www.thomsonreuters.com Open in urlscan Pro
2600:9000:2490:8000:1b:b66f:bac0:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
Effective URL:
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Submission: On July 12 via manual (July 12th 2022, 1:47:17 pm UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 33 domains to perform 96 HTTP transactions. The main IP is 2600:9000:2490:8000:1b:b66f:bac0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.thomsonreuters.com. The Cisco Umbrella rank of the primary domain is 55997.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 27th 2022. Valid for: a year.

This is the only time www.thomsonreuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:231... 2600:9000:2315:6800:2:b30e:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2490:8000:1b:b66f:bac0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.214.101 52.222.214.101	16509 (AMAZON-02) (AMAZON-02)
23	2600:9000:236... 2600:9000:236e:6400:15:d837:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.17.114.133 52.17.114.133	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.100 143.204.89.100	16509 (AMAZON-02) (AMAZON-02)
4	151.101.67.9 151.101.67.9	54113 (FASTLY) (FASTLY)
1	2600:9000:223... 2600:9000:223f:c00:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.77.35.16 54.77.35.16	16509 (AMAZON-02) (AMAZON-02)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	52.31.107.150 52.31.107.150	16509 (AMAZON-02) (AMAZON-02)
1	79.125.52.138 79.125.52.138	16509 (AMAZON-02) (AMAZON-02)
2	52.55.203.115 52.55.203.115	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.122 108.157.4.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	34.253.52.76 34.253.52.76	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.13 143.204.89.13	16509 (AMAZON-02) (AMAZON-02)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	34.111.234.236 34.111.234.236	15169 (GOOGLE) (GOOGLE)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2 2	54.220.48.180 54.220.48.180	16509 (AMAZON-02) (AMAZON-02)
11	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20a... 2600:9000:20ae:4c00:16:3030:f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	104.36.113.107 104.36.113.107	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.19.104.106 52.19.104.106	16509 (AMAZON-02) (AMAZON-02)
1	3.65.158.65 3.65.158.65	() ()
96	38

1 2600:9000:2315:6800:2:b30e:75c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

ue.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2490:8000:1b:b66f:bac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-101.fra56.r.cloudfront.net

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:236e:6400:15:d837:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

app-data.gcs.trstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.17.114.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-100.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.67.9 (United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:c00:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.35.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

westthomson.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

westthomsoncom.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.107.150 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-107-150.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.52.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com

westservicesinc.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.203.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-203-115.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-122.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.52.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-52-76.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-13.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.234.236 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.48.180 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-48-180.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20ae:4c00:16:3030:f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.thomsonreuters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.104.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-104-106.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.158.65 (None, )

ASN- ()

fra-col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	trstatic.net app-data.gcs.trstatic.net — Cisco Umbrella Rank: 30364	1 MB
11	qualtrics.com zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 917	89 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 971 sync-tm.everesttech.net — Cisco Umbrella Rank: 689	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	347 KB
6	split.io sdk.split.io — Cisco Umbrella Rank: 3109 auth.split.io — Cisco Umbrella Rank: 3554	17 KB
6	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 213 westthomson.demdex.net — Cisco Umbrella Rank: 32225	9 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 509	176 KB
5	thomsonreuters.com 1 redirects ue.thomsonreuters.com www.thomsonreuters.com — Cisco Umbrella Rank: 55997 api.thomsonreuters.com — Cisco Umbrella Rank: 129725	58 KB
4	google.com www.google.com — Cisco Umbrella Rank: 17	42 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 698 script.hotjar.com — Cisco Umbrella Rank: 1004 vars.hotjar.com — Cisco Umbrella Rank: 1019 in.hotjar.com — Cisco Umbrella Rank: 1681 ws28.hotjar.com Failed	69 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 432	115 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 552	1 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597	2 KB
2	doubleclick.net 1 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 223	851 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 798	585 B
2	omtrdc.net westthomsoncom.sc.omtrdc.net — Cisco Umbrella Rank: 136346 westservicesinc.tt.omtrdc.net — Cisco Umbrella Rank: 169271	1 KB
2	appdynamics.com cdn.appdynamics.com — Cisco Umbrella Rank: 2955	60 KB
1	eum-appdynamics.com fra-col.eum-appdynamics.com	439 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2647	232 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	533 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1037	449 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 433	275 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 372	239 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 804	380 B
1	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1677	343 B
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 489	490 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 399	265 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2514	257 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 365	98 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	917 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 1172	143 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 830	457 B
96	33

	Domain	Requested by
23	app-data.gcs.trstatic.net	www.thomsonreuters.com cdn.appdynamics.com app-data.gcs.trstatic.net
10	siteintercept.qualtrics.com	cdn.appdynamics.com
8	sync-tm.everesttech.net	8 redirects
6	cdn.cookielaw.org	www.thomsonreuters.com cdn.cookielaw.org cdn.appdynamics.com
5	dpm.demdex.net	cdn.appdynamics.com www.thomsonreuters.com
4	www.gstatic.com	cdn.appdynamics.com www.google.com www.gstatic.com
4	www.google.com	cdn.appdynamics.com www.google.com www.gstatic.com
4	sdk.split.io	cdn.appdynamics.com
4	assets.adobedtm.com	www.thomsonreuters.com cdn.appdynamics.com
2	sync.search.spotxchange.com	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	api.thomsonreuters.com	cdn.appdynamics.com
2	cm.g.doubleclick.net	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	fonts.gstatic.com	www.google.com
2	auth.split.io	cdn.appdynamics.com
2	cdn.appdynamics.com	www.thomsonreuters.com cdn.appdynamics.com
2	www.thomsonreuters.com	cdn.appdynamics.com
1	fra-col.eum-appdynamics.com	cdn.appdynamics.com
1	partner.mediawallahscript.com
1	www.facebook.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com	cdn.appdynamics.com
1	bttrack.com	www.thomsonreuters.com
1	ml314.com	1 redirects
1	pixel.quantserve.com	1 redirects
1	match.adsrvr.org	www.thomsonreuters.com
1	vc.hotjar.io	cdn.appdynamics.com
1	in.hotjar.com	cdn.appdynamics.com
1	idsync.rlcdn.com	www.thomsonreuters.com
1	fonts.googleapis.com	client
1	vars.hotjar.com	cdn.appdynamics.com
1	script.hotjar.com	cdn.appdynamics.com
1	westservicesinc.tt.omtrdc.net	cdn.appdynamics.com
1	cm.everesttech.net	1 redirects
1	westthomsoncom.sc.omtrdc.net	cdn.appdynamics.com
1	westthomson.demdex.net	cdn.appdynamics.com
1	cdn.pendo.io	cdn.appdynamics.com
1	static.hotjar.com	cdn.appdynamics.com
1	geolocation.onetrust.com	cdn.appdynamics.com
1	ue.thomsonreuters.com	1 redirects
0	ws28.hotjar.com Failed	cdn.appdynamics.com
96	45

This site contains links to these domains. Also see Links.

Domain
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
www.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA	`2022-06-27` - `2023-06-27`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-21` - `2022-07-22`	a year	crt.sh
app-data.gcs.trstatic.net COMODO RSA Organization Validation Secure Server CA	`2020-08-17` - `2022-08-17`	2 years	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
api.thomsonreuters.com COMODO RSA Organization Validation Secure Server CA	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.mediawallahscript.com Amazon	`2022-05-04` - `2023-06-01`	a year	crt.sh
*.eum-appdynamics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-07-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Frame ID: 725B52F87F2D43493FB106F9EAC48DE4
Requests: 70 HTTP requests in this frame

Frame: https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: A3D45449A1134619784A77EB4F18F941
Requests: 16 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html
Frame ID: 13792BD947B47640BCA80D54C2C1B410
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=tpl5e9dceqjs
Frame ID: CFE4259A5AF8984803F641E4A1007C0A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pay without signing in | Thomson ReutersBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay HTTP 301
https://www.thomsonreuters.com/en-us/account/billing/guest/pay Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppDynamics (Analytics) Expand

Overall confidence: 100%
Detected patterns

adrum

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

96
Requests

86 %
HTTPS

33 %
IPv6

33
Domains

45
Subdomains

38
IPs

6
Countries

2575 kB
Transfer

9896 kB
Size

33
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://privacyportal-cdn.onetrust.com/dsarwebform/dbf5ae8a-0a6a-4f4b-b527-7f94d0de6bbc/5dc91c0f-f1b7-4b6e-9d42-76043adaf72d.html
Title: For CA: Do not sell my info

