www.thomsonreuters.com Open in urlscan Pro
2600:9000:206f:6e00:1b:b66f:bac0:93a1  Public Scan

URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Submission: On July 06 via manual from US — Scanned from DE

Summary

This website contacted 37 IPs in 8 countries across 31 domains to perform 95 HTTP transactions. The main IP is 2600:9000:206f:6e00:1b:b66f:bac0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.thomsonreuters.com. The Cisco Umbrella rank of the primary domain is 83855.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 11th 2022. Valid for: a year.
This is the only time www.thomsonreuters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2600:9000:206... 16509 (AMAZON-02)
4 2a02:26f0:300... 20940 (AKAMAI-ASN1)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.64.119.68 16509 (AMAZON-02)
23 2600:9000:206... 16509 (AMAZON-02)
5 54.77.200.211 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 65.9.66.91 16509 (AMAZON-02)
1 79.125.65.240 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
1 1 99.80.65.197 16509 (AMAZON-02)
1 63.34.179.114 16509 (AMAZON-02)
4 151.101.131.9 54113 (FASTLY)
1 2600:9000:205... 16509 (AMAZON-02)
2 54.145.191.224 14618 (AMAZON-AES)
1 18.66.2.109 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 108.157.4.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 52.51.233.122 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 34.111.234.236 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 18.202.123.28 16509 (AMAZON-02)
8 8 151.101.66.49 54113 (FASTLY)
1 2 142.250.185.194 15169 (GOOGLE)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 104.18.18.126 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 37.252.173.215 29990 (ASN-APPNEX)
8 104.17.209.240 13335 (CLOUDFLAR...)
1 35.244.159.8 15169 (GOOGLE)
2 2600:9000:206... 16509 (AMAZON-02)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a03:2880:f11... 32934 (FACEBOOK)
3 104.17.208.240 13335 (CLOUDFLAR...)
1 3.251.15.4 16509 (AMAZON-02)
95 37
Apex Domain
Subdomains
Transfer
23 trstatic.net
app-data.gcs.trstatic.net — Cisco Umbrella Rank: 28704
2 MB
11 qualtrics.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 827
89 KB
9 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 850
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
2 KB
7 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 450
115 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
347 KB
6 split.io
sdk.split.io — Cisco Umbrella Rank: 3054
auth.split.io — Cisco Umbrella Rank: 3503
16 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
westthomson.demdex.net — Cisco Umbrella Rank: 57434
9 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 8
41 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 627
script.hotjar.com — Cisco Umbrella Rank: 904
vars.hotjar.com — Cisco Umbrella Rank: 917
in.hotjar.com — Cisco Umbrella Rank: 1509
68 KB
4 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 418
115 KB
4 thomsonreuters.com
www.thomsonreuters.com — Cisco Umbrella Rank: 83855
api.thomsonreuters.com — Cisco Umbrella Rank: 130943
56 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
1 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
2 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
2 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
853 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 716
587 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321
140 B
2 omtrdc.net
westthomsoncom.sc.omtrdc.net — Cisco Umbrella Rank: 122187
westservicesinc.tt.omtrdc.net — Cisco Umbrella Rank: 137202
1 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 2490
57 KB
1 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 2143
232 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
545 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 865
225 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 387
275 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
239 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 755
380 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1532
342 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 443
491 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
265 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
917 B
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1006
143 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 766
457 B
95 31
Domain Requested by
23 app-data.gcs.trstatic.net www.thomsonreuters.com
cdn.appdynamics.com
app-data.gcs.trstatic.net
10 siteintercept.qualtrics.com cdn.appdynamics.com
8 sync-tm.everesttech.net 8 redirects
7 cdn.cookielaw.org www.thomsonreuters.com
cdn.cookielaw.org
cdn.appdynamics.com
5 dpm.demdex.net assets.adobedtm.com
www.thomsonreuters.com
4 www.gstatic.com cdn.appdynamics.com
www.google.com
www.gstatic.com
4 www.google.com cdn.appdynamics.com
www.google.com
www.gstatic.com
4 sdk.split.io cdn.appdynamics.com
4 assets.adobedtm.com www.thomsonreuters.com
assets.adobedtm.com
cdn.appdynamics.com
2 sync.search.spotxchange.com 1 redirects
2 api.thomsonreuters.com cdn.appdynamics.com
2 ib.adnxs.com 1 redirects www.thomsonreuters.com
2 fonts.gstatic.com www.google.com
2 dsum-sec.casalemedia.com 1 redirects www.thomsonreuters.com
2 cm.g.doubleclick.net 1 redirects www.thomsonreuters.com
2 sync.crwdcntrl.net 2 redirects
2 idsync.rlcdn.com www.thomsonreuters.com
2 auth.split.io cdn.appdynamics.com
2 cdn.appdynamics.com www.thomsonreuters.com
cdn.appdynamics.com
2 www.thomsonreuters.com cdn.appdynamics.com
1 partner.mediawallahscript.com
1 www.facebook.com
1 image2.pubmatic.com
1 us-u.openx.net
1 zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com cdn.appdynamics.com
1 pixel.rubiconproject.com www.thomsonreuters.com
1 bttrack.com www.thomsonreuters.com
1 ml314.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 in.hotjar.com cdn.appdynamics.com
1 match.adsrvr.org www.thomsonreuters.com
1 fonts.googleapis.com client
1 vars.hotjar.com cdn.appdynamics.com
1 script.hotjar.com cdn.appdynamics.com
1 cdn.pendo.io cdn.appdynamics.com
1 westservicesinc.tt.omtrdc.net cdn.appdynamics.com
1 cm.everesttech.net 1 redirects
1 westthomsoncom.sc.omtrdc.net cdn.appdynamics.com
1 westthomson.demdex.net cdn.appdynamics.com
1 static.hotjar.com cdn.appdynamics.com
1 geolocation.onetrust.com cdn.appdynamics.com
95 41

This site contains links to these domains. Also see Links.

Domain
privacyportal-cdn.onetrust.com
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
www.thomsonreuters.com
COMODO RSA Organization Validation Secure Server CA
2022-01-11 -
2023-01-11
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-10 -
2022-09-10
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-21 -
2022-07-22
a year crt.sh
app-data.gcs.trstatic.net
COMODO RSA Organization Validation Secure Server CA
2020-08-17 -
2022-08-17
2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-17 -
2023-03-07
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-11 -
2022-10-12
a year crt.sh
*.split.io
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-12-24 -
2023-01-25
a year crt.sh
cdn.pendo.io
Amazon
2021-08-29 -
2022-09-27
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-21 -
2023-04-20
a year crt.sh
*.google.com
GTS CA 1C3
2022-06-20 -
2022-09-12
3 months crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-04 -
2023-05-04
a year crt.sh
api.thomsonreuters.com
COMODO RSA Organization Validation Secure Server CA
2021-07-27 -
2022-07-27
a year crt.sh
*.mediawallahscript.com
Amazon
2022-05-04 -
2023-06-01
a year crt.sh

This page contains 4 frames:

Primary Page: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Frame ID: 761809715E6409BFCCC801662AA4EFAC
Requests: 68 HTTP requests in this frame

Frame: https://westthomson.demdex.net/dest5.html?d_nsid=0
Frame ID: F71B5B0EB33A962F8150558F379F1413
Requests: 17 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: BF99BB2E5F228E0B8C4D3BBAF7819A36
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Frame ID: 69B99BFA3D7477FB99C778307B5DD9B8
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Pay without signing in | Thomson ReutersBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

