amers1.login.cp.thomsonreuters.net Open in urlscan Pro
159.220.40.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mythomsonreuters.force.com/apex/mtrDadHome
Effective URL:
https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Fa...
Submission: On May 25 via manual (May 25th 2018, 7:50:03 am UTC) from HK

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 159.220.40.98, located in United States and belongs to ILX-ASN - Thomson Reuters U.S. LLC, US. The main domain is amers1.login.cp.thomsonreuters.net.
TLS certificate: Issued by Symantec Class 3 Secure Server CA - G4 on April 24th 2017. Valid for: 2 years.

This is the only time amers1.login.cp.thomsonreuters.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.186.35 2.16.186.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.16.186.24 2.16.186.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	159.220.40.122 159.220.40.122	10457 (ILX-ASN) (ILX-ASN - Thomson Reuters U.S. LLC)
1 12	159.220.40.98 159.220.40.98	10457 (ILX-ASN) (ILX-ASN - Thomson Reuters U.S. LLC)
13	2

1 2.16.186.35 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com

mythomsonreuters.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.24 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-24.deploy.static.akamaitechnologies.com

mythomsonreuters.force.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.220.40.122 (United States) 1 redirects

ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US)
PTR: login.cp.thomsonreuters.net

login.cp.thomsonreuters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 159.220.40.98 (United States) 1 redirects

ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US)
PTR: ntcp-aaadasv80-unv-www.cp.thomsonreuters.com

amers1.login.cp.thomsonreuters.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	thomsonreuters.net 2 redirects login.cp.thomsonreuters.net amers1.login.cp.thomsonreuters.net	318 KB
3	force.com 1 redirects mythomsonreuters.force.com	2 KB
13	2

	Domain	Requested by
12	amers1.login.cp.thomsonreuters.net	1 redirects mythomsonreuters.force.com amers1.login.cp.thomsonreuters.net
3	mythomsonreuters.force.com	1 redirects mythomsonreuters.force.com
1	login.cp.thomsonreuters.net	1 redirects
13	3

This site contains links to these domains. Also see Links.

Domain
training.thomsonreuters.com
www.thomsonreuters.com

Subject Issuer	Validity	Valid
amers1.login.cp.thomsonreuters.net Symantec Class 3 Secure Server CA - G4	`2017-04-24` - `2019-04-25`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com
Frame ID: 458F0DF90A3DE464A70ACAE1B281F30D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mythomsonreuters.force.com/apex/mtrDadHome HTTP 301
http://mythomsonreuters.force.com/apex/mtrDadHome Page URL
http://mythomsonreuters.force.com/MTRFUnauthorised?targetPage=mtrDadHome Page URL
https://login.cp.thomsonreuters.net/auth/idpssoinit?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AH... HTTP 301
https://amers1.login.cp.thomsonreuters.net/auth/idpssoinit?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AH... HTTP 302
https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com... Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

318 kB
Transfer

312 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://training.thomsonreuters.com/videoplayer/videos/1053
Title: About My Account

Search URL Search Domain Scan URL

URL: https://www.thomsonreuters.com/en/privacy-statement.html
Title: Privacy Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mythomsonreuters.force.com/apex/mtrDadHome HTTP 301
http://mythomsonreuters.force.com/apex/mtrDadHome Page URL
http://mythomsonreuters.force.com/MTRFUnauthorised?targetPage=mtrDadHome Page URL
https://login.cp.thomsonreuters.net/auth/idpssoinit?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-POST&metaAlias=%2Freuters%2Fidp&NameIDFormat=urn%3Aoasis%3Anames%3Atc%3ASAML%3A1.1%3Anameid-format%3AemailAddress&RelayState=MTRIntermediatePage%3Ftarget%3DmtrDadHome&spEntityID=https%3A%2F%2Fsaml.salesforce.com HTTP 301
https://amers1.login.cp.thomsonreuters.net/auth/idpssoinit?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-POST&metaAlias=%2Freuters%2Fidp&NameIDFormat=urn%3Aoasis%3Anames%3Atc%3ASAML%3A1.1%3Anameid-format%3AemailAddress&RelayState=MTRIntermediatePage%3Ftarget%3DmtrDadHome&spEntityID=https%3A%2F%2Fsaml.salesforce.com HTTP 302
https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://mythomsonreuters.force.com/apex/mtrDadHome HTTP 301
http://mythomsonreuters.force.com/apex/mtrDadHome