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay HTTP 301
https://www.thomsonreuters.com/en-us/account/billing/guest/pay Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://cm.everesttech.net/cm/dd?d_uuid=14077006861840720820143534425904839189 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys17XwAAAH8ogwNx

Request Chain 62

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=rRXUSaxFgR22FYIeqUWaHKlGhh-2Q44ZqEN7t8Pb

Request Chain 65

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628567480397463621

Request Chain 71

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=14077006861840720820143534425904839189?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=14077006861840720820143534425904839189?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXMxN1h3QUFBSDhvZ3dOeA== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXMxN1h3QUFBSDhvZ3dOeA==&google_tc=

Request Chain 80

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Ys17XwAAAH8ogwNx&expires=90

Request Chain 82

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ys17XwAAAH8ogwNx HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ys17XwAAAH8ogwNx&C=1

Request Chain 83

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Ys17XwAAAH8ogwNx HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYs17XwAAAH8ogwNx

Request Chain 90

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ys17XwAAAH8ogwNx

Request Chain 91

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ys17XwAAAH8ogwNx

Request Chain 94

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Ys17XwAAAH8ogwNx&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Ys17XwAAAH8ogwNx&img=1&__user_check__=1&sync_id=2252f6f7-01e9-11ed-99cb-14f0ef8b0106

Request Chain 95

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Ys17XwAAAH8ogwNx&t=2592000&o=0

96 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pay Show response
www.thomsonreuters.com/en-us/account/billing/guest/
Redirect Chain

https://ue.thomsonreuters.com/en-us/account/billing/guest/pay
https://www.thomsonreuters.com/en-us/account/billing/guest/pay

6 KB
3 KB

48ms
10ms

Document
text/html

2600:9000:2490:8000:1b:b66f:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8000:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

32bcdcca22ec69d0260328a2397c9f2f9ee9dde9feb3c5e62ca9d621ad6a3e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60480
cache-control: max-age=86400
content-disposition: inline
content-encoding: gzip
content-length: 2103
content-type: text/html;charset=utf-8
date: Mon, 11 Jul 2022 20:59:10 GMT
etag: "1638-5e38c45104952-gzip"
expires: Tue, 12 Jul 2022 20:59:10 GMT
last-modified: Mon, 11 Jul 2022 19:07:57 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,User-Agent
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-amz-cf-id: Gvyi_gW89XDX6nETrZrJvPWnl4oZX3_Ioe3DRggIlg9vUEDdSIhUzA==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-dispatcher: dispatcher1useast1
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-vhost: www.thomsonreuters.com

Redirect headers

cache-control: max-age=86400
content-length: 270
content-type: text/html; charset=iso-8859-1
date: Tue, 12 Jul 2022 13:47:10 GMT
expires: Wed, 13 Jul 2022 13:47:10 GMT
location: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
x-amz-cf-id: U64QjwQ0fPWToC5wX5QyVPAd7o1a8bLlYanzsAcTxQfF01KAviHoHg==
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 20 KB
7 KB 55ms
22ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 13:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 4m3LBpuQ5au3un+sbdTm6g==
age: 6891
vary: Accept-Encoding
content-length: 6922
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jul 2022 19:32:04 GMT
server: cloudflare
etag: 0x8DA637408CE0A08
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f6c7b826-901e-0053-6d7a-95c4e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 729a3ab0efc5908e-FRA

GET
H2 200 adrum-22.2.0.3616.js Show response
cdn.appdynamics.com/adrum/ 107 KB
39 KB 25ms
7ms Script
application/javascript 52.222.214.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-101.fra56.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 6a1ea58ec0bbf5557ae618e208906ccd5517bb25a7011f9112fee5922626744a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 17:17:33 GMT
content-encoding: gzip
age: 2320177
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 09:22:43 GMT
server: nginx/1.16.1
etag: W/"620b70e3-1aaa4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EcyM-NuE7MFDqA6-Qw3Z8qPcRRQWXsciM0TH77R5VdVF1Gr51VzT7w==

GET
H2 200 bootstrap.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/ 182 KB
53 KB 73ms
10ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/bootstrap.js
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78c58c20d59b393a6dbd1e47eea124023e938148ddf9cb1009d65dbea9ba63f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:19 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:24 GMT
server: AmazonS3
age: 14692
etag: W/"63d93e086f2d8351ad70f7cf340de96c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: kXJo7J2xHrgL2wAXyyzdWw0ivuE5mDrDBzj1MiSdvH3VTEn7f_KkVQ==

GET
H2 200 143d5191-c678-49f6-8ac0-376dfe324de7.json Show response
cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ 5 KB
2 KB 54ms
25ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/143d5191-c678-49f6-8ac0-376dfe324de7.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 13:47:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: A9gHZn55h3f5NJaBoJG35A==
age: 8767
vary: Accept-Encoding
content-length: 1661
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jul 2022 12:46:07 GMT
server: cloudflare
etag: 0x8DA633B52D706CE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b6f8a47d-801e-0143-4a3f-95b45a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 729a3ab14a5f5bf5-FRA
expires: Tue, 12 Jul 2022 17:47:10 GMT

GET
H2 200 launch-f185a872eb60.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/ 317 KB
88 KB 42ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:10 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 14:39:08 GMT
server: AkamaiNetStorage
etag: "d352069223c4b31c3d2f628b829b8a1b:1649342348.617182"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 90003
expires: Tue, 12 Jul 2022 14:47:10 GMT

GET
H2 200 828.e3089c6b.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 1 MB
357 KB 11ms
11ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/828.e3089c6b.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4912bc842eca70b74c068038b7a574723b6beb33d1c7f67d78b0344df5ab01ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:19 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:38 GMT
server: AmazonS3
age: 14692
etag: W/"89c0a933de8c4e4cdf13f24eef9f8ad1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: gxBER6wx8Pg6MECkIisy3AxNWhQptGbM_UWenCRqZHRNxJOxJA8lZg==

GET
H2 200 app-main.68a68692.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/ 376 KB
55 KB 29ms
29ms Stylesheet
text/css 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22285089f75b4ec006bf9dafe15618af5d85ff7c2d691a372fbecd5970e69179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:19 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:25 GMT
server: AmazonS3
age: 14692
etag: W/"057ea54a6ba3af224e5e8a1a0fe17f9b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: dle5XCGZeE8kwZO1TXipxE-xJOGsjxoSUoebFOAlF6LMOT8ozDptJw==

GET
H2 200 app-main.7cab47d0.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 559 KB
106 KB 65ms
65ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/app-main.7cab47d0.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 687ecd8fde52954c5779c454fdc51f2db85c152854271e3f50d2bb8c26b0c170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:19 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:42 GMT
server: AmazonS3
age: 14692
etag: W/"a532a64698d095c8b7be988f51a1ebb3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: lANg_kegRpXOaukkuNeO6pVqTrv1ZrKe0eewlbdyX4ndTSj15NhwQA==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
457 B 39ms
22ms XHR
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 729a3ab19d1d929b-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 138ms
33ms XHR
application/json 52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1657633631012

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6f5e14e1a1e09da007090ee39fb9e09f101b3f1602e87ae7125cba053642e3d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v036-0999aaade.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ZCaERNX1Rqs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thomsonreuters.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1313
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/ 45 KB
17 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 14:39:09 GMT
server: AkamaiNetStorage
etag: "60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 16755
expires: Tue, 12 Jul 2022 14:47:11 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 25 KB
9 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "66be6e24d6b0c77126d28b9abcd4eb38:1634593036.81505"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8761
expires: Tue, 12 Jul 2022 14:47:11 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.16.0/ 374 KB
83 KB 24ms
24ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 9101
vary: Accept-Encoding
content-length: 85065
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:31:04 GMT
server: cloudflare
etag: 0x8D910C57D52F14C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 1b57f3ba-101e-0146-1681-134025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 729a3ab218db908e-FRA

GET
H2 200 hotjar-1846625.js Show response
static.hotjar.com/c/ 7 KB
3 KB 72ms
39ms Script
application/javascript 143.204.89.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1846625.js?sv=6

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-100.fra50.r.cloudfront.net

Software

Resource Hash

7a02fa24d00e85788351eb8db1f4d4a112b622874ec886713a43549612ccfdcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/7fa69fec394bfb00aa95cd626dd5269b
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: YHr8Rod-YPlG6jnDbSjuZ-yLWwLcrwvTnzDVTjN9aRR9MtPIYFbwjQ==
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)