95
Requests

87 %
HTTPS

32 %
IPv6

31
Domains

41
Subdomains

37
IPs

8
Countries

2625 kB
Transfer

9433 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://cm.everesttech.net/cm/dd?d_uuid=18184799670623470611455469261439267213 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsWXbAAAAHUCywNe
Request Chain 60
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HuZkNBHjMWIFtTE0G-UqZBrkP2UF5T4zHuEE_oFW
Request Chain 62
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628428670293508302
Request Chain 65
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=18184799670623470611455469261439267213?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=18184799670623470611455469261439267213?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Request Chain 66
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXNXWGJBQUFBSFVDeXdOZQ== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXNXWGJBQUFBSFVDeXdOZQ==&google_tc=
Request Chain 69
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsWXbAAAAHUCywNe&expires=90
Request Chain 70
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsWXbAAAAHUCywNe HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsWXbAAAAHUCywNe&C=1
Request Chain 75
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YsWXbAAAAHUCywNe HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYsWXbAAAAHUCywNe
Request Chain 80
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsWXbAAAAHUCywNe
Request Chain 83
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsWXbAAAAHUCywNe
Request Chain 86
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsWXbAAAAHUCywNe&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsWXbAAAAHUCywNe&img=1&__user_check__=1&sync_id=2638d448-fd35-11ec-81b7-141922060306
Request Chain 88
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsWXbAAAAHUCywNe&t=2592000&o=0

95 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request pay
www.thomsonreuters.com/en-us/account/billing/guest/
4 KB
2 KB
Document
General
Full URL
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
17b869fc70bc4ad6cec59b04ce8129e9b3e56137b27937141f1c961f3f55f143
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
392
cache-control
max-age=86400
content-disposition
inline
content-encoding
gzip
content-length
1603
content-type
text/html;charset=utf-8
date
Wed, 06 Jul 2022 14:02:11 GMT
etag
"ef0-5e2721372e800-gzip"
expires
Thu, 07 Jul 2022 14:02:11 GMT
last-modified
Mon, 27 Jun 2022 18:27:44 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,User-Agent
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-id
j0lmG5H9soUM8b5chIkv2axOhfjJ9E1qGMl_LYHj-74WCtqFzZYUsQ==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-dispatcher
dispatcher1useast1
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-vhost
www.thomsonreuters.com
launch-f185a872eb60.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/
317 KB
88 KB
Script
General
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000:28a::1e80 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:43 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:08 GMT
server
AkamaiNetStorage
etag
"d352069223c4b31c3d2f628b829b8a1b:1649342348.617182"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
90003
expires
Wed, 06 Jul 2022 15:08:43 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
20 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
4m3LBpuQ5au3un+sbdTm6g==
age
1567
vary
Accept-Encoding
content-length
6922
x-ms-lease-status
unlocked
last-modified
Mon, 04 Jul 2022 02:38:02 GMT
server
cloudflare
etag
0x8DA5D66372E5D82
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75a9b1d0-a01e-0097-1652-8fbb2f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7268ea013f9d9b3f-FRA
adrum-21.4.0.3405.js
cdn.appdynamics.com/adrum/
102 KB
37 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-68.txl50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
51a1f8053f3e51386a72383b9e18e584eeebd125506d926352246e35e9899cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 17:17:34 GMT
content-encoding
gzip
age
1803069
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Apr 2021 17:00:56 GMT
server
nginx/1.16.1
etag
W/"60787148-199ed"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 d9a3650110a8e2b78edd73b33e0fa948.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
TXL50-P4
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
47Vysqjm937BoBAtKwNAPwWAUZ0CLY05IENC0ET70FS4VfqWomF76w==
bootstrap.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/
182 KB
59 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/bootstrap.js
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47bb42e9612dd5e9b0b0267b2c2b910de701f117e5354efddf15b8b8c7bdb6ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:53 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:51:49 GMT
server
AmazonS3
age
9891
etag
W/"bb5399acd30014e36f44981652189c73"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
bCZ_HDmWcjbbaTbPHDxNRvH8dfBsp1f42imo6oFwkc8XfvhFv_QTyQ==
id
dpm.demdex.net/
4 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7D63BC75245AE300A490D4D%40AdobeOrg&d_nsid=0&ts=1657116523817
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9ede12dc2f671304b18585c6a3617845fecf9e3485b2384cef1339ca46210a19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v036-079b26c03.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
YBeUqwFaQ+U=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thomsonreuters.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1316
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/
45 KB
17 KB
Script
General
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/EXf40681589cca41cbbd146d12808ccaaa-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000:28a::1e80 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:43 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:09 GMT
server
AkamaiNetStorage
etag
"60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
16755
expires
Wed, 06 Jul 2022 15:08:43 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/launch-f185a872eb60.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000:28a::1e80 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:43 GMT
content-encoding
gzip
last-modified
Mon, 18 Oct 2021 21:37:16 GMT
server
AkamaiNetStorage
etag
"66be6e24d6b0c77126d28b9abcd4eb38:1634593036.81505"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8761
expires
Wed, 06 Jul 2022 15:08:43 GMT
8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json
cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/8ee31738-23a6-4340-9e0c-3c2473ee5344-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c256cfd873477a40e46c41b337bbf8d2a94531dda7c8f8733a976f5059153164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
MNGQNUu/SuzwMpENEvoHmg==
content-length
1659
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 15:37:10 GMT
server
cloudflare
etag
0x8DA591C1103A356
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
4fb20782-101e-0006-3241-912f9e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7268ea0218d09b43-FRA
825.d0f5a421.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
1 MB
357 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/825.d0f5a421.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39a29e428e990ea39f18cb10a5caa1578368fd0b02e20ca49633498122b35957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:50 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:52:04 GMT
server
AmazonS3
age
51113
etag
W/"5acdf2dcd154c8220e93036650000943"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
QypI4qVfqaXvGVQNpWLV7x1r5cunxC4Whhu82QAcDYUdC35ivKvwTQ==
app-main.dbe36ff2.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/
360 KB
66 KB
Stylesheet
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6cd5952222320f5cddab5230d3ff827f74333378967cb2ea4b3986568438f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:53 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:51:51 GMT
server
AmazonS3
age
9890
etag
W/"24dd6a8436e6a8524e4f93c8cfff1ca4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
CHq4L0lgR3d8aZLPUoRNZzXtv8AuY2fKzP4MkDVzsM9--fTmZDekkQ==
app-main.11ec7a1c.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
553 KB
106 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/app-main.11ec7a1c.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2660449130e5037387a84bb794ed44026a306d273b35c62f3fca8a9a85bbd157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:50 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:52:07 GMT
server
AmazonS3
age
51113
etag
W/"eead0b7ab130206690386ccc04e674e2"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
vVYXP1GNJaDb2oWlgSLhLAqFZ1HE19-dIPPbqfdLBKaMHRKSBt63EQ==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
182 B
457 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:43 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7268ea02bec9916e-FRA
access-control-allow-headers
Content-Type
hotjar-1846625.js
static.hotjar.com/c/
7 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1846625.js?sv=6
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-91.fra56.r.cloudfront.net
Software
/
Resource Hash
30ddac53f046a0b7d2cb1249463a0146352d6f928c64e3cb18b357139783aa50
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C1
x-cache-hit
1
date
Wed, 06 Jul 2022 14:08:43 GMT
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-amz-cf-id
uI6FvErAfuXuthDtmpZGcijLzvT4LV2U6XRdPwggEEAq69MfI68EmA==
etag
W/7f63bb33dbf9cbd9f61f86511156d286
dest5.html
westthomson.demdex.net/ Frame F71B
7 KB
3 KB
Document
General
Full URL
https://westthomson.demdex.net/dest5.html?d_nsid=0
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.65.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-65-240.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v036-0edf12844.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
9u3UOpdoTrI=
content-encoding
gzip
date
Wed, 6 Jul 2022 14:08:44 GMT
last-modified
Thu, 30 Jun 2022 15:20:23 GMT
vary
accept-encoding
id
westthomsoncom.sc.omtrdc.net/
2 B
322 B
XHR
General
Full URL
https://westthomsoncom.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=A7D63BC75245AE300A490D4D%40AdobeOrg&mid=18244903242047805151468085763481585499&ts=1657116523963
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-qrrgd
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YsWXbAAAAHUCywNe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=18184799670623470611455469261439267213
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsWXbAAAAHUCywNe
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsWXbAAAAHUCywNe
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-023a167f8.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mHA9QZZcRPs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YsWXbAAAAHUCywNe
Date
Wed, 06 Jul 2022 14:08:44 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
westservicesinc.tt.omtrdc.net/rest/v1/
358 B
726 B
XHR
General
Full URL
https://westservicesinc.tt.omtrdc.net/rest/v1/delivery?client=westservicesinc&sessionId=81b33a9de3e944968ba4d8147d285a32&version=2.7.0
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.179.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-179-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0e36c38efea4f9b1b2d3909a1478e718867c08e30a11b3be4fa8cc15c242e414