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set mtrDadHome Show response mythomsonreuters.force.com/apex/ Redirect Chain https://mythomsonreuters.force.com/apex/mtrDadHome http://mythomsonreuters.force.com/apex/mtrDadHome	542 B 816 B	241ms 235ms	Document text/html	2.16.186.24 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://mythomsonreuters.force.com/apex/mtrDadHome Protocol HTTP/1.1 Server 2.16.186.24 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-24.deploy.static.akamaitechnologies.com Software / Salesforce.com ApexPages Resource Hash `9184a02f2d105cb7aea88ddab26ca5049dce9359745175f027f8eec20a80f098` Request headers Host mythomsonreuters.force.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 458F0DF90A3DE464A70ACAE1B281F30D Response headers Cache-Control no-cache,must-revalidate,max-age=0,no-store,private Expires Thu, 01 Jan 1970 00:00:00 GMT X-Powered-By Salesforce.com ApexPages P3P CP="CUR OTR STA" Content-Type text/html;charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 333 Date Fri, 25 May 2018 07:49:50 GMT Connection keep-alive Set-Cookie BrowserId=WyuEiVL8QJihV4lyCiMogw;Path=/;Domain=.force.com;Expires=Tue, 24-Jul-2018 07:49:50 GMT;Max-Age=5184000 Redirect headers Server AkamaiGHost Content-Length 0 Location http://mythomsonreuters.force.com/apex/mtrDadHome Date Fri, 25 May 2018 07:49:50 GMT Connection keep-alive
GET H/1.1	200 OK	MTRFUnauthorised Show response mythomsonreuters.force.com/	1 KB 823 B	466ms 466ms	Document text/html	2.16.186.24 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://mythomsonreuters.force.com/MTRFUnauthorised?targetPage=mtrDadHome Requested by Host: mythomsonreuters.force.com URL: http://mythomsonreuters.force.com/apex/mtrDadHome Protocol HTTP/1.1 Server 2.16.186.24 , European Union, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-24.deploy.static.akamaitechnologies.com Software / Salesforce.com ApexPages Resource Hash `982af23b9f52f3d93ed00c759460b3c3f7c09c80bbd69ead3b36c00e874d07ad` Request headers Host mythomsonreuters.force.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://mythomsonreuters.force.com/apex/mtrDadHome Accept-Encoding gzip, deflate Cookie BrowserId=WyuEiVL8QJihV4lyCiMogw Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 458F0DF90A3DE464A70ACAE1B281F30D Referer http://mythomsonreuters.force.com/apex/mtrDadHome Response headers Cache-Control no-cache,must-revalidate,max-age=0,no-store,private X-Powered-By Salesforce.com ApexPages P3P CP="CUR OTR STA" Content-Type text/html;charset=UTF-8 Vary Accept-Encoding Content-Encoding gzip Content-Length 505 Date Fri, 25 May 2018 07:49:51 GMT Connection keep-alive
GET H/1.1	200 OK	Primary Request Cookie set Login Show response amers1.login.cp.thomsonreuters.net/auth/UI/ Redirect Chain https://login.cp.thomsonreuters.net/auth/idpssoinit?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-POST&metaAlias=%2Freuters%2Fidp&NameIDFormat=urn%3Aoasis%3Anames%3Atc%3ASAML%3A1.... https://amers1.login.cp.thomsonreuters.net/auth/idpssoinit?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-POST&metaAlias=%2Freuters%2Fidp&NameIDFormat=urn%3Aoasis%3Anames%3Atc%3ASA... https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3F...	7 KB 9 KB	166ms 166ms	Document text/html	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Requested by Host: mythomsonreuters.force.com URL: http://mythomsonreuters.force.com/MTRFUnauthorised?targetPage=mtrDadHome Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `aeef0725310c3a6d7d1980d4d6a948a65e565a90ac7b9d7701ddf46e947f3624` Request headers Host amers1.login.cp.thomsonreuters.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://mythomsonreuters.force.com/MTRFUnauthorised?targetPage=mtrDadHome Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 458F0DF90A3DE464A70ACAE1B281F30D Referer http://mythomsonreuters.force.com/MTRFUnauthorised?targetPage=mtrDadHome Response headers Date Fri, 25 May 2018 07:49:52 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate,post-check=0, pre-check=0 Set-Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; Path=/auth/; Secure; HttpOnly custom_epaid=""; Domain=.cpc.dtc.reuint.com; Path=/ custom_epaid=""; Domain=.cpc.ntc.reuint.com; Path=/ custom_epaid=""; Domain=.login.cp.thomsonreuters.net; Path=/ custom_epaid=""; Domain=.cpc.hdc.reuint.com; Path=/ custom_epaid=""; Domain=.cpc.stc.reuint.com; Path=/ amlbcookie=32; Domain=.login.cp.thomsonreuters.net; Path=/; Secure amlbcookie=32; Domain=.cpc.hdc.reuint.com; Path=/; Secure amlbcookie=32; Domain=.cpc.ntc.reuint.com; Path=/; Secure amlbcookie=32; Domain=.cpc.dtc.reuint.com; Path=/; Secure amlbcookie=32; Domain=.cpc.stc.reuint.com; Path=/; Secure AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; Domain=.login.cp.thomsonreuters.net; Path=/; Secure AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; Domain=.cpc.hdc.reuint.com; Path=/; Secure AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; Domain=.cpc.ntc.reuint.com; Path=/; Secure AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; Domain=.cpc.dtc.reuint.com; Path=/; Secure AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; Domain=.cpc.stc.reuint.com; Path=/; Secure AuthenticationUILBCookie=ntcp-aaadasv01; Domain=.login.cp.thomsonreuters.net; Path=/; Secure AuthenticationUILBCookie=ntcp-aaadasv01; Domain=.cpc.hdc.reuint.com; Path=/; Secure AuthenticationUILBCookie=ntcp-aaadasv01; Domain=.cpc.ntc.reuint.com; Path=/; Secure AuthenticationUILBCookie=ntcp-aaadasv01; Domain=.cpc.dtc.reuint.com; Path=/; Secure AuthenticationUILBCookie=ntcp-aaadasv01; Domain=.cpc.stc.reuint.com; Path=/; Secure Pragma no-cache Expires 0 AM_CLIENT_TYPE MYACCOUNT Content-Type text/html;charset=UTF-8 Content-Length 6657 P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Vary User-Agent Keep-Alive timeout=5, max=99 Connection Keep-Alive Redirect headers Date Fri, 25 May 2018 07:49:52 GMT Server Apache Location https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Content-Type text/html;charset=ISO-8859-1 Content-Length 0 P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Set-Cookie JSESSIONID=5D816C17F2D078A029F7F90CD4D6BF17; Path=/openam/; Secure; HttpOnly Keep-Alive timeout=5, max=100 Connection Keep-Alive
GET H/1.1	200 OK	charcoal_commonstyles_spr.css amers1.login.cp.thomsonreuters.net/auth/css/	11 KB 12 KB	100ms 100ms	Stylesheet text/css	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/css/charcoal_commonstyles_spr.css?v=_3.31.2600.01 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `44dfacc4e232e529a51e5a717e2ac1b14571ac85f4db5c2b827328b9fd003bf1` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Wed, 14 Mar 2018 09:21:08 GMT Server Apache ETag W/"11687-1521019268000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=98 Content-Length 11687 Expires Sun, 24 Jun 2018 07:49:52 GMT
GET H/1.1	200 OK	charcoal_loginstyles_spr.css amers1.login.cp.thomsonreuters.net/auth/css/	7 KB 8 KB	201ms 100ms	Stylesheet text/css	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/css/charcoal_loginstyles_spr.css?v=_3.31.2600.01 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `d3c1b4df6c997a955dd0e79b0eac9ed287463bfabdbb2bcbb894c74ba8213c19` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Wed, 14 Mar 2018 09:21:08 GMT Server Apache ETag W/"7604-1521019268000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=97 Content-Length 7604 Expires Sun, 24 Jun 2018 07:49:52 GMT
GET H/1.1	200 OK	theme_myaccount.css amers1.login.cp.thomsonreuters.net/auth/css/	215 B 638 B	290ms 98ms	Stylesheet text/css	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/css/theme_myaccount.css?v=_3.31.2600.01 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `3967245f0ff09776d791def9cc35850b2fd8056011f488248b2545481234118a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,/;q=0.1 Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Wed, 14 Mar 2018 09:21:16 GMT Server Apache ETag W/"215-1521019276000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=100 Content-Length 215 Expires Sun, 24 Jun 2018 07:49:52 GMT
GET H/1.1	200 OK	signin_spr.js Show response amers1.login.cp.thomsonreuters.net/auth/js/	10 KB 10 KB	295ms 102ms	Script application/javascript	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/js/signin_spr.js?v=_3.31.2600.01 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `d4c9c65f200f868daddbd69d55f8e248eae56846553cb0965b8bab5f4463484f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Wed, 14 Mar 2018 09:21:06 GMT Server Apache ETag W/"10283-1521019266000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Connection Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5, max=100 Content-Length 10283
GET H/1.1	200 OK	as.js Show response amers1.login.cp.thomsonreuters.net/js/	2 KB 3 KB	295ms 102ms	Script application/javascript	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/js/as.js?v=_3.31.2600.01 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `d6e28b751ac8d0d0db6c5fe8d0d70b036f54b5e3781dc6d825f28733273a4c03` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Sat, 07 Apr 2018 07:50:50 GMT Server Apache ETag "990-5693d6e7256d6" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Connection Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5, max=100 Content-Length 2448
GET H/1.1	200 OK	jquery-1.10.1.min.js Show response amers1.login.cp.thomsonreuters.net/auth/js/	91 KB 92 KB	308ms 109ms	Script application/javascript	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/js/jquery-1.10.1.min.js Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `6130a160661b818996501172df484ca373cca1c1d28e3118c7482f2e2c2b6d3e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Wed, 14 Mar 2018 09:21:02 GMT Server Apache ETag W/"93594-1521019262000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Connection Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5, max=100 Content-Length 93594