OPTIONS
H2 200 anonymous
sdk.split.io/api/mySegments/ Frame 0
0 40ms
6ms Preflight 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.thomsonreuters.com
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Tue, 12 Jul 2022 13:47:11 GMT
retry-after: 0
server: Varnish
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4055-HHN
x-timer: S1657633631.185660,VS0,VE0

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ Frame 0
0 31ms
7ms Preflight 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.67.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://www.thomsonreuters.com
access-control-max-age: 7200
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length: 37
date: Tue, 12 Jul 2022 13:47:11 GMT
retry-after: 0
server: Varnish
vary: Cookie
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn4055-HHN
x-timer: S1657633631.185778,VS0,VE0

GET
H2 200 anonymous Show response
sdk.split.io/api/mySegments/ 17 B
450 B 10ms
7ms Fetch
application/json 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.17.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 194411
x-cache: HIT, HIT
content-encoding: gzip
content-length: 37
x-request-id: 2814dwh2brh
x-served-by: cache-iad-kcgs7200022-IAD, cache-hhn4055-HHN
x-timer: S1657633631.195665,VS0,VE1
date: Tue, 12 Jul 2022 13:47:11 GMT
vary: Origin, Accept-Encoding, Authorization
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-iad-kjyo7100078-IAD-97dc747c-299b-45f3-aa0d-573cbf6cb83c; cache-hhn4052-HHN-ca1b0a4e-2311-45ff-a32f-1d0629e44594
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 242 KB
15 KB 99ms
96ms Fetch
application/json 151.101.67.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.67.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b62eeb81d5ae0e6d40a19f88af4d6580a9e6e377e0b13f996f3c41f35a83566c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.17.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
etag: "-1150592676--gzip"
age: 1
x-cache: HIT, MISS
content-length: 15249
via: 1.1 varnish, 1.1 varnish
x-request-id: 284c4sktx6u
x-served-by: cache-iad-kiad7000085-IAD, cache-hhn4055-HHN
last-modified: Mon, 11 Jul 2022 10:15:48 GMT
x-timer: S1657633631.195643,VS0,VE90
date: Tue, 12 Jul 2022 13:47:11 GMT
vary: Origin, Accept-Encoding, Authorization
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-iad-kjyo7100080-IAD-764936ab-6bc2-45b7-a992-c7f66a47bf3a; cache-hhn4055-HHN-fec79c71-18e6-4467-ac1b-098944137afd
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/ 463 KB
143 KB 200ms
124ms Script
application/javascript 2600:9000:223f:c00:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:c00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 06f3386698f2e2b406c5116ff20046ae709e967e6e43a96b309fcf4132569263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 13:47:11 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA56-P5
X-GUploader-UploadID: ADPycdvK-LoOBLSDm2t9sht-02BDmWkbbaLg5lK7lEh9yI98R6__d_yWUEVeU7-lOnL27XQrQ4ZHIWGRPN9le6MdL_unp3s1Jm49
X-Cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 145906
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 Jul 2022 18:17:01 GMT
Server: UploadServer
ETag: "3e5b187021f071887247fdc7d01f4e10"
Vary: Accept-Encoding
x-goog-hash: crc32c=XxQ71Q==, md5=PlsYcCHwcYhyR/3H0B9OEA==
x-goog-generation: 1657217821294099
Via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 145906
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: kSNE7yjW173idM4Feo4m8W6WNefrhrhiROoksnv-ELoT6B7X-Fk8Wg==
Expires: Tue, 12 Jul 2022 13:54:41 GMT

GET
H2 200 1.5b87a4f0.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 26 KB
8 KB 8ms
8ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/1.5b87a4f0.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4daf758ab25a711fd5c657d6e0d6a0008a3561eb7e3df5a2c5eaa8625b488094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:27 GMT
server: AmazonS3
age: 14692
etag: W/"2bf54107807fbff5f2a75eddf0e096b9"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: D4wNtuS3vMH4hYbVkmIqp-j-c409tEJd9JKFJx0LANP4VTBlNW5jPg==

GET
H2 200 2.2d807cda.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 30 KB
10 KB 9ms
9ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/2.2d807cda.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7658f119cdfec4824bc546d9f021c3a83024bc1c6bb22ed85aae8e31fb4cfa85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:29 GMT
server: AmazonS3
age: 14692
etag: W/"edec9d5404b891f71e1c431c2ffefe8c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: VSxsfvOyIJykKwTHSk0nT9gFck8icUsBh_Rnem_8OcsUe66YnAlIuQ==

GET
H2 200 3.b7d56363.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 15 KB
5 KB 9ms
9ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/3.b7d56363.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 949c22d9c4a7ca3a05ecca4587c90bf881d9730fb41df10b249310e87796e9fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:31 GMT
server: AmazonS3
age: 14692
etag: W/"07f6ad3f7d4df9d6314f6124c2447fe9"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: _g-Mx9kiscQXmktZ4Qzhdd67fXkEG8lhtXbT7E73gfaYHrXx_fH_ag==

GET
H2 200 6.208d53bd.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 13 KB
4 KB 9ms
9ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/6.208d53bd.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72dacf15b7d930846d907934ef712d7cae936d780d27be788c103146fb25c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:36 GMT
server: AmazonS3
age: 14692
etag: W/"05ef397c9288c42b067fe09310025504"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: hbL4dRCx-oRhBbQVyuen2AfR3RANTTUeznpip_eHOzqxqm28r1m_xQ==

GET
H2 200 components-app.3803ae40.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/ 9 KB
2 KB 66ms
66ms Stylesheet
text/css 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/components-app.3803ae40.chunk.css
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8ba8f02c7aede6bcb2fa344dac5829ff21357237469a12d975ab682ffafecfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:25 GMT
server: AmazonS3
age: 14692
etag: W/"7dc1c56cada3b7b1f7b1f933f36d45f6"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: -vjGtNRdUgoA1E0w8H1ax7KApz151UaJbOIZ3mbd35jNW5yHSX9f4w==

GET
H2 200 components-app.ddf36097.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 3 MB
628 KB 10ms
10ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/components-app.ddf36097.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fed81eae18853543f5ef3ae26a001e33d4f489bca2958b5afc8ca5abc84cf91f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:42 GMT
server: AmazonS3
age: 14692
etag: W/"e9f57017710cc62615f9cfad5f2b381d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ifbqztKTB6p1loWOWJe7lqBznVDduWX3rWHwKcSxYKXpejGEkTZ27g==

GET
H2 200 interact-localizaion-provider.22cc0d2a.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 3 KB
2 KB 9ms
9ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/interact-localizaion-provider.22cc0d2a.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 373d80c29f8043e1ed4309ed102932ed03ed5c9095130207dc0a9b782af7e96a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:42 GMT
server: AmazonS3
age: 14692
etag: W/"f3094e9f1552a960f10fe2813ebfb54e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: Jjv3GJoWhw0jkyOl9SJxug3ajm2Pc9Sj7BbL3JCuz8_0Dcd_siQz9w==

GET
H2 200 937.d544e848.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 2 KB
1 KB 63ms
63ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/937.d544e848.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8055a5390e8415c32dabdfce4ab036b0ca74b46bee2d107679f5242065d151ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:40 GMT
server: AmazonS3
age: 14692
etag: W/"1874da5c98175eb51c12ce9111907790"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 0IckXQOUL8_pnr2FcOetWlwcWczrMlTd9aGTgKMYdzTMUEt2QckcXw==

GET
H2 200 936.3534d907.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 8 KB
4 KB 64ms
64ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/936.3534d907.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c2725c23994d35d4b6d3f4e8d8b4d04f91507585eb77f6f2249c661b75d9e07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:40 GMT
server: AmazonS3
age: 14692
etag: W/"8044d96fcb391491a3a74a4cb7ddb44c"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: fYsi-b-nB_RuFPpY8QaWcGuSQoLuLptPXU_62dWB-smzSmURnMzMRA==

GET
H2 200 940.5de72663.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 2 KB
1 KB 65ms
64ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/940.5de72663.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b37ad99d40d246b3dc0c7b50e061641c5b77d4d693fe99ce54b15abc29471d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:40 GMT
server: AmazonS3
age: 14692
etag: W/"35e03527559c17f20d7d611ef43e506b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: NENJPUki7kIZxB54vefeCXe0SdpcEyjDC3PJlzw2-dH2wFzGX0QZ7w==