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thomsonreuters.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
6a085724dea2fdcb715854d4651729e8
anonymous
sdk.split.io/api/mySegments/ Frame
0
0
Preflight
General
Full URL
https://sdk.split.io/api/mySegments/anonymous
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Wed, 06 Jul 2022 14:08:44 GMT
retry-after
0
server
Varnish
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4025-HHN
x-timer
S1657116524.117163,VS0,VE0
splitChanges
sdk.split.io/api/ Frame
0
0
Preflight
General
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
content-length
37
date
Wed, 06 Jul 2022 14:08:44 GMT
retry-after
0
server
Varnish
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4025-HHN
x-timer
S1657116524.117255,VS0,VE0
anonymous
sdk.split.io/api/mySegments/
17 B
449 B
Fetch
General
Full URL
https://sdk.split.io/api/mySegments/anonymous
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.17.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
via
1.1 varnish, 1.1 varnish
etag
"1000002--gzip"
age
27461
x-cache
HIT, HIT
content-encoding
gzip
content-length
37
x-request-id
27vbwtdhpy1
x-served-by
cache-iad-kiad7000081-IAD, cache-hhn4025-HHN
x-timer
S1657116524.124905,VS0,VE1
date
Wed, 06 Jul 2022 14:08:44 GMT
vary
Origin, Accept-Encoding, Authorization
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kcgs7200140-IAD-e1e81a2d-c851-4af1-91a7-42e6700da69d; cache-hhn4073-HHN-b3185d97-7a38-40f8-92c9-0f112cc467bd
accept-ranges
bytes
x-cache-hits
1, 1
splitChanges
sdk.split.io/api/
239 KB
15 KB
Fetch
General
Full URL
https://sdk.split.io/api/splitChanges?since=-1
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c053f28cc7760f80d7c8accdb0f2469628050e6d670fd8fbb840af3a34b943e
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.17.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=15770000; includeSubDomains
content-encoding
gzip
etag
"639458070--gzip"
age
0
x-cache
MISS, MISS
content-length
15103
via
1.1 varnish, 1.1 varnish
x-request-id
27vs9eofkl6
x-served-by
cache-iad-kjyo7100115-IAD, cache-hhn4025-HHN
last-modified
Tue, 05 Jul 2022 07:30:20 GMT
x-timer
S1657116524.124902,VS0,VE113
date
Wed, 06 Jul 2022 14:08:44 GMT
vary
Origin, Accept-Encoding, Authorization
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-ID
cache-control
no-transform, max-age=60, s-maxage=60
trace
cache-iad-kjyo7100115-IAD-46595764-c799-4935-a45c-388ff9715628; cache-hhn4025-HHN-cc16b696-b047-49d8-b3ee-e1e4b8773ec7
accept-ranges
bytes
x-cache-hits
0, 0
pendo.js
cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/
462 KB
143 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/c183da5c-6428-49db-630c-466bec8b0b27/pendo.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5c00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6145057c81d76634cf22c7285f7328fd165d068a433e44d54de4f7638bc86f2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:02:12 GMT
Content-Encoding
gzip
Age
392
X-GUploader-UploadID
ADPycdvGLuksrY4l8GXEAE_m9O_xMC3R-eBC_YxTZCeoLLiJaVYMs6WrB4hdRS7uXh4yJj2zCm8z8IbpBod_hgMbY7xQ
X-Cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
145742
Access-Control-Allow-Origin
*
Last-Modified
Thu, 30 Jun 2022 19:13:32 GMT
Server
UploadServer
ETag
"07d3aa9648bf45b3258723210d3f38bd"
Vary
Accept-Encoding
x-goog-hash
crc32c=bOlLQQ==, md5=B9Oqlki/RbMlhyMhDT84vQ==
x-goog-generation
1656616412271369
Via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
145742
X-Amz-Cf-Pop
FRA6-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
MPrsgD0ZIq4cSpok1XnuSl1L-jyBdNvwGeA6ySp_0BMRfLI6WFlWbQ==
Expires
Wed, 06 Jul 2022 14:09:42 GMT
1.fe7ec45c.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
26 KB
9 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/1.fe7ec45c.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66e4c75ba6881841031de09716a854158277d4d6d7a0d4980c40cf24dd7530bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:54 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:51:53 GMT
server
AmazonS3
age
9891
etag
W/"c0c983c0ec76befafc675a6f0e3dc643"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
N8P5dA_ESDIzZQNl9BpK3OJ6SpAkLRdUU-BWva9stZCUrDZE-CRs-g==
2.485a0507.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
30 KB
10 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/2.485a0507.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0615200896979053b0becdaafccbe9f86acbd89c2b8ffb79dd39bf0177d5d708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:52 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:51:55 GMT
server
AmazonS3
age
51113
etag
W/"c3775e3cb5baad3b5eb9634b13116f9f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
InoMGfpt4CaHACDhNFoFjZlDHejPVl_x3bmOKMgsn1vilQfbVxD6YA==
3.0bbafbd2.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
15 KB
5 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/3.0bbafbd2.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
615c466963cbc0318ba7d031927e5103bf797f321ae8047910616eef28d082fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:52 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:51:57 GMT
server
AmazonS3
age
51113
etag
W/"5c492187f8d780b16ab5062ea590db07"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
36JrS7nAxNnZbCsVgO1ecQq52cM4RxdrOUZ0wXzKRR7fxZlUK7IYgw==
6.650ff13a.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
13 KB
4 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/6.650ff13a.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc1f36e2ce4b411e21280efb1af9cff3f4f32c495fdeda795f7042f18680937c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:52 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:52:01 GMT
server
AmazonS3
age
51113
etag
W/"f31bc5e895d3773c23a5cad9c852bf56"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
oCn0wKTaRmrbhugHB1bNVu2QJYLYZS6UtE3tTgtoME3XHEOOLctEOA==
components-app.d356bf16.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/components-app.d356bf16.chunk.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23137f2b810eadf65ff9f5ccda1351dde21a5949f798c0b5bf1c0870b0b7b39d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:52 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:51:51 GMT
server
AmazonS3
age
51113
etag
W/"c7e3d17d49d54fed88767c8dffbd3999"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
I5lHEiQ1p89r8PCuj-Wz3f5eAoup7bNGLuGHFcOAasL4zByCbmynYw==
components-app.35415773.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
3 MB
725 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/components-app.35415773.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5796b782b77ce0e82a5ab3546b2778cbda10faa76b6ea2ef124053a001052b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:54 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:52:07 GMT
server
AmazonS3
age
9891
etag
W/"add2f9fe098fafddd0cf27706f3cab73"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
8_V6LwQe8LAT0aKq3Y140WVDNfsEB7UWRK6qzfg4vx6WaaVitnDKVQ==
interact-localizaion-provider.9bf18982.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
3 KB
2 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/interact-localizaion-provider.9bf18982.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b69ea7dc57a582224ac85ec33e7d5e1b124b7526e3b044126f6be261f2695198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:52 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:52:07 GMT
server
AmazonS3
age
51113
etag
W/"27faaa504ed560a504544471df5d726f"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
-KvZqj3G_pBzL7jw2TiZYypvcLdCFQ6eb0WR0kD4cm4jg_ev797e8g==
937.c3ea9587.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
2 KB
1 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/937.c3ea9587.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb8669222665e8d693c27eef275e9af383003fb486db6ecd1b9f7601a7e92242