GET H/1.1	200 OK	jquery-as.js Show response amers1.login.cp.thomsonreuters.net/auth/js/	6 KB 6 KB	309ms 110ms	Script application/javascript	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Full URL https://amers1.login.cp.thomsonreuters.net/auth/js/jquery-as.js?v=_3.31.2600.01 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `df38d0ffcdd0787c311d646a1de272ee1ec1a479a77c21b080c963722ffe2a82` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept / Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:52 GMT Last-Modified Wed, 14 Mar 2018 09:21:04 GMT Server Apache ETag W/"5838-1521019264000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Connection Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5, max=100 Content-Length 5838
GET H/1.1	200 OK	charcoal-sprite-signin.jpg amers1.login.cp.thomsonreuters.net/auth/images/	49 KB 49 KB	100ms 100ms	Image image/jpeg	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Show image Full URL https://amers1.login.cp.thomsonreuters.net/auth/images/charcoal-sprite-signin.jpg Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `a2f5ecf8d1cf40ac6eb695cfb172972b271c8bd8a1fbbfce6055759a271b65af` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://amers1.login.cp.thomsonreuters.net/auth/css/charcoal_loginstyles_spr.css?v=_3.31.2600.01 Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/css/charcoal_loginstyles_spr.css?v=_3.31.2600.01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:53 GMT Last-Modified Wed, 14 Mar 2018 09:20:44 GMT Server Apache ETag W/"50105-1521019244000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=99 Content-Length 50105 Expires Sun, 24 Jun 2018 07:49:53 GMT
GET H/1.1	200 OK	charcoal-sprite-common.jpg amers1.login.cp.thomsonreuters.net/auth/images/	122 KB 123 KB	101ms 100ms	Image image/jpeg	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Show image Full URL https://amers1.login.cp.thomsonreuters.net/auth/images/charcoal-sprite-common.jpg?v=4 Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `4012487a0e7aa596ce9b2a6fd7def70238f43e45ef798af6b21a7936f15f23d6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://amers1.login.cp.thomsonreuters.net/auth/css/charcoal_commonstyles_spr.css?v=_3.31.2600.01 Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/css/charcoal_commonstyles_spr.css?v=_3.31.2600.01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:53 GMT Last-Modified Wed, 14 Mar 2018 09:20:44 GMT Server Apache ETag W/"125334-1521019244000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Type image/jpeg Keep-Alive timeout=5, max=99 Content-Length 125334 Expires Sun, 24 Jun 2018 07:49:53 GMT
GET H/1.1	200 OK	myaccount.png amers1.login.cp.thomsonreuters.net/auth/images/	4 KB 4 KB	97ms 97ms	Image image/png	159.220.40.98 Thomson Reuters U...
General Check archive.org Show headers Download Go to Show image Full URL https://amers1.login.cp.thomsonreuters.net/auth/images/myaccount.png Requested by Host: amers1.login.cp.thomsonreuters.net URL: https://amers1.login.cp.thomsonreuters.net/auth/UI/Login?product=myaccount&spEntityID=https%3A%2F%2Fsaml.salesforce.com&goto=http%3A%2F%2Famers1.login.cp.thomsonreuters.net%2Fopenam%2Fidpssoinit%3Fbinding%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A2.0%253Abindings%253AHTTP-POST%26metaAlias%3D%252Freuters%252Fidp%26NameIDFormat%3Durn%253Aoasis%253Anames%253Atc%253ASAML%253A1.1%253Anameid-format%253AemailAddress%26RelayState%3DMTRIntermediatePage%253Ftarget%253DmtrDadHome%26spEntityID%3Dhttps%253A%252F%252Fsaml.salesforce.com Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 159.220.40.98 , United States, ASN10457 (ILX-ASN - Thomson Reuters U.S. LLC, US), Reverse DNS ntcp-aaadasv80-unv-www.cp.thomsonreuters.com Software Apache / Resource Hash `bd4de0d029b5d1e3e5aee64b74a3ff20c593fa1035ceba96520f2bc950372bea` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host amers1.login.cp.thomsonreuters.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://amers1.login.cp.thomsonreuters.net/auth/css/theme_myaccount.css?v=_3.31.2600.01 Cookie JSESSIONID=4F6065B7912EB41805B19EC8CBAEB841; custom_epaid=""; amlbcookie=32; AMAuthCookie=http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin; AuthenticationUILBCookie=ntcp-aaadasv01 Connection keep-alive Cache-Control no-cache Referer https://amers1.login.cp.thomsonreuters.net/auth/css/theme_myaccount.css?v=_3.31.2600.01 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Fri, 25 May 2018 07:49:53 GMT Last-Modified Wed, 14 Mar 2018 09:20:44 GMT Server Apache ETag W/"3909-1521019244000" P3P CP="IDC DSP COR ADM DEV CONo TELo OUR IND PHY ONL UNI COM NAV INT STA OTC" Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Content-Type image/png Keep-Alive timeout=5, max=99 Content-Length 3909 Expires Sun, 24 Jun 2018 07:49:53 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.login.cp.thomsonreuters.net/	1969-12-31 23:59:59	Name: custom_epaid Value: ""
.login.cp.thomsonreuters.net/	1969-12-31 23:59:59	Name: AuthenticationUILBCookie Value: ntcp-aaadasv01
.login.cp.thomsonreuters.net/	1969-12-31 23:59:59	Name: AMAuthCookie Value: http%3A%2F%2Fntcp-aaadasv01.cps.ntc.reuint.com%3A80%2Fauth%2FUI%2FLogin
.login.cp.thomsonreuters.net/	1969-12-31 23:59:59	Name: amlbcookie Value: 32
amers1.login.cp.thomsonreuters.net/auth/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4F6065B7912EB41805B19EC8CBAEB841