GET
H2 200 935.8dda0da5.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 2 KB
1 KB 65ms
65ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/935.8dda0da5.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04020b5f52f5da2e0e675cf7ef8698211d1f56b0fb71350734322121d6000a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:20 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:40 GMT
server: AmazonS3
age: 14692
etag: W/"777098c389a62db21d34163a240bc00b"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: W2YLnOIgGPzmX3uLsOkhJT__l3SaqbHO5mlEd5qPfAOn7RHncUYEOQ==

GET
H/1.1 200
OK dest5.html Show response
westthomson.demdex.net/ Frame A3D4 7 KB
3 KB 153ms
30ms Document
text/html 54.77.35.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westthomson.demdex.net/dest5.html?d_nsid=0

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.77.35.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-77-35-16.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thomsonreuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v036-06aa2b6b6.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: u4ifFLcrRvk=
content-encoding: gzip
date: Tue, 12 Jul 2022 13:47:11 GMT
last-modified: Thu, 30 Jun 2022 15:20:22 GMT
vary: accept-encoding

GET
H2 200 id Show response
westthomsoncom.sc.omtrdc.net/ 2 B
322 B 62ms
18ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=14333475360115233960112733345698172099&ts=1657633631193

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-69c8d8cc76-655hq
vary: Origin
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Ys17XwAAAH8ogwNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=14077006861840720820143534425904839189
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys17XwAAAH8ogwNx

42 B
942 B

33ms
33ms

Image
image/gif

52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys17XwAAAH8ogwNx

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-0a30736eb.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: EpCpbw91Qh0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys17XwAAAH8ogwNx
Date: Tue, 12 Jul 2022 13:47:11 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
westservicesinc.tt.omtrdc.net/rest/v1/ 358 B
726 B 150ms
50ms XHR
application/json 79.125.52.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=9ad7f6370b634b3ca19666fe0971aa28&version=2.7.0
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.52.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-52-138.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2a941c851c2798e3e5fb28e895addaa97716630413ecc83d49a19818ade1ae87

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.thomsonreuters.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 45f930d008b4ad5e9bacfef003c182d4

OPTIONS
H2 200 auth
auth.split.io/api/v2/ Frame 0
0 412ms
100ms Preflight
application/json 52.55.203.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?users=anonymous

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.203.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-203-115.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Access-Control-Request-Method: GET
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.thomsonreuters.com
content-length: 4
content-type: application/json; charset=utf-8
date: Tue, 12 Jul 2022 13:47:11 GMT
strict-transport-security: max-age=15770000; includeSubdomains

GET
H2 200 auth Show response
auth.split.io/api/v2/ 696 B
1 KB 100ms
100ms Fetch
application/json 52.55.203.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/v2/auth?users=anonymous

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.55.203.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-55-203-115.compute-1.amazonaws.com

Software

Resource Hash

fc7b6209100e01ab3ae401721bb9b821b6216b1fdc7a012d7febbe682ce73868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer: https://www.thomsonreuters.com/
Authorization: Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.17.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
strict-transport-security: max-age=15770000; includeSubdomains
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thomsonreuters.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length: 696

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/ 409 KB
65 KB 22ms
20ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/143d5191-c678-49f6-8ac0-376dfe324de7/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TscT8/g6J4N6PovEsmWNuQ==
age: 11791
vary: Accept-Encoding
content-length: 66415
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jul 2022 12:46:32 GMT
server: cloudflare
etag: 0x8DA633B622C3708
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 412d5dae-701e-003f-543b-956f3a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 729a3ab33cf15bf5-FRA
expires: Tue, 12 Jul 2022 17:47:11 GMT

GET
H2 200 modules.7bcaeac04d4bc1ef02cf.js Show response
script.hotjar.com/ 244 KB
63 KB 113ms
8ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7bcaeac04d4bc1ef02cf.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

aa5bd37a8dce1b3a65824a4b5a87cfc657ed1c86cfca91060ad0951e67d5450b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 11:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7205
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64267
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 11:46:53 GMT
etag: "7fe8ccb82c01bd5268cb8c3c5258ad11"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _NbFJi2JlKwwmMV_m74dc75Dkdd4BuaWSIY-fpbF7ly7nVTeKUwzSw==

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 12 KB
3 KB 26ms
23ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otFlat.json

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DKM3/i+7h7Fs8cEMor3s2A==
age: 426
vary: Accept-Encoding
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C572DA86E8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bec2c92d-801e-002a-669c-2cada3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 729a3ab39da85bf5-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.16.0/assets/ 62 KB
15 KB 25ms
24ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.16.0/assets/otPcCenter.json

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YaY1oSnUSTaZJLZwfr9VDQ==
age: 343
vary: Accept-Encoding
content-length: 14978
x-ms-lease-status: unlocked
last-modified: Thu, 06 May 2021 19:30:47 GMT
server: cloudflare
etag: 0x8D910C5734D5AA0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 3ad90e27-101e-012b-7ce5-29ea0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 729a3ab39dac5bf5-FRA

GET
H2 200 box-5e0db0f25ef573fe233efc0372d38d69.html Show response
vars.hotjar.com/ Frame 1379 2 KB
1 KB 37ms
9ms Document
text/html 108.157.4.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e0db0f25ef573fe233efc0372d38d69.html

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-122.dus51.r.cloudfront.net

Software

Resource Hash

897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.thomsonreuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437764
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 12:11:07 GMT
etag: "247bae6bc5dfc2c9bd258e7b3935cacc"
last-modified: Thu, 07 Jul 2022 12:11:03 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
x-amz-cf-id: BV4cvTbVU_RiuUkBLTEVMz_RV3xZUxKrKCb8g9MuKPMg0z4V54mHUw==
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 167ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Jul 2022 12:13:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Jul 2022 13:47:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Jul 2022 13:47:11 GMT

GET
H2 200 1042.0bc648c8.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 167 KB
38 KB 9ms
8ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/1042.0bc648c8.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36474c083ddbbf1f854ee0edc340a5740efa40d37e8f718f998988e5002d34e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 09:42:21 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:28 GMT
server: AmazonS3
age: 14691
etag: W/"d073357dd2664f119022db7654dd89ea"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: rJElKgck52w8mK9cf-lCkAXfMKPSSJzaek4ghErlYwrhIBd96XFgRw==

GET
H2 200 917.ae2f6584.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 16 KB
6 KB 11ms
11ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/917.ae2f6584.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce2fd7eacc0ec52a8af7d2f419eea3ad1e19301894d133ae90ab54836bab2b70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 12:39:12 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:40 GMT
server: AmazonS3
age: 4080
etag: W/"9dc45b57fef5889278df1dc1d68853ff"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: imPBK_PaoB8rnvu29Ny_VtKEMVoKeb_kl0xmN0Zrx_zlxHXK_LU7BA==

GET
H2 200 879.acee92e9.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/ 3 KB
1 KB 12ms
12ms Stylesheet
text/css 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/879.acee92e9.chunk.css
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f9d76fe2f0e9422ffc184d5e3db35778170f7ec0ec0237f582782e50b8f9e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 12:39:12 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:25 GMT
server: AmazonS3
age: 4080
etag: W/"e9c95481cf501a4cdf9cd03b5e3c09a2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: aiyp14oE4TECRcwkikAVkf1kSJvvMLksixm_hKRxrboO4zUTWDwWQA==

GET
H2 200 879.45b71b65.chunk.js Show response
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/ 13 KB
4 KB 25ms
25ms Script
application/javascript 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/js/879.45b71b65.chunk.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 842273542b709d23d0324523ffbdab273466de5aa1948d49efbf4c46a04bc65d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 12:39:12 GMT
content-encoding: br
last-modified: Fri, 08 Jul 2022 01:35:39 GMT
server: AmazonS3
age: 4080
etag: W/"18308a6fec4f2c24e46ba427ebbc1277"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
cache-control: max-age=86400,immutable
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: HmnYK9aB6oerTXnvgpxavP0IgGIzq3byk6AXS3EOeZkuNj8nPCmVLQ==

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 23ms
8ms Font
binary/octet-stream 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:42:58 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3517454
x-cache: Hit from cloudfront
content-length: 39408
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "de994d71a311e3119703dd67ef632f04"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: cvc6nX7EImcSS60i4ugzdId5rQSU6YJoQ0LnjwElYlNZ5sQT9s95Ag==

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
1 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82b6809e1668fc6916b86e758db176595d4be4dc8b8f7642a3efacc4ed80d6a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 615
x-xss-protection: 1; mode=block
expires: Tue, 12 Jul 2022 13:47:11 GMT