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:54 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:52:06 GMT
server
AmazonS3
age
9891
etag
W/"6239dbb7799be9767aa0ad4a905a55f3"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
JXKIvx9Xh_9amPl8cvNwM89RjXqL9M17jGWu5Y-Mg3KUcs-ZcTV8DQ==
936.80980b03.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
8 KB
4 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/936.80980b03.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88af7a7e6b915e9f4eeba18f5be76482ca202076df4b51cabe88f3b5766ff501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:54 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:52:06 GMT
server
AmazonS3
age
9891
etag
W/"65ae7ce5abbef38d4108392ff98a3c62"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
mhebdphCI2yvY6CPWAG0_30zqPlCujZphwcVZuJOjsor3O_eH431Hw==
940.7dc821bc.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
2 KB
1 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/940.7dc821bc.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca1912e88dad83a4313d3d52b19bbb35751e2a92a45eb795a8eb8bbaf26728c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 23:56:52 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:52:06 GMT
server
AmazonS3
age
51113
etag
W/"0a1749d4173b2f714f0bf2f3818811f5"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nj7JwPdJr8lMD9g9z3rGFIKqdJ4x7dcbtvpF4nHvQdmZ1eVc0F0e_w==
935.dc898c89.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
1 KB
1 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/935.dc898c89.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02eff5a7253a4693dadcfd182372c3141e742e57d6529ee034e11f37e9c5d813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:54 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 16:52:06 GMT
server
AmazonS3
age
9891
etag
W/"9691c8bf7cedf16cec49b0445bdee89e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
OH6cg5UvX2Lw4oNhvTgo8-g0fZZc35QzQAA3ngDMXrANNF5lYg4QXg==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.22.0/
311 KB
74 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Uj6Yo16pL9bm0y1nKKjJjg==
age
1565
vary
Accept-Encoding
content-length
75930
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:18 GMT
server
cloudflare
etag
0x8D962BA8ADAEF03
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
50ea2ecc-801e-0107-22e1-296836000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7268ea03ab009b3f-FRA
auth
auth.split.io/api/v2/
696 B
1 KB
Fetch
General
Full URL
https://auth.split.io/api/v2/auth?users=anonymous
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.191.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-191-224.compute-1.amazonaws.com
Software
/
Resource Hash
17a86f088f39d8a5347638f1455529c0912d373538b95a3822de404a4f5f739a
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
application/json
Referer
https://www.thomsonreuters.com/
Authorization
Bearer s1t2ci8eh1r3mf0kmeu2js9p8fsbhi272kob
accept-language
de-DE,de;q=0.9
SplitSDKVersion
javascript-10.17.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
strict-transport-security
max-age=15770000; includeSubdomains
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thomsonreuters.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length
696
auth
auth.split.io/api/v2/ Frame
0
0
Preflight
General
Full URL
https://auth.split.io/api/v2/auth?users=anonymous
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.191.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-191-224.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15770000; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.thomsonreuters.com
content-length
4
content-type
application/json; charset=utf-8
date
Wed, 06 Jul 2022 14:08:44 GMT
strict-transport-security
max-age=15770000; includeSubdomains
modules.eaa59710f7e60ac1d235.js
script.hotjar.com/
243 KB
63 KB
Script
General
Full URL
https://script.hotjar.com/modules.eaa59710f7e60ac1d235.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-109.txl50.r.cloudfront.net
Software
/
Resource Hash
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
192398
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64077
access-control-allow-origin
*
last-modified
Mon, 04 Jul 2022 08:41:34 GMT
etag
"db52ab3b370d0f21f8ed961bf7934556"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1957d4cc5292a750b93cc06eb79b023e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
cu9Jl_tCl0sPKdZx-KYcqGJ5hsKYxvikq8zwd7UnlB7NFDZmrjVcBg==
365868.gif
idsync.rlcdn.com/ Frame F71B
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=18184799670623470611455469261439267213
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
en.json
cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ff059805-8ecd-4595-8c8d-1d261c8669b7/
31 KB
9 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/8ee31738-23a6-4340-9e0c-3c2473ee5344-test/ff059805-8ecd-4595-8c8d-1d261c8669b7/en.json
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0df209ed88f7530636ab1e8be9f18561bc56dff109dc41690159b97157220bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-md5
fUmSdeFfXM5uAsAlrzPWVg==
content-length
9390
x-ms-lease-status
unlocked
last-modified
Tue, 28 Jun 2022 15:37:16 GMT
server
cloudflare
etag
0x8DA591C1485B82D
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9a596f18-c01e-0122-7341-91f085000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7268ea03fc279b43-FRA
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame BF99
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-102.dus51.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
455325
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 07:39:59 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
x-amz-cf-id
ZF0Qr8vse6W1NspW3cCFmiIEowxX9__zZ9ThndHYkV6ecrWLurz5Gw==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
css
fonts.googleapis.com/
2 KB
917 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 13:27:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Jul 2022 14:08:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Jul 2022 14:08:44 GMT
365868.gif
idsync.rlcdn.com/ Frame F71B
0
42 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=18184799670623470611455469261439267213
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
otFlat.json
cdn.cookielaw.org/scripttemplates/6.22.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
eS/vZlhjCBp2QvELx7IrSQ==
age
9892
vary
Accept-Encoding
content-length
2950
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:10 GMT
server
cloudflare
etag
0x8D962BA867F281F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
e86d4a3d-c01e-0026-1aa1-424352000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7268ea057ecc9b43-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/6.22.0/assets/
62 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otPcCenter.json
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b63109325575d74839e7eb0f5ce7831eb488d70ff7549b77b20463351a3433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
0zNJrhCoPGSM6hOdGkVidg==
age
9892
vary
Accept-Encoding
content-length
14838
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:10 GMT
server
cloudflare
etag
0x8D962BA862FE7E2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
7b307dcc-f01e-000c-31a1-423617000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7268ea057ece9b43-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.22.0/assets/
20 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
F/Fs54+x9bQK/ULkNRp4fA==
age
9892
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 19 Aug 2021 02:39:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d4cd13fe-801e-0125-0fa1-420600000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
7268ea057ed09b43-FRA
1042.abd563a3.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
164 KB
41 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/1042.abd563a3.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4bbcdb26a4c6b25aee391646f910c720c6a261ea61eeef39914a86936067336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:55 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:51:54 GMT
server
AmazonS3
age
9890
etag
W/"61cf0493279dfecd144d8966351e9a5c"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GnaYvlbqNVFlWFESyPMGM3MUKQqVklvbzeiTLaEiroSqX7x9V5Y2Eg==
916.c38ddb83.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
16 KB
6 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/916.c38ddb83.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8a9ed8ca2f50c5092a45a1307f9e36314a3c32ead64f988c3e40f8c15377a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:55 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:52:06 GMT
server
AmazonS3
age
9890
etag
W/"99bd70c3cb8e22c37123f85c3095aca4"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ctGWA57AuBcsi2ptVoI80fzb-oudlTQroByiBbXAWMHPWdJ-zHZFiA==
876.b90a5a82.chunk.css
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/876.b90a5a82.chunk.css
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7edf4f3d76ae7f4c604d5ae5ed696fc09972423fab606c07280f77fb6c87b58e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:55 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:51:50 GMT
server
AmazonS3
age
9890
etag
W/"ce8b72ee2622010dd2c5b14851750804"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GDowqstRS5gRWh68LI94XR4fxri7D3n_gSl9a7rzfzQd4p-18Uuxhw==
876.4883d895.chunk.js
app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/
13 KB
4 KB
Script
General
Full URL
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/js/876.4883d895.chunk.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e447bfb7a612922b0dd2f5d92b00d539c47c5a18ff2a8f0e3526164a701e930

