitch object| Optanon object| OneTrust object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| cleanPII object| recaptcha object| closure_lm_953939 object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.75.0 object| _qsie

31 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMjm62Xq-Xu1Jm87XsuFH3cV8R1cEsDe7mvkHvs7ce278LjuDA1KbGjArl8G9UwclPkH4I4f9LhKLzd93b3eLHk
ue.thomsonreuters.com/ Name: AWSALB
Value: q9r1x8QeTnEpJtc4uPDT9fNcd+PYAhVBsBPM8rU5IrEgVi9gb0/rxzcTMfSCdKiYiWDGoQxyigF4q0HdEROyEbTjDt8ToFgmQBaqwdiaDqsrVzG+/wkx7SwMoKOn
ue.thomsonreuters.com/ Name: AWSALBCORS
Value: q9r1x8QeTnEpJtc4uPDT9fNcd+PYAhVBsBPM8rU5IrEgVi9gb0/rxzcTMfSCdKiYiWDGoQxyigF4q0HdEROyEbTjDt8ToFgmQBaqwdiaDqsrVzG+/wkx7SwMoKOn
.thomsonreuters.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 27852797533145174982832266529328462879
.thomsonreuters.com/ Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg
Value: 1
.thomsonreuters.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Aug+09+2022+12%3A17%3A37+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=979a0cdd-934c-4665-ac05-a0dbf37cbe2c&interactionCount=0&landingPath=https%3A%2F%2Fwww.thomsonreuters.com%2Fen-us%2Faccount%2Fbilling%2Fguest%2Fpay&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YvJQYQAAAMH5TgMx
.thomsonreuters.com/ Name: mbox
Value: session#83ff95729f09479aaf56d3000abe99bc#1660049318|PC#83ff95729f09479aaf56d3000abe99bc.37_0#1723292258
.dpm.demdex.net/ Name: dpm
Value: 27852797533145174982832266529328462879
www.thomsonreuters.com/ Name: AWSALB
Value: ktgjUgBtd9xC5zajkg/r/92hGHubqrQ/kz0Zb/9+w5yOaxqVol7f8c5x6gQHLhc6GO1kyeSJ/qBuNll92nI5RsWpFeJtAlYuqe/o8v4D+GNtehKMzX/awk6ooHis
www.thomsonreuters.com/ Name: AWSALBCORS
Value: ktgjUgBtd9xC5zajkg/r/92hGHubqrQ/kz0Zb/9+w5yOaxqVol7f8c5x6gQHLhc6GO1kyeSJ/qBuNll92nI5RsWpFeJtAlYuqe/o8v4D+GNtehKMzX/awk6ooHis
.thomsonreuters.com/ Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19214%7CMCMID%7C27950822530965153722820193220207528649%7CMCAAMLH-1660652257%7C6%7CMCAAMB-1660652257%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1660054657s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19221%7CvVersion%7C5.3.0
.thomsonreuters.com/ Name: _hjSessionUser_1846625
Value: eyJpZCI6ImM0NjljMmFiLWQyNzUtNWE2Zi05MWMxLWU1NmE1ZjgxODQ5ZCIsImNyZWF0ZWQiOjE2NjAwNDc0NTc4ODEsImV4aXN0aW5nIjpmYWxzZX0=
.thomsonreuters.com/ Name: _hjFirstSeen
Value: 1
www.thomsonreuters.com/ Name: _hjIncludedInSessionSample
Value: 1
.thomsonreuters.com/ Name: _hjSession_1846625
Value: eyJpZCI6IjExMGZjN2NhLWYwZjAtNGFkZS1hYjM1LWE2MzZmZmIwNmRiOCIsImNyZWF0ZWQiOjE2NjAwNDc0NTc5ODEsImluU2FtcGxlIjp0cnVlfQ==
www.thomsonreuters.com/ Name: _hjIncludedInPageviewSample
Value: 1
.thomsonreuters.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.quantserve.com/ Name: d
Value: EKQBDAHoJrmvYA
.quantserve.com/ Name: mc
Value: 62f25062-662cb-1e54f-6a39c
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMID
Value: YvJQY-0TGmaulxKGEDFeiQAA
.casalemedia.com/ Name: CMPS
Value: 5162
.casalemedia.com/ Name: CMPRO
Value: 5162
.casalemedia.com/ Name: CMTS
Value: 1172
.adnxs.com/ Name: uuid2
Value: 2131926150179419335
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E?in5%%1!]tbPl1MwL(!R7qUY$+PA*$V6YWJXkPQ=?oHm_!j#]l7W<QG=%9sk?bIRwi:w9Ld1ic6K]TWBCu(lOfM!x%CI*F7D:
.spotxchange.com/ Name: audience
Value: 42d97461-17dd-11ed-ad38-14604df00506
.demdex.net/ Name: dextp
Value: 60-1-1660047457977|477-1-1660047458078|903-1-1660047458224|1175-1-1660047458346|22052-1-1660047458464|49276-1-1660047458566|121998-1-1660047458667|144230-1-1660047458768|144231-1-1660047458868|144232-1-1660047458969|144233-1-1660047459070|144234-1-1660047459171|144235-1-1660047459272|144236-1-1660047459372|144237-1-1660047459473|444422-1-1660047459574

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=27852797533145174982832266529328462879
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=27852797533145174982832266529328462879
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thomsonreuters.com
app-data.gcs.trstatic.net
assets.adobedtm.com
auth.split.io
bttrack.com
cdn.appdynamics.com
cdn.cookielaw.org
cdn.pendo.io
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
ml314.com
partner.mediawallahscript.com
pixel.quantserve.com
pixel.rubiconproject.com
script.hotjar.com
sdk.split.io
siteintercept.qualtrics.com
static.hotjar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
ue.thomsonreuters.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
westservicesinc.tt.omtrdc.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
ws14.hotjar.com
www.facebook.com
www.google.com