GET
H2 200 knowledge2017-black-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 39 KB
39 KB 7ms
7ms Font
binary/octet-stream 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 09 May 2022 09:13:37 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5546015
x-cache: Hit from cloudfront
content-length: 39444
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "3327c2a7977db98e49b5369fcafc658c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: lr3ZTVG4U_LcLfKW8VQoUPbFokrbsBHBVe0Ggga8yCv9Xrm81DZ2vw==

GET
H2 200 translations.interact.en_us.json Show response
www.thomsonreuters.com/content/ue-settings/endpointsMapping/ 187 KB
53 KB 11ms
10ms Fetch
application/json 2600:9000:2490:8000:1b:b66f:bac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:8000:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

84348bde040d5e202cda48dff77da005689aeaa008f8b78cc13e793211aaae9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
adrum: isAjax:true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-dispatcher: dispatcher1useast1
date: Mon, 11 Jul 2022 20:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60480
x-vhost: www.thomsonreuters.com
x-cache: Hit from cloudfront
vary: Accept-Encoding,User-Agent
content-length: 53287
x-ua-compatible: IE=edge
server: Apache
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=utf-8
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: Yo12t7JUVVCkg4p-_ES2TH382hphBbETuKxa-gvYW_SpsVoubLB4qg==

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame A3D4 0
98 B 108ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=14077006861840720820143534425904839189
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thomsonreuters.com/
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jul 2023 13:30:38 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1846625/ 147 B
323 B 262ms
36ms XHR
application/json 34.253.52.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.52.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-52-76.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 1846625 Show response
vc.hotjar.io/sessions/ 0
257 B 97ms
42ms XHR
text/plain 143.204.89.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1846625?s=0.25&r=0.19416818259149604
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-13.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:11 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: ZgERAHPoFd6mjo6SHaKqwbfeK85kIV7NVBvp8VpdEDRuO5zYfCms2w==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 8ms
7ms Font
binary/octet-stream 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 08 May 2022 20:37:18 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 5591394
x-cache: Hit from cloudfront
content-length: 39336
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "9423006fb52301a35a4ce76f99e114af"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: p3phlRqYvYLgZal4_C7fcXyO7cPWM-EvX7UGxbY1Stau4YciaUvzMg==

GET
H2 200 knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/ 38 KB
39 KB 9ms
9ms Font
binary/octet-stream 2600:9000:236e:6400:15:d837:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2
Requested by: Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:6400:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d

Request headers

Referer: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.8.7/static/css/app-main.68a68692.chunk.css
Origin: https://www.thomsonreuters.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 28 May 2022 08:11:10 GMT
via: 1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 3908162
x-cache: Hit from cloudfront
content-length: 39304
last-modified: Tue, 08 Dec 2020 19:37:11 GMT
server: AmazonS3
etag: "20dca63d8ee3254b712c7171ae987713"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=365000000,immutable
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: J7sYiwc7J00oCT0bAw0q-E8_JSA2gwbzX4EpeavoWuWIdZoIxL3eKg==

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A3D4 70 B
265 B 109ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame CFE4 42 KB
22 KB 69ms
69ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=tpl5e9dceqjs

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45df5b15bc8106ffbfc12eb1a4b3b901da4f8f2167befb5eaba15404ac1213f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XPmTIlfQWOy3OXQgOSNEEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thomsonreuters.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22475
content-security-policy: script-src 'report-sample' 'nonce-XPmTIlfQWOy3OXQgOSNEEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jul 2022 13:47:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST content
ws28.hotjar.com/api/v2/sites/1846625/recordings/ 0
0

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=rRXUSaxFgR22FYIeqUWaHKlGhh-2Q44ZqEN7t8Pb
dpm.demdex.net/ Frame A3D4
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=rRXUSaxFgR22FYIeqUWaHKlGhh-2Q44ZqEN7t8Pb

42 B
942 B

33ms
33ms

Image
image/gif

52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=rRXUSaxFgR22FYIeqUWaHKlGhh-2Q44ZqEN7t8Pb

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-06c8bd902.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ASR1Eg2gRIk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=rRXUSaxFgR22FYIeqUWaHKlGhh-2Q44ZqEN7t8Pb
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame CFE4 51 KB
24 KB 111ms
37ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=tpl5e9dceqjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jul 2023 13:30:28 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame CFE4 366 KB
145 KB 126ms
53ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:30:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jul 2023 13:30:38 GMT

GET
H/1.1

200
OK

ibs:dpid=22052&dpuuid=3628567480397463621
dpm.demdex.net/ Frame A3D4
Redirect Chain

https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628567480397463621

42 B
942 B

35ms
35ms

Image
image/gif

52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628567480397463621

Requested by

Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay

Protocol

HTTP/1.1

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v036-0b44e8463.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: TGkEBE7AQ8I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location: https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628567480397463621
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185
expires: 0,Wed, 13 Jul 2022 09:47:12 GMT

GET
H/1.1 200
OK user
bttrack.com/dmp/adobe/ Frame A3D4 35 B
380 B 380ms
93ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=14077006861840720820143534425904839189
Requested by: Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-ServerName: Track001-iad
Pragma: no-cache
Date: Tue, 12 Jul 2022 13:47:12 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CFE4 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 410823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 14 Jul 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFE4 15 KB
16 KB 119ms
36ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 8947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Jul 2023 11:18:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CFE4 15 KB
15 KB 129ms
47ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 586044
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Jul 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame CFE4 102 B
132 B 46ms
45ms Other
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=tpl5e9dceqjs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Tue, 12 Jul 2022 13:47:12 GMT

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame A3D4
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=14077006861840720820143534425904839189?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=14077006861840720820143534425904839189?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
960 B

30ms
30ms

Image
image/gif

52.17.114.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Protocol

HTTP/1.1

Server

52.17.114.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-17-114-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0329ac7ab.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,300
X-TID: 2h/lzRgoRgw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires: 0
cache-control: no-cache
x-server: 10.45.15.17
content-length: 0
x-consent: absent

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame CFE4 32 KB
19 KB 95ms
94ms XHR
application/json 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c589f8b3b47a399791b693ea64b1d164d68b6454a5881eeecfd7a9da096fa12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=tpl5e9dceqjs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19164
x-xss-protection: 1; mode=block
expires: Tue, 12 Jul 2022 13:47:12 GMT

GET
H2 200 RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js Show response
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/ 818 B
746 B 7ms
6ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8f8b4e66310f27eda90f44c558f8715554a45a03d3756ea8942fd6af21b29d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 14:39:09 GMT
server: AkamaiNetStorage
etag: "60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 476
expires: Tue, 12 Jul 2022 14:47:12 GMT

GET
H2 200 / Show response
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 7 KB
4 KB 97ms
35ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df187e9d103d463cee0f4a12438fe86e16de8d76b0e813725c4cc3e5a1da1b9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 127226
cf-polished: origSize=8435
cf-ray: 729a3abbb87f9b6e-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"20f3-MkAkOp+BcpJ6tNVYy7z3sHG/4Gs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 adrum-ext.361b3b153792d5d05ed515f5d0eb94f2.js Show response
cdn.appdynamics.com/ 52 KB
20 KB 8ms
7ms Script
application/javascript 52.222.214.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.361b3b153792d5d05ed515f5d0eb94f2.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-101.fra56.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: be0021d361a3ad560c2020ef296d192cc2688ba0a14486c84d212d4ecc5c9917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 03:52:04 GMT
content-encoding: gzip
age: 2195708
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 15 Feb 2022 09:22:44 GMT
server: nginx/1.16.1
etag: W/"620b70e4-ceee"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ouIwmKmanqtEQk4MiFACwcqRRbtA22kvZoHetnz0QwE2-x9K5zS5Lw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXMxN1h3QUFBSDhvZ3dOeA==
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXMxN1h3QUFBSDhvZ3dOeA==&google_tc=