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 11:23:55 GMT
content-encoding
gzip
last-modified
Mon, 27 Jun 2022 16:52:05 GMT
server
AmazonS3
age
9890
etag
W/"b3602522a55c1c063e13aa2fcec99f05"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
cache-control
max-age=86400,immutable
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
UXHDaKYR6SOSQgcDyCVnA31pU8almd2XXY3nnfq9dxS3GfzQrCfXIg==
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
13 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
knowledge2017-regular-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
38 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-regular-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:43:48 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
18134696
x-cache
Hit from cloudfront
content-length
39408
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"de994d71a311e3119703dd67ef632f04"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
syWbpEMQP_u7zz3vFL01OMM_rbpGJPVRRULZbjhAts1BYY2kVuQLkg==
enterprise.js
www.google.com/recaptcha/
974 B
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
82b6809e1668fc6916b86e758db176595d4be4dc8b8f7642a3efacc4ed80d6a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
615
x-xss-protection
1; mode=block
expires
Wed, 06 Jul 2022 14:08:44 GMT
generic
match.adsrvr.org/track/cmf/ Frame F71B
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
visit-data
in.hotjar.com/api/v2/client/sites/1846625/
147 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1846625/visit-data?sv=6
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.233.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-233-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 06 Jul 2022 14:08:44 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
knowledge2017-black-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
39 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-black-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:43:48 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
18134696
x-cache
Hit from cloudfront
content-length
39444
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"3327c2a7977db98e49b5369fcafc658c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
PpviWyW6MswphIoXFE5rIKE32xbBfFk8gd8xQKwpxEaqYEExxiz3PA==
translations.interact.en_us.json
www.thomsonreuters.com/content/ue-settings/endpointsMapping/
184 KB
52 KB
Fetch
General
Full URL
https://www.thomsonreuters.com/content/ue-settings/endpointsMapping/translations.interact.en_us.json
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6e00:1b:b66f:bac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f06ff71989c481fd52771f68ddaeec2073303089afed92bb21ded4e74ea66077
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.thomsonreuters.com/en-us/account/billing/guest/pay
adrum
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-dispatcher
dispatcher1useast1
date
Wed, 06 Jul 2022 14:02:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
391
x-vhost
www.thomsonreuters.com
x-cache
Hit from cloudfront
vary
Accept-Encoding,User-Agent
content-length
52399
x-ua-compatible
IE=edge
server
Apache
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
1LxiOUslhXHSJjZS-k2Mn5Uau8HsJkrJHVUTMjEfbDPuEERbCP0Nwg==
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
knowledge2017-light-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
38 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-light-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 08 May 2022 20:37:18 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
5074287
x-cache
Hit from cloudfront
content-length
39336
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"9423006fb52301a35a4ce76f99e114af"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
9i-lcAwAFB5sb2ECobkxJf8Z3Pfo1yIx0dp36LynntoWmcEUJqr4dg==
knowledge2017-medium-webfont.woff2
app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/
38 KB
39 KB
Font
General
Full URL
https://app-data.gcs.trstatic.net/wel-trdotcom/fonts/all-characters/knowledge2017-medium-webfont.woff2
Requested by
Host: app-data.gcs.trstatic.net
URL: https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5e00:15:d837:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d

Request headers

Referer
https://app-data.gcs.trstatic.net/emcm-ui/bundle-interact/v11.7.7/static/css/app-main.dbe36ff2.chunk.css
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 16:43:48 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
18134696
x-cache
Hit from cloudfront
content-length
39304
last-modified
Tue, 08 Dec 2020 19:37:11 GMT
server
AmazonS3
etag
"20dca63d8ee3254b712c7171ae987713"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=365000000,immutable
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
yJ0vnD1r-_iH-jD5sIBw5GoVzNKupUsFeHeYnr-Ma5nmmqvuvNynOg==
ibs:dpid=1175&&dpuuid=HuZkNBHjMWIFtTE0G-UqZBrkP2UF5T4zHuEE_oFW
dpm.demdex.net/ Frame F71B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HuZkNBHjMWIFtTE0G-UqZBrkP2UF5T4zHuEE_oFW
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HuZkNBHjMWIFtTE0G-UqZBrkP2UF5T4zHuEE_oFW
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-0459dd4f0.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8dioDXqvRYM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=HuZkNBHjMWIFtTE0G-UqZBrkP2UF5T4zHuEE_oFW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thomsonreuters.com/
Origin
https://www.thomsonreuters.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 13:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Jul 2023 13:29:17 GMT
ibs:dpid=22052&dpuuid=3628428670293508302
dpm.demdex.net/ Frame F71B
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628428670293508302
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628428670293508302
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v036-01ec876b9.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
N9BYkw22Q4k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:44 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3628428670293508302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Thu, 07 Jul 2022 10:08:44 GMT
user
bttrack.com/dmp/adobe/ Frame F71B
35 B
380 B
Image
General
Full URL
https://bttrack.com/dmp/adobe/user?dd_uuid=18184799670623470611455469261439267213
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Wed, 06 Jul 2022 14:08:35 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
anchor
www.google.com/recaptcha/enterprise/ Frame 69B9
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2b3082aa2020e3316dcc41523bfa4e68b415cfb6e615be4e040a0bedfa2777a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k0Xzkp3Yqpfou3X9ljHI5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thomsonreuters.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22019
content-security-policy
script-src 'report-sample' 'nonce-k0Xzkp3Yqpfou3X9ljHI5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Jul 2022 14:08:45 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame F71B
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=18184799670623470611455469261439267213?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=18184799670623470611455469261439267213?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v036-0f8a6e6c1.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,300
X-TID
J5KwN2x9QR0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
expires
0
cache-control
no-cache
x-server
10.45.4.183
content-length
0
x-consent
absent
pixel
cm.g.doubleclick.net/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXNXWGJBQUFBSFVDeXdOZQ==
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXNXWGJBQUFBSFVDeXdOZQ==&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXNXWGJBQUFBSFVDeXdOZQ==&google_tc=
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXNXWGJBQUFBSFVDeXdOZQ==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 69B9
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 13:29:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Jul 2023 13:29:18 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 69B9
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 13:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Jul 2023 13:29:17 GMT
tap.php
pixel.rubiconproject.com/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsWXbAAAAHUCywNe&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsWXbAAAAHUCywNe&expires=90
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657116525.165726,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YsWXbAAAAHUCywNe&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsWXbAAAAHUCywNe
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsWXbAAAAHUCywNe&C=1
43 B
946 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YsWXbAAAAHUCywNe&C=1
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
7268ea0bf8bd9012-FRA
pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sM3JKZ4D5Rrz%2BLDxBPZe3nvk28PfJGgGy59iZAJ12yws5y9%2B0BLbp9LHRWljcfOBdW2YrzBmGqW6Lto2VeALoMG9eEzsCILNeov8PsLbez%2BNWLIR0R3GIqJPYnp%2FaSmciOZWhSoAmvWPnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SeYNEUhpKB%2BlWdR%2FPCOVTJr60tSLZGuiNYUQyl%2B02ab19YXO50J7fJLZymu8xw7SwRxCrJdLuzMveYQpaeBQAxLyczv3cNH2eh830ZYKmxw4zW%2FeT94Y0IKqxIwuHuSbd%2Fs8VG5EUdXV8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=88&external_user_id=YsWXbAAAAHUCywNe&C=1
cache-control
no-cache
cf-ray
7268ea0b49c2bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 69B9
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
68937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Jul 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69B9
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 11:18:05 GMT
x-content-type-options
nosniff
age
96640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69B9
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
68937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Jul 2023 18:59:48 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 69B9
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Wed, 06 Jul 2022 14:08:45 GMT
bounce
ib.adnxs.com/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YsWXbAAAAHUCywNe
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYsWXbAAAAHUCywNe
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYsWXbAAAAHUCywNe
Requested by
Host: www.thomsonreuters.com
URL: https://www.thomsonreuters.com/en-us/account/billing/guest/pay
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:08:45 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
24eca17a-8281-44b0-a808-e92978f18f8d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:08:45 GMT
X-Proxy-Origin
185.213.155.164; 185.213.155.164; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3fcdf782-c821-47f6-9c61-b70988640203
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYsWXbAAAAHUCywNe
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
reload
www.google.com/recaptcha/enterprise/ Frame 69B9
32 KB
19 KB
XHR
General
Full URL
https://www.google.com/recaptcha/enterprise/reload?k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3275aeb76cc88a679a8f109972b6b59785ca474a14cb659fb0ab83da6b1a6ef2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdwMF8bAAAAAG6QU0vx2y6BhJBDeGz2oH-qgLOZ&co=aHR0cHM6Ly93d3cudGhvbXNvbnJldXRlcnMuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=gcbaqdtte7ig
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19171
x-xss-protection
1; mode=block
expires
Wed, 06 Jul 2022 14:08:45 GMT
RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/
818 B
746 B
Script
General
Full URL
https://assets.adobedtm.com/fcbff6e82c08/0a7ea43badd2/fcdaac379ec5/RC7a8f7bfaa208418ab37895d1d9dbb2a4-source.min.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3000:28a::1e80 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8f8b4e66310f27eda90f44c558f8715554a45a03d3756ea8942fd6af21b29d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
gzip
last-modified
Thu, 07 Apr 2022 14:39:09 GMT
server
AkamaiNetStorage
etag
"60058a1ef1540e4b56bde2d37c92a5a5:1649342349.463671"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
476
expires
Wed, 06 Jul 2022 15:08:45 GMT
/
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/
7 KB
4 KB
Script
General
Full URL
https://zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1H2TgfBE4OS7bk9
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df187e9d103d463cee0f4a12438fe86e16de8d76b0e813725c4cc3e5a1da1b9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
159833
cf-polished
origSize=8435
cf-ray
7268ea0cdca19196-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"20f3-MkAkOp+BcpJ6tNVYy7z3sHG/4Gs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
adrum-ext.281eccdb0a28fe3b4dbfbf942f8b88ed.js
cdn.appdynamics.com/
51 KB
20 KB
Script
General
Full URL
https://cdn.appdynamics.com/adrum-ext.281eccdb0a28fe3b4dbfbf942f8b88ed.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.119.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-68.txl50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
0db43eba61b33934229b19b825b7bea29c3bb17fc1e3e1e43047d7772aae6036