www.gstatic.com
www.thomsonreuters.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
104.18.19.126
108.138.17.83
13.36.218.177
142.250.185.226
143.204.89.10
151.101.194.49
151.101.67.9
18.66.112.19
18.66.139.40
185.64.189.110
185.94.180.125
192.132.33.46
2600:9000:211a:4e00:16:3030:f80:93a1
2600:9000:223f:e200:1f:aa31:7740:93a1
2600:9000:2240:7800:15:d837:3240:93a1
2600:9000:2490:ee00:1b:b66f:bac0:93a1
2600:9000:2491:2200:2:b30e:75c0:93a1
2606:4700:4400::6812:2962
2606:4700::6810:9440
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a02:26f0:3500:597::1e80
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
34.111.234.236
34.198.165.208
34.242.156.102
34.248.26.113
34.255.240.59
35.244.159.8
35.244.174.68
37.252.173.27
52.213.138.32
52.215.111.225
52.222.236.122
52.30.241.123
52.50.240.127
54.216.202.57
69.173.144.138
03a49fb97c0e005dae80c6b0ae20513b87eb1618a9cab6de6c7724573b9a4f8a
08796442f80b7d0963ccae5f840a6428826805f0af05a115f6d4d55e2cef0771
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad
16be1c2967d54e00278b7984b75e3d8ab81afbfd28e71207bd6c582a0e882914
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff
1aeb12b30267413bfa7009511c9bbfdcb7b81b4cb3be828b88148b621d9164e0
1afe1e3ca6d140358d37643a791f30fb9a07f7977e17ff6ae29a977ec0b583d1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f4204c9ad7b923bd04b724a4ec819b3d732f3e7a1e4ac6c64f20c5a118a9c4e
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
2213623bb5e82d4dce30cd8caae6bd0b8c2c515268819b5b8f67a1833cb2f3d8
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
2d899ddf4c8a3c5c47ef57aa4b5ac660065f0d7edf0e6f9b7a52b1fd7c5db278
2ec257a4d2f39fe07e7cf09412780b279902144ec2416a1e0cb42134122c7386
32d81bf0b62655c81b3dc9c48ce9f63c955417280f2c0f653185fa51433311bd
33314aa6a6248e6c37b6335dcd5e77effe57921ee00c5e82067ce4468778dcb9
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
3778b49855d7ebaf5d1948623c501d5d578d7a0d237a93f12f93a8f297f172c4
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
438c07b22e07ff3cf4c6407d502886d52378440c7ba2678254d134d843b0d03c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f
49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965
5733a26e043b6b3e4881fc87a475e001bc064bb8ea4d188c64d186dbc451b87b
5a1cf258f604f22cf17359279315bac92ae131ecd679f7211e59f31bc83d5712
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5aff160a1f678c92184dd85c68600b785d273cb23683d58763b2d7ae8fe96fc5
5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83
60911940d14c0c28edeea187dbaa819be4c3edc04c878eed1295e04481cda7c0
627d82e6f88abffdbcbf58641772691b42ccbfa9261f5a657da472625e859c2c
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fba5ed9a21a948a1edf9f018055a8ed911df83da750fcb24177e2a3c539a085
73b3e94622e546b9fa06d6e9e2a5056cfd3963676e2bef64c7c456adf7fc6704
75c2ccaa87a11ad22f6e194a69983add7b23d6998b0d5522f6f03e4bd8f25fdd
78540a28cea0abc67cbbd820fd2571c463f71a5b14fa6921e46b7e2658cec4f0
7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80de657d3b32d908643ae89f7ae05969f84e653dc552427025a7686f909cc5fb
8305795b776c76b5e217b66c2d5d9839d16a204c68139d33265bfedc9dfc02c7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8b4e66310f27eda90f44c558f8715554a45a03d3756ea8942fd6af21b29d74
9a1de58cc92b203b13e7b9369963bddcabb9a8bed635b805c0c96d6a060e336f
a01df7c93f410ff7a7e62e8fc02504dc54cd8ea10f5c5b84eac6b2a0850f1478
a2d168a979b563a664718348f462dd659009c60fbb35473bab0ec5f036eef44d
a70507ec2c853430062b85b09eee4400f249a73784274e8d6dc577db595e84d8
a82fc6cdeed37975df9de2eb175b204a15a04b4d7d7ac579a2beb538d18bbca9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
b2faace9efc06ad6a3279c4ea7da78bd51d6ccbdc405caa789f63caec34a2696
b66f9b029211596a6fa79a1db0f81af0d963142750ecceef30525ccf8359dbdf
b8ea26b655664c090e9458919e81401c39f87d2e8a675663b1da92351840f067
c2ca8ecaeb278f382026638d391665f9bd64e573ca091482efc1c41ebe857754
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a
c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb
d4538ac0cfe407054edfec11d8d2dc638ea5bd27df1f6e7bacfade66d3554695
d85c205abc28cbb519d6ad2a0f69645354be91ff88768db7453d3da1cd1cc914
d9feb46cf586b7596846044f0aa1cad80ce48f05f533de13b1394760849c75d5
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ed28649f105f04de8fec66a67b1baf720de4a721cff99492939219f55db485b4
ef14a263b48a01e2260c5383d81a22ddcd5f5f139379add2649c16f6148a3cd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fae83b55eae52250dd38c43a3b098b79becf0ecfe8907b0c5772e6824f286918
fb0934a67fc09549429ca885425bda635b18a56b09c6f5fc266c7c062e37e875
fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d