170 B
188 B

110ms
44ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXMxN1h3QUFBSDhvZ3dOeA==&google_tc=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXMxN1h3QUFBSDhvZ3dOeA==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 verifyCaptcha Show response
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ 22 B
1 KB 191ms
191ms Fetch
application/json 2600:9000:20ae:4c00:16:3030:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:4c00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thomsonreuters.com/
Authorization: Bearer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
authorization: Bearer
sec-fetch-dest: empty
x-tr-cloudfront-api-gateway: d1uy6ivt6fb41q
cloudfront-forwarded-proto: https
host: api.thomsonreuters.com
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
accept: application/json, text/plain, */*
cache-control: no-cache
referer: https://www.thomsonreuters.com/
access-control-allow-headers
sec-fetch-mode: cors
date: Tue, 12 Jul 2022 13:47:13 GMT
via: 1.1 917d84214d5399fe14aa14be6a8c686c.cloudfront.net (CloudFront), 1.1 558f7ecd43929b77c262a9b755d6b164.cloudfront.net (CloudFront)
origin: https://www.thomsonreuters.com
cloudfront-is-desktop-viewer: true
x-amz-cf-pop: WAW50-C1
x-cache: Miss from cloudfront
x-forwarded-proto: https
content-length: 22
cloudfront-is-smarttv-viewer: false
x-tr-verify-origin: KVQNW0A5gwXPHbo7vbn3l
cloudfront-viewer-country: DE
cloudfront-is-mobile-viewer: false
x-forwarded-for: 2a03:1b20:6:f011::5e, 64.252.88.23
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
access-control-max-age: 3628800
pragma: no-cache
cloudfront-is-tablet-viewer: false
sec-fetch-site: same-site
x-forwarded-port: 443
x-amz-cf-id: qb6uTiO2B-kjjWKKNu16yEysgZ-XiuyooQtVcIcdYIE_gGsMdavxCA==

OPTIONS
H2 200 verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame 0
0 269ms
76ms Preflight 2600:9000:20ae:4c00:16:3030:f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:4c00:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thomsonreuters.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept: */*
accept-encoding: gzip, deflate, br
access-control-allow-credentials: true
access-control-allow-headers: authorization, content-type
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3628800
access-control-request-headers: authorization,content-type
access-control-request-method: POST
cache-control: no-cache
cloudfront-forwarded-proto: https
cloudfront-is-desktop-viewer: true
cloudfront-is-mobile-viewer: false
cloudfront-is-smarttv-viewer: false
cloudfront-is-tablet-viewer: false
cloudfront-viewer-country: DE
content-length: 0
date: Tue, 12 Jul 2022 13:47:12 GMT
host: api.thomsonreuters.com
origin: https://www.thomsonreuters.com
pragma: no-cache
referer: https://www.thomsonreuters.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: same-site
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
via: 1.1 83fe6a38efd2cb679b6d6de69c4e9d22.cloudfront.net (CloudFront), 1.1 558f7ecd43929b77c262a9b755d6b164.cloudfront.net (CloudFront)
x-amz-cf-id: F4NtInq84osozUfy_gRT1bHEHqlcpbjRVh8P7p5sJFj8LLZT6HjE8A==
x-amz-cf-pop: WAW50-C1
x-cache: Miss from cloudfront
x-forwarded-for: 2a03:1b20:6:f011::5e, 64.252.86.153
x-forwarded-port: 443
x-forwarded-proto: https
x-tr-cloudfront-api-gateway: d1uy6ivt6fb41q
x-tr-verify-origin: KVQNW0A5gwXPHbo7vbn3l

GET
H2 200 11.54adbdbb9a8be27dd267.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 59 KB
19 KB 34ms
33ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/11.54adbdbb9a8be27dd267.chunk.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc3ce119b309bf134b6759ea912834c542547e7cde2c10c89969ab10987e92d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46935
cf-polished: origSize=61658
cf-ray: 729a3abbf8ff9b6e-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jun 2022 18:11:05 GMT
server: cloudflare
etag: W/"f0da-181824f9ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Ys17XwAAAH8ogwNx&expires=90

0
239 B

61ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Ys17XwAAAH8ogwNx&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1657633633.669521,VS0,VE0
x-served-by: cache-hhn4038-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Ys17XwAAAH8ogwNx&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 9 KB
2 KB 229ms
229ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d2d08272140170daa52ad84ba5d6296ac594239ee2deabbda9075f9adf63d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 9f91f0448ec587ba
cf-ray: 729a3abc497e9b6e-FRA

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ys17XwAAAH8ogwNx
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ys17XwAAAH8ogwNx&C=1

43 B
943 B

62ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ys17XwAAAH8ogwNx&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 729a3abd6c599171-FRA
pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhsVBE3gLJLzHsielLoGFH4%2FB4nRqrevqGQmpxbi88ULOQEQEuuHBpcuWlTYkPqNOPBuRMhinRYyAIm4cdaVdFyUyyCy0p3q6IiHWNRnDfp732Sp588hFAa1z%2BMzzyW65iInAJpUzYEmSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFSRcq60smxP5exqiWGMdC2UMmU%2BzC3X%2BNnY106qfb1cuRBGcnrkc3uIRkRqcrKmXEqhJ5GnjVx9xC1E2FHeNznTVwEYg6iclBhphGIWQCZzA1k%2FmphsM%2B9zY%2BC4oQ24Q2%2FWjk0CInOzpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=Ys17XwAAAH8ogwNx&C=1
cache-control: no-cache
cf-ray: 729a3abd1b426973-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Ys17XwAAAH8ogwNx
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYs17XwAAAH8ogwNx

43 B
1 KB

13ms
13ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYs17XwAAAH8ogwNx

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jul 2022 13:47:12 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3fc66de8-462c-42c7-87ea-3131c2be5eb6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 12 Jul 2022 13:47:12 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a8a9923b-f288-4df3-b93d-06572698a634
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYs17XwAAAH8ogwNx
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 39ms
39ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08491a7c7eaf07f3a8aef1cf800569ac6cb844681a27b68b452b6da6d7deebb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46556
cf-polished: origSize=105073
cf-ray: 729a3abdbc309b6e-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jun 2022 18:11:05 GMT
server: cloudflare
etag: W/"19a71-181824f9ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 4.a5e1c7ebed7ff35696d4.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
916 B 38ms
38ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/4.a5e1c7ebed7ff35696d4.chunk.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72543d2292f693639fc69c1fb96bea6405ad0d5dce90e0bd1ba0a1d750e3e7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46914
cf-polished: origSize=2539
cf-ray: 729a3abe1ced9b6e-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jun 2022 18:11:05 GMT
server: cloudflare
etag: W/"9eb-181824f9ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.ee7c4f816e32b8932821.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
6 KB 31ms
31ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.ee7c4f816e32b8932821.chunk.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30891369dc9cc3fffa39ce9ef4c17bfe0a26d12ff2292f207d72c41132ba4106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46914
cf-polished: origSize=29269
cf-ray: 729a3abe1cef9b6e-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jun 2022 18:11:05 GMT
server: cloudflare
etag: W/"7255-181824f9ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 FeedbackButtonModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 64 KB
24 KB 36ms
36ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46198
cf-polished: origSize=66436
cf-ray: 729a3abe1cf09b6e-FRA
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jun 2022 18:11:05 GMT
server: cloudflare
etag: W/"10384-181824f9ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 1 KB
728 B 104ms
70ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=27&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 100333
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Jul 2022 09:55:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Thu, 08 Jul 2032 09:55:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 729a3abe5c059951-FRA
servershortname

GET
H2 200 Asset.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 2 KB
1 KB 77ms
44ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=22&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 100333
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control: max-age=604800
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 11 Jul 2022 09:55:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
expires: Thu, 08 Jul 2032 09:55:00 GMT
cache-control: public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials: false
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 729a3abe5c069951-FRA
servershortname

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ys17XwAAAH8ogwNx

43 B
275 B

116ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ys17XwAAAH8ogwNx
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:13 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1657633633.978222,VS0,VE0
x-served-by: cache-hhn4038-HHN
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Ys17XwAAAH8ogwNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ys17XwAAAH8ogwNx

1 B
449 B

492ms
158ms

Image
text/html

104.36.113.107
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ys17XwAAAH8ogwNx
Protocol: H2
Server: 104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1657633633.079518,VS0,VE0
x-served-by: cache-hhn4038-HHN
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Ys17XwAAAH8ogwNx
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 / Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 45 B
222 B 130ms
130ms XHR
text/plain 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch&r=1657633633089

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-22.2.0.3616.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 12 Jul 2022 13:47:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thomsonreuters.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 67a4f690aab2c039
cf-ray: 729a3abedcc89951-FRA