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 02:53:11 GMT
content-encoding
gzip
age
731734
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Apr 2021 17:00:57 GMT
server
nginx/1.16.1
etag
W/"60787149-cc3d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
via
1.1 d9a3650110a8e2b78edd73b33e0fa948.cloudfront.net (CloudFront)
cache-control
public, max-age=2678400, s-max-age=14400
x-amz-cf-pop
TXL50-P4
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
RndXeQWL8TBUyV48QtN_rN8n27CYL8QVsxlYjjUw-cIjM4J8yLyCkg==
sd
us-u.openx.net/w/1.0/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsWXbAAAAHUCywNe
43 B
275 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsWXbAAAAHUCywNe
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657116526.515625,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YsWXbAAAAHUCywNe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/
22 B
1 KB
Fetch
General
Full URL
https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2400:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thomsonreuters.com/
Authorization
Bearer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
authorization
Bearer
sec-fetch-dest
empty
x-tr-cloudfront-api-gateway
d1uy6ivt6fb41q
cloudfront-forwarded-proto
https
host
api.thomsonreuters.com
cloudfront-viewer-asn
39351
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
accept
application/json, text/plain, */*
cache-control
no-cache
referer
https://www.thomsonreuters.com/
access-control-allow-headers
sec-fetch-mode
cors
date
Wed, 06 Jul 2022 14:08:45 GMT
via
1.1 497c95bea75bdc558e796b9362786cde.cloudfront.net (CloudFront), 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
origin
https://www.thomsonreuters.com
cloudfront-is-desktop-viewer
true
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-forwarded-proto
https
content-length
22
cloudfront-is-smarttv-viewer
false
x-tr-verify-origin
KVQNW0A5gwXPHbo7vbn3l
cloudfront-viewer-country
DE
cloudfront-is-mobile-viewer
false
x-forwarded-for
2a03:1b20:6:f011::4e, 64.252.86.153
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
access-control-max-age
3628800
pragma
no-cache
cloudfront-is-tablet-viewer
false
sec-fetch-site
same-site
x-forwarded-port
443
x-amz-cf-id
OcK22ItTuzIz2uNYfn2K-xOSZ-I9n1-cvh4DJGxv8YrzTpnZWHxA8Q==
verifyCaptcha
api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/ Frame
0
0
Preflight
General
Full URL
https://api.thomsonreuters.com/digital/unauth/v1/prod/tpAuthorizations/applications/SS/verifyCaptcha?apikey=lDHR3l3ARfKa1wdm3dAG1PkwzG14ZJV4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2400:16:3030:f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.thomsonreuters.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept
*/*
accept-encoding
gzip, deflate, br
access-control-allow-credentials
true
access-control-allow-headers
authorization, content-type
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3628800
access-control-request-headers
authorization,content-type
access-control-request-method
POST
cache-control
no-cache
cloudfront-forwarded-proto
https
cloudfront-is-desktop-viewer
true
cloudfront-is-mobile-viewer
false
cloudfront-is-smarttv-viewer
false
cloudfront-is-tablet-viewer
false
cloudfront-viewer-asn
39351
cloudfront-viewer-country
DE
content-length
0
date
Wed, 06 Jul 2022 14:08:45 GMT
host
api.thomsonreuters.com
origin
https://www.thomsonreuters.com
pragma
no-cache
referer
https://www.thomsonreuters.com/
sec-fetch-dest
empty
sec-fetch-mode
cors
sec-fetch-site
same-site
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
via
1.1 61ba5706b567909ff331929b2dc7dea8.cloudfront.net (CloudFront), 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
x-amz-cf-id
t6RnESzxOYuwrXD9N8peJQLicUbYX9VTq2DBWH8Vb68N5lkyvz1jZw==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-forwarded-for
2a03:1b20:6:f011::4e, 64.252.86.153
x-forwarded-port
443
x-forwarded-proto
https
x-tr-cloudfront-api-gateway
d1uy6ivt6fb41q
x-tr-verify-origin
KVQNW0A5gwXPHbo7vbn3l
Pug
image2.pubmatic.com/AdServer/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsWXbAAAAHUCywNe
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsWXbAAAAHUCywNe
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:46 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657116526.616945,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YsWXbAAAAHUCywNe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
11.54adbdbb9a8be27dd267.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
59 KB
18 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.54adbdbb9a8be27dd267.chunk.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thomsonreuters.com
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc3ce119b309bf134b6759ea912834c542547e7cde2c10c89969ab10987e92d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
134629
cf-polished
origSize=61658
cf-ray
7268ea0d2d0d9196-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Jun 2022 18:11:05 GMT
server
cloudflare
etag
W/"f0da-181824f9ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
9 KB
2 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1H2TgfBE4OS7bk9&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d2d08272140170daa52ad84ba5d6296ac594239ee2deabbda9075f9adf63d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
632cd928264636ed
cf-ray
7268ea0d6d619196-FRA
partner
sync.search.spotxchange.com/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsWXbAAAAHUCywNe&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsWXbAAAAHUCywNe&img=1&__user_check__=1&sync_id=2638d448-fd35-11ec-81b7-141922060306
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YsWXbAAAAHUCywNe&img=1&__user_check__=1&sync_id=2638d448-fd35-11ec-81b7-141922060306
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 14:08:45 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
13
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 06 Jul 2022 14:08:45 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YsWXbAAAAHUCywNe&img=1&__user_check__=1&sync_id=2638d448-fd35-11ec-81b7-141922060306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
0
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/
102 KB
32 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08491a7c7eaf07f3a8aef1cf800569ac6cb844681a27b68b452b6da6d7deebb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
134270
cf-polished
origSize=105073
cf-ray
7268ea0e4eff9196-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Jun 2022 18:11:05 GMT
server
cloudflare
etag
W/"19a71-181824f9ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
b.php
www.facebook.com/fr/ Frame F71B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsWXbAAAAHUCywNe&t=2592000&o=0
43 B
545 B
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsWXbAAAAHUCywNe&t=2592000&o=0
Protocol
H2
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 07:08:45 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
EYzqbMsIUXf6T3V/G1tM5K3lHnSRMWdn+mfSKfG9eL9hUYk89bHdlTz0UMEj9hJk1KmDpuyDDMeagI5xsOU/Lg==
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Wed, 06 Jul 2022 07:08:45 PDT