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amers1.login.cp.thomsonreuters.net
login.cp.thomsonreuters.net
mythomsonreuters.force.com
159.220.40.122
159.220.40.98
2.16.186.24
2.16.186.35
3967245f0ff09776d791def9cc35850b2fd8056011f488248b2545481234118a
4012487a0e7aa596ce9b2a6fd7def70238f43e45ef798af6b21a7936f15f23d6
44dfacc4e232e529a51e5a717e2ac1b14571ac85f4db5c2b827328b9fd003bf1
6130a160661b818996501172df484ca373cca1c1d28e3118c7482f2e2c2b6d3e
9184a02f2d105cb7aea88ddab26ca5049dce9359745175f027f8eec20a80f098
982af23b9f52f3d93ed00c759460b3c3f7c09c80bbd69ead3b36c00e874d07ad
a2f5ecf8d1cf40ac6eb695cfb172972b271c8bd8a1fbbfce6055759a271b65af
aeef0725310c3a6d7d1980d4d6a948a65e565a90ac7b9d7701ddf46e947f3624
bd4de0d029b5d1e3e5aee64b74a3ff20c593fa1035ceba96520f2bc950372bea
d3c1b4df6c997a955dd0e79b0eac9ed287463bfabdbb2bcbb894c74ba8213c19
d4c9c65f200f868daddbd69d55f8e248eae56846553cb0965b8bab5f4463484f
d6e28b751ac8d0d0db6c5fe8d0d70b036f54b5e3781dc6d825f28733273a4c03
df38d0ffcdd0787c311d646a1de272ee1ec1a479a77c21b080c963722ffe2a82

amers1.login.cp.thomsonreuters.net Open in urlscan Pro 159.220.40.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

318 kBTransfer

312 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

5 Cookies

Indicators

amers1.login.cp.thomsonreuters.net Open in urlscan Pro
159.220.40.98 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

318 kB
Transfer

312 kB
Size

5
Cookies

13 HTTP transactions
0 data transactions