GET
H2 200 wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ 256 B
574 B 34ms
34ms Image
image/png 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thomsonreuters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 13:47:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11568682
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time: 6
cf-bgj: imgq:85,h2pri
vary: Accept-Encoding
content-length: 256
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Feb 2022 00:33:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: max-age=315360000, public
trace-id: 0f438752c2e165b3
cf-ray: 729a3abede639b6e-FRA
servershortname
expires: Thu, 26 Feb 2032 16:15:51 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Ys17XwAAAH8ogwNx&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Ys17XwAAAH8ogwNx&img=1&__user_check__=1&sync_id=2252f6f7-01e9-11ed-99cb-14f0ef8b0106

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Ys17XwAAAH8ogwNx&img=1&__user_check__=1&sync_id=2252f6f7-01e9-11ed-99cb-14f0ef8b0106
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 13:47:13 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 97
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 12 Jul 2022 13:47:13 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Ys17XwAAAH8ogwNx&img=1&__user_check__=1&sync_id=2252f6f7-01e9-11ed-99cb-14f0ef8b0106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 101
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame A3D4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Ys17XwAAAH8ogwNx&t=2592000&o=0

43 B
533 B

65ms
40ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Ys17XwAAAH8ogwNx&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

document-policy: force-load-at-top
pragma: public
x-fb-debug: EQN7pVfagCNFIIOjZiPpKLpTZulFvobFj+kbHApoKKBa8b0AtK6+TJ1vOWU23mi3xPsBv71myZ+zv9UhKX6kGA==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Jul 2022 06:47:13 PDT
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
strict-transport-security: max-age=15552000; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
expires: Tue, 12 Jul 2022 06:47:13 PDT

Redirect headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1657633633.281230,VS0,VE0
x-served-by: cache-hhn4038-HHN
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Ys17XwAAAH8ogwNx&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame A3D4 0
232 B 120ms
28ms Image
text/html 52.19.104.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=14077006861840720820143534425904839189&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.104.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-104-106.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westthomson.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jul 2022 13:47:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK adrum Show response
fra-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EC-AAB-MCE/ 0
439 B 84ms
16ms XHR
text/html 3.65.158.65

General

Check archive.org

Show headers Download Go to

Full URL

https://fra-col.eum-appdynamics.com/eumcollector/beacons/browser/v1/EC-AAB-MCE/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.361b3b153792d5d05ed515f5d0eb94f2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.158.65 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thomsonreuters.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jul 2022 13:47:17 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ws28.hotjar.com
URL: https://ws28.hotjar.com/api/v2/sites/1846625/recordings/content

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 08:46:25	Name: _GRECAPTCHA Value: 09ALiR6T-MZv4c3GSeElo9Vmq0SWs7fVdPW7ho0SwF5CRmmNMsfKEX7jx-HnqRh5Y9c7RpQGWCAQ8nQXsLMl1IJYI
ue.thomsonreuters.com/	1970-01-20 04:37:18	Name: AWSALB Value: zKYEmm+WDDcEtqzg4Xbpvw5jKWtX46fCfGwZ4E8PVUscci2nkpQkF4qNv0xQUWrnYQu5fG7f4cpV/JcXCAFrl1c0cr7z9X3A9xJQndZSF6kDlFAhXWYkDBI98Iyq
ue.thomsonreuters.com/	1970-01-20 04:37:18	Name: AWSALBCORS Value: zKYEmm+WDDcEtqzg4Xbpvw5jKWtX46fCfGwZ4E8PVUscci2nkpQkF4qNv0xQUWrnYQu5fG7f4cpV/JcXCAFrl1c0cr7z9X3A9xJQndZSF6kDlFAhXWYkDBI98Iyq
.thomsonreuters.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 08:46:25	Name: demdex Value: 14077006861840720820143534425904839189
.thomsonreuters.com/	1969-12-31 23:59:59	Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 13:12:49	Name: everest_g_v2 Value: g_surferid~Ys17XwAAAH8ogwNx
.thomsonreuters.com/	1970-01-20 22:01:18	Name: mbox Value: session#9ad7f6370b634b3ca19666fe0971aa28#1657635492\|PC#9ad7f6370b634b3ca19666fe0971aa28.37_0#1720878432
.dpm.demdex.net/	1970-01-20 08:46:25	Name: dpm Value: 14077006861840720820143534425904839189
.thomsonreuters.com/	1970-01-20 13:12:49	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jul+12+2022+13%3A47%3A11+GMT%2B0000+(GMT)&version=6.16.0&isIABGlobal=false&hosts=&consentId=f091c006-8b9e-4e65-b372-5eb00715c4e9&interactionCount=0&landingPath=https%3A%2F%2Fwww.thomsonreuters.com%2Fen-us%2Faccount%2Fbilling%2Fguest%2Fpay&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.thomsonreuters.com/	1970-01-20 21:59:52	Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19186%7CMCMID%7C14333475360115233960112733345698172099%7CMCAAMLH-1658238431%7C6%7CMCAAMB-1658238431%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1657640831s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19193%7CvVersion%7C5.3.0
.thomsonreuters.com/	1970-01-20 13:12:49	Name: _hjSessionUser_1846625 Value: eyJpZCI6IjM0ZGNiOTViLWJjMWUtNTY3MC1hYjQxLTk4OGNkMmU0ZGNiZCIsImNyZWF0ZWQiOjE2NTc2MzM2MzE3MDYsImV4aXN0aW5nIjpmYWxzZX0=
.thomsonreuters.com/	1970-01-20 04:27:15	Name: _hjFirstSeen Value: 1
www.thomsonreuters.com/	1970-01-20 04:27:13	Name: _hjIncludedInSessionSample Value: 1
.thomsonreuters.com/	1970-01-20 04:27:15	Name: _hjSession_1846625 Value: eyJpZCI6IjZhODFkODJmLTNlMTQtNGZjMS1iOGM2LWY2M2IwNTBkNTM4NyIsImNyZWF0ZWQiOjE2NTc2MzM2MzE3OTAsImluU2FtcGxlIjp0cnVlfQ==
www.thomsonreuters.com/	1970-01-20 04:27:13	Name: _hjIncludedInPageviewSample Value: 1
.thomsonreuters.com/	1970-01-20 04:27:15	Name: _hjAbsoluteSessionInProgress Value: 1
www.thomsonreuters.com/	1970-01-20 04:37:18	Name: AWSALB Value: lQCrSdkv/A9xbHTxTDhDgcn4cLyEEyR4Qpk5GraTwmmxki3PIovA1wvO2ABlXaUiPodRPYfE+wNx9Gk+diEN9yi2ZiFiTdUqhCaxeqQwlUkOzmMIQRmOapYFKWN2
www.thomsonreuters.com/	1970-01-20 04:37:18	Name: AWSALBCORS Value: lQCrSdkv/A9xbHTxTDhDgcn4cLyEEyR4Qpk5GraTwmmxki3PIovA1wvO2ABlXaUiPodRPYfE+wNx9Gk+diEN9yi2ZiFiTdUqhCaxeqQwlUkOzmMIQRmOapYFKWN2
.quantserve.com/	1970-01-20 06:36:49	Name: d Value: EIABDAHMJrmvYA
.quantserve.com/	1970-01-20 13:57:28	Name: mc Value: 62cd7b60-2532b-12a12-d943d
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.doubleclick.net/	1970-01-20 04:27:14	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 13:12:49	Name: CMID Value: Ys17YJJyioaNVtUs1jjFRwAA
.casalemedia.com/	1970-01-20 06:36:49	Name: CMPS Value: 5126
.casalemedia.com/	1970-01-20 06:36:49	Name: CMPRO Value: 5126
.casalemedia.com/	1970-01-20 06:36:49	Name: CMTS Value: 1120
.adnxs.com/	1970-01-20 06:36:49	Name: uuid2 Value: 6762429523655166262
.adnxs.com/	1970-01-20 06:36:49	Name: anj Value: dTM7k!M4.FErk#WF']wIg2E?]rL_Zq!]tbPl1MwL(!R7qUY$+iXr=(>YWJXB:AOUsCaU>NHi30I<QG=%9sk?bIRwi:w9Ld1_BOAW17Mco/y@Yw#ttP^*tMC9
.spotxchange.com/	1970-01-20 05:07:32	Name: audience Value: 2252f6b2-01e9-11ed-99cb-14f0ef8b0106
.demdex.net/	1970-01-20 08:46:25	Name: dextp Value: 60-1-1657633631785\|477-1-1657633631900\|903-1-1657633632001\|1175-1-1657633632109\|22052-1-1657633632210\|49276-1-1657633632311\|121998-1-1657633632462\|144230-1-1657633632563\|144231-1-1657633632664\|144232-1-1657633632765\|144233-1-1657633632866\|144234-1-1657633632975\|144235-1-1657633633075\|144236-1-1657633633176\|144237-1-1657633633277\|444422-1-1657633633378
.pubmatic.com/	1970-01-20 06:36:49	Name: KRTBCOOKIE_218 Value: 4056-Ys17XwAAAH8ogwNx&KRTB&22978-Ys17XwAAAH8ogwNx&KRTB&23194-Ys17XwAAAH8ogwNx&KRTB&23209-Ys17XwAAAH8ogwNx
.pubmatic.com/	1970-01-20 05:10:25	Name: PugT Value: 1657633632