Redirect headers

pragma
no-cache
date
Wed, 06 Jul 2022 14:08:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1657116526.817384,VS0,VE0
x-served-by
cache-hhn4077-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YsWXbAAAAHUCywNe&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
4.a5e1c7ebed7ff35696d4.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
2 KB
906 B
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.a5e1c7ebed7ff35696d4.chunk.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72543d2292f693639fc69c1fb96bea6405ad0d5dce90e0bd1ba0a1d750e3e7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
134608
cf-polished
origSize=2539
cf-ray
7268ea0eaf999196-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Jun 2022 18:11:05 GMT
server
cloudflare
etag
W/"9eb-181824f9ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.ee7c4f816e32b8932821.chunk.js
siteintercept.qualtrics.com/dxjsmodule/
28 KB
7 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.ee7c4f816e32b8932821.chunk.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=web&Q_BRANDID=trdigital
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30891369dc9cc3fffa39ce9ef4c17bfe0a26d12ff2292f207d72c41132ba4106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
134608
cf-polished
origSize=29269
cf-ray
7268ea0eaf9a9196-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Jun 2022 18:11:05 GMT
server
cloudflare
etag
W/"7255-181824f9ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/
64 KB
24 KB
Script
General
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch&Q_BRANDID=trdigital
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
133987
cf-polished
origSize=66436
cf-ray
7268ea0eaf9b9196-FRA
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 20 Jun 2022 18:11:05 GMT
server
cloudflare
etag
W/"10384-181824f9ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
1 KB
1 KB
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6FOxLGDWV8ZY3Vc&Version=27&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
91491
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 05 Jul 2022 12:43:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 02 Jul 2032 12:43:55 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7268ea0f5f709b6a-FRA
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/
2 KB
629 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_5ux4YSn4LOG3uLQ&Version=22&Q_InterceptID=SI_6FOxLGDWV8ZY3Vc&Q_ORIGIN=https://www.thomsonreuters.com&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
91491
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
edge-control
max-age=604800
vary
Accept-Encoding
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 05 Jul 2022 12:43:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
expires
Fri, 02 Jul 2032 12:43:55 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
false
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7268ea0f5f739b6a-FRA
servershortname
/
partner.mediawallahscript.com/ Frame F71B
0
232 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=2011&partner_id=2021&uid=18184799670623470611455469261439267213&custom=&tag_format=img&tag_action=sync&sha1_hash=&sha256_hash=&md5_hash=&cb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.251.15.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-251-15-4.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://westthomson.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 06 Jul 2022 14:08:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
nginx/1.20.0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/
45 B
211 B
XHR
General
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_5ux4YSn4LOG3uLQ&Q_SIID=SI_6FOxLGDWV8ZY3Vc&Q_ASID=AS_83588521&Q_CLIENTVERSION=1.74.0&Q_CLIENTTYPE=webAdobeLaunch&r=1657116526032
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-21.4.0.3405.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thomsonreuters.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 06 Jul 2022 14:08:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thomsonreuters.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
0038ba569f5d7284
cf-ray
7268ea0fc8339b6a-FRA
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/
256 B
574 B
Image
General
Full URL
https://siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thomsonreuters.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 14:08:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
11051575
cf-polished
origSize=757
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
x-envoy-upstream-service-time
6
cf-bgj
imgq:85,h2pri
vary
Accept-Encoding
content-length
256
accept-ranges
bytes
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 23 Feb 2022 00:33:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=315360000, public
trace-id
0f438752c2e165b3
cf-ray
7268ea0fc93c9196-FRA
servershortname
expires
Thu, 26 Feb 2032 16:15:51 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| digitalData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| OneTrustStub function| OptanonWrapper object| ADRUM number| adrum-start-time function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| domain string| s_account object| s number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| webpackJsonp@dcl-ue/bundle-interact function| setImmediate function| clearImmediate object| regeneratorRuntime function| hj object| _hjSettings object| adrum-config object| pendo string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData function| cleanPII object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| webpackJsonpCoveo__temporary object| Coveo object| _ function| Globalize function| __extends object| trIdStitch object| Optanon object| OneTrust object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_392808 object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.74.0 object| _qsie

29 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AE5b5t1pVC9-UwordBNrQOkrezey5fqsATkvm8_IDoAG9NvtHUF6mLZM6-ZJ-qS4IJBJFs2nMyk83Aha6jQGy_4
.thomsonreuters.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 18184799670623470611455469261439267213
.thomsonreuters.com/ Name: AMCVS_A7D63BC75245AE300A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YsWXbAAAAHUCywNe
.thomsonreuters.com/ Name: mbox
Value: session#81b33a9de3e944968ba4d8147d285a32#1657118385|PC#81b33a9de3e944968ba4d8147d285a32.37_0#1720361325
.dpm.demdex.net/ Name: dpm
Value: 18184799670623470611455469261439267213
.thomsonreuters.com/ Name: AMCV_A7D63BC75245AE300A490D4D%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19180%7CMCMID%7C18244903242047805151468085763481585499%7CMCAAMLH-1657721323%7C6%7CMCAAMB-1657721323%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1657123724s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19187%7CvVersion%7C5.3.0
.thomsonreuters.com/ Name: _hjSessionUser_1846625
Value: eyJpZCI6IjQzYzk0YWIwLTc4MmUtNWIxZC1iYTZhLTkwNDNiNDk4ZDQ2YyIsImNyZWF0ZWQiOjE2NTcxMTY1MjQzNzMsImV4aXN0aW5nIjpmYWxzZX0=
.thomsonreuters.com/ Name: _hjFirstSeen
Value: 1
www.thomsonreuters.com/ Name: _hjIncludedInSessionSample
Value: 0
.thomsonreuters.com/ Name: _hjSession_1846625
Value: eyJpZCI6ImIxYzJjMWRjLWMwZGEtNDk5My05OWI5LWYwOTMyMGJjM2UzYiIsImNyZWF0ZWQiOjE2NTcxMTY1MjQ1NDYsImluU2FtcGxlIjpmYWxzZX0=
www.thomsonreuters.com/ Name: _hjIncludedInPageviewSample
Value: 1
.thomsonreuters.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.thomsonreuters.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Jul+06+2022+14%3A08%3A44+GMT%2B0000+(GMT)&version=6.22.0&hosts=&consentId=a02b255a-2d74-4332-b43e-150fbd5686a2&interactionCount=0&landingPath=https%3A%2F%2Fwww.thomsonreuters.com%2Fen-us%2Faccount%2Fbilling%2Fguest%2Fpay&groups=1%3A1%2C3%3A0
www.thomsonreuters.com/ Name: AWSALB
Value: ZAp7XbH13qcudSxB3iJBQaMJec2Y86ZkcnYkqDQSmIs9tPsyaCVDex59A/U9vQ1XnmzJOl9wrk7c2eqoFkMGPNgkef6ZKsOxCNnz6aRp+tYTTDzmb/dyuUkc1N/7
www.thomsonreuters.com/ Name: AWSALBCORS
Value: ZAp7XbH13qcudSxB3iJBQaMJec2Y86ZkcnYkqDQSmIs9tPsyaCVDex59A/U9vQ1XnmzJOl9wrk7c2eqoFkMGPNgkef6ZKsOxCNnz6aRp+tYTTDzmb/dyuUkc1N/7
.quantserve.com/ Name: d
Value: EIoBDAHGJrmvYA
.quantserve.com/ Name: mc
Value: 62c5976c-a6531-e208d-19265
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMID
Value: YsWXbfQM7GcjwSMuFnhmoQAA
.casalemedia.com/ Name: CMPS
Value: 5204
.casalemedia.com/ Name: CMPRO
Value: 5204
.casalemedia.com/ Name: CMTS
Value: 2235
.adnxs.com/ Name: uuid2
Value: 9063822552470769554
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E?hr`C!v!]tbPl1MwL(!R7qUY$+%K]VbB(=womA0ne`%K=^)H(WqL9RFMZ9bmtwgM/]vGiO_e`bKi]DYw?IEBnq=!?Hu!(0+a4
.spotxchange.com/ Name: audience
Value: 2638d409-fd35-11ec-81b7-141922060306
.demdex.net/ Name: dextp
Value: 60-1-1657116524149|477-1-1657116524347|903-1-1657116524535|1175-1-1657116524642|22052-1-1657116524742|49276-1-1657116524844|121998-1-1657116524961|144230-1-1657116525062|144231-1-1657116525162|144232-1-1657116525263|144233-1-1657116525411|144234-1-1657116525512|144235-1-1657116525613|144236-1-1657116525713|144237-1-1657116525814|444422-1-1657116525915

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=18184799670623470611455469261439267213
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=18184799670623470611455469261439267213
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.thomsonreuters.com
app-data.gcs.trstatic.net
assets.adobedtm.com
auth.split.io
bttrack.com
cdn.appdynamics.com
cdn.cookielaw.org
cdn.pendo.io
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
in.hotjar.com
match.adsrvr.org
ml314.com
partner.mediawallahscript.com
pixel.quantserve.com
pixel.rubiconproject.com
script.hotjar.com
sdk.split.io
siteintercept.qualtrics.com
static.hotjar.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
us-u.openx.net
vars.hotjar.com
westservicesinc.tt.omtrdc.net
westthomson.demdex.net
westthomsoncom.sc.omtrdc.net
www.facebook.com
www.google.com
www.gstatic.com
www.thomsonreuters.com
zn1h2tgfbe4os7bk9-trdigital.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
104.18.18.126
108.157.4.102
142.250.185.194
15.188.95.229
151.101.131.9
151.101.66.49
18.202.123.28
18.64.119.68
18.66.2.109
185.64.189.110
185.94.180.126
192.132.33.46
2600:9000:2057:5c00:1f:aa31:7740:93a1
2600:9000:206f:2400:16:3030:f80:93a1
2600:9000:206f:5e00:15:d837:3240:93a1
2600:9000:206f:6e00:1b:b66f:bac0:93a1
2606:4700:10::6814:b944
2606:4700::6810:9540
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a02:26f0:3000:28a::1e80
2a03:2880:f11c:8083:face:b00c:0:25de
3.251.15.4
34.111.234.236
35.244.159.8
35.244.174.68
35.71.131.137
37.252.173.215
52.51.233.122
54.145.191.224
54.77.200.211
63.34.179.114
65.9.66.91
69.173.144.139
79.125.65.240
99.80.65.197
02eff5a7253a4693dadcfd182372c3141e742e57d6529ee034e11f37e9c5d813
0615200896979053b0becdaafccbe9f86acbd89c2b8ffb79dd39bf0177d5d708
08491a7c7eaf07f3a8aef1cf800569ac6cb844681a27b68b452b6da6d7deebb0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d0f4ecbd0453477298a478973231e0983ad2fc8d2a3bad13f8e8fbf648733ad
0db43eba61b33934229b19b825b7bea29c3bb17fc1e3e1e43047d7772aae6036
0e36c38efea4f9b1b2d3909a1478e718867c08e30a11b3be4fa8cc15c242e414
0fc3ce119b309bf134b6759ea912834c542547e7cde2c10c89969ab10987e92d
17a86f088f39d8a5347638f1455529c0912d373538b95a3822de404a4f5f739a
17b869fc70bc4ad6cec59b04ce8129e9b3e56137b27937141f1c961f3f55f143
182e7f0425e10acf894089ac8109d990c34341cf50357f4336a229a0fb4722ff
1a866e6d7a3dc8df6e51923b720af554d7bb71e794bcd1044fc462ba23f258ff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
23137f2b810eadf65ff9f5ccda1351dde21a5949f798c0b5bf1c0870b0b7b39d
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
2660449130e5037387a84bb794ed44026a306d273b35c62f3fca8a9a85bbd157
30891369dc9cc3fffa39ce9ef4c17bfe0a26d12ff2292f207d72c41132ba4106
30ddac53f046a0b7d2cb1249463a0146352d6f928c64e3cb18b357139783aa50
3275aeb76cc88a679a8f109972b6b59785ca474a14cb659fb0ab83da6b1a6ef2
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
39a29e428e990ea39f18cb10a5caa1578368fd0b02e20ca49633498122b35957
3bd057bf0a3f809696a984751049aa6419601180dd1695bd7d22813f37774043
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44495f451ea005302e82089cb8c166acd5e909b5862efc2fcba7f8249ff4469f
47bb42e9612dd5e9b0b0267b2c2b910de701f117e5354efddf15b8b8c7bdb6ed
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c053f28cc7760f80d7c8accdb0f2469628050e6d670fd8fbb840af3a34b943e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51a1f8053f3e51386a72383b9e18e584eeebd125506d926352246e35e9899cf7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b63109325575d74839e7eb0f5ce7831eb488d70ff7549b77b20463351a3433
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f68b0d3863b627f0afd962a6c8dbab3824db8c77bd958428da96b5bf028eb83
6145057c81d76634cf22c7285f7328fd165d068a433e44d54de4f7638bc86f2d
615c466963cbc0318ba7d031927e5103bf797f321ae8047910616eef28d082fc
66e4c75ba6881841031de09716a854158277d4d6d7a0d4980c40cf24dd7530bd
69d2dee91032e8e8d1fe30345d20c1e9b9c0017982d7959b38374efb1bfd8e33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be3efeb998248db9cc1083aef162ee483cbde10b893057e4b5ae1a612c0ae3a
72543d2292f693639fc69c1fb96bea6405ad0d5dce90e0bd1ba0a1d750e3e7d3
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
7a95f7198c0ce17b890b7c956d3d35aa1c8bcfca943501296dd32e48865ea4ee
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e447bfb7a612922b0dd2f5d92b00d539c47c5a18ff2a8f0e3526164a701e930
7edf4f3d76ae7f4c604d5ae5ed696fc09972423fab606c07280f77fb6c87b58e
82b6809e1668fc6916b86e758db176595d4be4dc8b8f7642a3efacc4ed80d6a7
88af7a7e6b915e9f4eeba18f5be76482ca202076df4b51cabe88f3b5766ff501
89b6606e0f94c827dffac0f1a54394399a20a84328b54d60e0fcf084c368cbf5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f8b4e66310f27eda90f44c558f8715554a45a03d3756ea8942fd6af21b29d74
9ede12dc2f671304b18585c6a3617845fecf9e3485b2384cef1339ca46210a19
a482008da2fe0c09824c63004a9152849f1581670c5e82fc252b9658abc9f032
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4bbcdb26a4c6b25aee391646f910c720c6a261ea61eeef39914a86936067336
b69ea7dc57a582224ac85ec33e7d5e1b124b7526e3b044126f6be261f2695198
bb8669222665e8d693c27eef275e9af383003fb486db6ecd1b9f7601a7e92242
c256cfd873477a40e46c41b337bbf8d2a94531dda7c8f8733a976f5059153164
c2f3554385a43c399edc8fdd5ffa86b657ebb1bc266dff0e14bfccdd7e2e518a
c7d28c951110f93506b274c7c40daef1b35f147f459f751a5f68c1582a274c81
ca1912e88dad83a4313d3d52b19bbb35751e2a92a45eb795a8eb8bbaf26728c0
cc1f36e2ce4b411e21280efb1af9cff3f4f32c495fdeda795f7042f18680937c
ccaee6f0bb7dcf2a0ee729096cfba2cf24ea535e068f6cbfb827f79733f8181d
cf3df7ec597ed2be8f6f04dbf57bf2bdc1245c8cfde2d5921b2341606207a7eb
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d6cd5952222320f5cddab5230d3ff827f74333378967cb2ea4b3986568438f54
d8a9ed8ca2f50c5092a45a1307f9e36314a3c32ead64f988c3e40f8c15377a01
da3f6d3b0ad913a9ba0a63acaca0fa9161f0bb65fff5a677a380485a399a0221
df187e9d103d463cee0f4a12438fe86e16de8d76b0e813725c4cc3e5a1da1b9b
e2b3082aa2020e3316dcc41523bfa4e68b415cfb6e615be4e040a0bedfa2777a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5796b782b77ce0e82a5ab3546b2778cbda10faa76b6ea2ef124053a001052b8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb84e22be6551d48e0051d888e2551464eb9b69bb0c08db67d65c842b9a0c55
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f06ff71989c481fd52771f68ddaeec2073303089afed92bb21ded4e74ea66077
f0d2d08272140170daa52ad84ba5d6296ac594239ee2deabbda9075f9adf63d0
f0df209ed88f7530636ab1e8be9f18561bc56dff109dc41690159b97157220bd
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fee2feda388d361fde02b5b7a1aaa02f7f43db6777b9c97d106d37f4b76c938d