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=14077006861840720820143534425904839189 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://script.hotjar.com/modules.7bcaeac04d4bc1ef02cf.js(Line 1) Message: WebSocket connection to 'wss://ws28.hotjar.com/api/v2/client/ws' failed: Error during WebSocket handshake: Unexpected response code: 503
javascript	error	URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay Message: Access to XMLHttpRequest at 'https://ws28.hotjar.com/api/v2/sites/1846625/recordings/content' from origin 'https://www.thomsonreuters.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ws28.hotjar.com/api/v2/sites/1846625/recordings/content Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thomsonreuters.com
app-data.gcs.trstatic.net
assets.adobedtm.com
auth.split.io
bttrack.com
cdn.appdynamics.com
cdn.cookielaw.org
cdn.pendo.io
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fra-col.eum-appdynamics.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
ml314.com
partner.mediawallahscript.com
pixel.quantserve.com
pixel.rubiconproject.com
script.hotjar.com
sdk.split.io
siteintercept.qualtrics.com
static.hotjar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
ue.thomsonreuters.com
us-u.openx.net
vars.hotjar.com
vc.hotjar.io
westservicesinc.tt.omtrdc.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
ws28.hotjar.com
www.facebook.com
www.google.com
www.gstatic.com
www.thomsonreuters.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
ws28.hotjar.com
104.17.209.240
104.18.19.126
104.36.113.107
108.157.4.122
142.250.186.34
143.204.89.100
143.204.89.13
15.236.176.210
151.101.194.49
151.101.67.9
185.94.180.125
192.132.33.46
2600:9000:20ae:4c00:16:3030:f80:93a1
2600:9000:223f:c00:1f:aa31:7740:93a1
2600:9000:2315:6800:2:b30e:75c0:93a1
2600:9000:236e:6400:15:d837:3240:93a1
2600:9000:2490:8000:1b:b66f:bac0:93a1
2606:4700:4400::6812:2962
2606:4700::6810:9440
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2004
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2003
2a02:26f0:3500:587::1e80
2a03:2880:f11c:8083:face:b00c:0:25de
3.33.220.150
3.65.158.65
34.111.234.236
34.253.52.76
35.244.159.8
35.244.174.68
37.252.172.250
52.17.114.133
52.19.104.106
52.222.214.101
52.222.236.43
52.31.107.150
52.55.203.115
54.220.48.180
54.77.35.16
69.173.144.165
79.125.52.138
04020b5f52f5da2e0e675cf7ef8698211d1f56b0fb71350734322121d6000a01
06f3386698f2e2b406c5116ff20046ae709e967e6e43a96b309fcf4132569263
08491a7c7eaf07f3a8aef1cf800569ac6cb844681a27b68b452b6da6d7deebb0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad
0f9d76fe2f0e9422ffc184d5e3db35778170f7ec0ec0237f582782e50b8f9e98
0fc3ce119b309bf134b6759ea912834c542547e7cde2c10c89969ab10987e92d
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
22285089f75b4ec006bf9dafe15618af5d85ff7c2d691a372fbecd5970e69179
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
2a941c851c2798e3e5fb28e895addaa97716630413ecc83d49a19818ade1ae87
2b37ad99d40d246b3dc0c7b50e061641c5b77d4d693fe99ce54b15abc29471d9
30891369dc9cc3fffa39ce9ef4c17bfe0a26d12ff2292f207d72c41132ba4106
32bcdcca22ec69d0260328a2397c9f2f9ee9dde9feb3c5e62ca9d621ad6a3e24
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
36474c083ddbbf1f854ee0edc340a5740efa40d37e8f718f998988e5002d34e6
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
373d80c29f8043e1ed4309ed102932ed03ed5c9095130207dc0a9b782af7e96a
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f
45df5b15bc8106ffbfc12eb1a4b3b901da4f8f2167befb5eaba15404ac1213f0
4912bc842eca70b74c068038b7a574723b6beb33d1c7f67d78b0344df5ab01ca
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2725c23994d35d4b6d3f4e8d8b4d04f91507585eb77f6f2249c661b75d9e07
4daf758ab25a711fd5c657d6e0d6a0008a3561eb7e3df5a2c5eaa8625b488094
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4973b00026bbf533b6d1e06aa13f2b5aa07aa93359b86bcdc5ce1b5d2319b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56a6fe27e1a05a26a91b8cac886b3d7e87a3cf29e0247dd850a2970bc8db5965
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83
687ecd8fde52954c5779c454fdc51f2db85c152854271e3f50d2bb8c26b0c170
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33
6a1ea58ec0bbf5557ae618e208906ccd5517bb25a7011f9112fee5922626744a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c589f8b3b47a399791b693ea64b1d164d68b6454a5881eeecfd7a9da096fa12
6f5e14e1a1e09da007090ee39fb9e09f101b3f1602e87ae7125cba053642e3d7
72543d2292f693639fc69c1fb96bea6405ad0d5dce90e0bd1ba0a1d750e3e7d3
72dacf15b7d930846d907934ef712d7cae936d780d27be788c103146fb25c15c
7658f119cdfec4824bc546d9f021c3a83024bc1c6bb22ed85aae8e31fb4cfa85
78c58c20d59b393a6dbd1e47eea124023e938148ddf9cb1009d65dbea9ba63f6
7a02fa24d00e85788351eb8db1f4d4a112b622874ec886713a43549612ccfdcc
7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8055a5390e8415c32dabdfce4ab036b0ca74b46bee2d107679f5242065d151ed
82b6809e1668fc6916b86e758db176595d4be4dc8b8f7642a3efacc4ed80d6a7
842273542b709d23d0324523ffbdab273466de5aa1948d49efbf4c46a04bc65d
84348bde040d5e202cda48dff77da005689aeaa008f8b78cc13e793211aaae9a
897abc95dfdec58fb982dcb66bbc2c1773e69df30001bf925678464903bf9e53
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8b4e66310f27eda90f44c558f8715554a45a03d3756ea8942fd6af21b29d74
949c22d9c4a7ca3a05ecca4587c90bf881d9730fb41df10b249310e87796e9fe
aa5bd37a8dce1b3a65824a4b5a87cfc657ed1c86cfca91060ad0951e67d5450b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b62eeb81d5ae0e6d40a19f88af4d6580a9e6e377e0b13f996f3c41f35a83566c
b8ba8f02c7aede6bcb2fa344dac5829ff21357237469a12d975ab682ffafecfa
be0021d361a3ad560c2020ef296d192cc2688ba0a14486c84d212d4ecc5c9917
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a
c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d
ce2fd7eacc0ec52a8af7d2f419eea3ad1e19301894d133ae90ab54836bab2b70
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
df187e9d103d463cee0f4a12438fe86e16de8d76b0e813725c4cc3e5a1da1b9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55
f0d2d08272140170daa52ad84ba5d6296ac594239ee2deabbda9075f9adf63d0
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fc7b6209100e01ab3ae401721bb9b821b6216b1fdc7a012d7febbe682ce73868
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fe381786aefd59411b2fcbf3c1ab82d992793c0cd95ffdb0f269b8442eb351ba
fed81eae18853543f5ef3ae26a001e33d4f489bca2958b5afc8ca5abc84cf91f
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d

www.thomsonreuters.com Open in urlscan Pro 2600:9000:2490:8000:1b:b66f:bac0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

86 %HTTPS

33 %IPv6

33 Domains

45 Subdomains

38 IPs

6 Countries

2575 kBTransfer

9896 kBSize

33 Cookies

3 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thomsonreuters.com Open in urlscan Pro
2600:9000:2490:8000:1b:b66f:bac0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

86 %
HTTPS

33 %
IPv6

33
Domains

45
Subdomains

38
IPs

6
Countries

2575 kB
Transfer

9896 kB
Size

33
Cookies

96 HTTP transactions
3 data transactions