urlscan.io logo urlscan.io
SecurityTrails logo

ew.com Open in urlscan Pro
54.230.93.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rinat.site/
Effective URL: https://ew.com/
Submission: On February 02 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 3 countries across 34 domains to perform 88 HTTP transactions. The main IP is 54.230.93.235, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is ew.com.
TLS certificate: Issued by Amazon on June 5th 2018. Valid for: a year.
This is the only time ew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 52.211.95.198 16509 (AMAZON-02)
17 54.230.93.235 16509 (AMAZON-02)
1 52.222.168.228 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.172.22 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f02... 32934 (FACEBOOK)
3 151.101.0.175 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f22... 32934 (FACEBOOK)
1 2a03:2880:f22... 32934 (FACEBOOK)
1 35.190.92.63 15169 (GOOGLE)
3 34.243.36.162 16509 (AMAZON-02)
1 35.201.93.216 15169 (GOOGLE)
1 52.222.168.23 16509 (AMAZON-02)
1 104.109.71.200 20940 (AKAMAI-ASN1)
1 107.178.254.65 15169 (GOOGLE)
3 54.69.247.77 16509 (AMAZON-02)
1 52.88.21.20 16509 (AMAZON-02)
1 3 104.103.89.123 16625 (AKAMAI-AS)
1 2 172.217.18.6 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 52.222.167.241 16509 (AMAZON-02)
2 35.190.80.55 15169 (GOOGLE)
3 52.213.58.51 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 1 52.16.141.233 16509 (AMAZON-02)
1 35.186.247.88 15169 (GOOGLE)
1 35.227.251.121 15169 (GOOGLE)
1 35.227.220.176 15169 (GOOGLE)
1 151.101.2.110 54113 (FASTLY)
1 54.217.244.94 16509 (AMAZON-02)
1 162.247.242.19 23467 (NEWRELIC-...)
1 130.211.47.17 15169 (GOOGLE)
1 52.222.168.208 16509 (AMAZON-02)
4 130.211.27.95 15169 (GOOGLE)
1 2600:9000:204... 16509 (AMAZON-02)
88 38
1    2606:4700:30::681b:87b9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rinat.site
1    52.211.95.198 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-95-198.eu-west-1.compute.amazonaws.com
xbrkb.adsb4trk.com
17    54.230.93.235 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-93-235.fra2.r.cloudfront.net
ew.com
1    52.222.168.228 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-228.fra54.r.cloudfront.net
native.sharethrough.com
1    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    52.222.172.22 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-172-22.fra54.r.cloudfront.net
cdn.segment.com
2    2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
12    2a00:1450:4001:81a::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
4    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
4    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
3    151.101.0.175 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
cdn.krxd.net
consumer.krxd.net
1    2a00:1450:4001:81e::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a03:2880:f22d:c4:face:b00c:0:43fe (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
platform.instagram.com
1    2a03:2880:f22d:e5:face:b00c:0:4420 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.instagram.com
1    35.190.92.63 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 63.92.190.35.bc.googleusercontent.com
tag.bounceexchange.com
3    34.243.36.162 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-36-162.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    35.201.93.216 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 216.93.201.35.bc.googleusercontent.com
gwiqcdn.globalwebindex.net
1    52.222.168.23 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-23.fra54.r.cloudfront.net
cdn-gl.imrworldwide.com
1    104.109.71.200 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-71-200.deploy.static.akamaitechnologies.com
c.betrad.com
1    107.178.254.65 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    54.69.247.77 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-69-247-77.us-west-2.compute.amazonaws.com
api.segment.io
1    52.88.21.20 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-88-21-20.us-west-2.compute.amazonaws.com
aamapi.com
3    104.103.89.123 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-89-123.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    172.217.18.6 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra02s19-in-f6.1e100.net
6927309.fls.doubleclick.net
1    2a00:1450:400c:c0a::9b (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
script.crazyegg.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    52.222.167.241 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-167-241.fra54.r.cloudfront.net
assets.bounceexchange.com
2    35.190.80.55 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 55.80.190.35.bc.googleusercontent.com
gwiq-v3.globalwebindex.net
3    52.213.58.51 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
timeinc.demdex.net
1    66.117.28.86 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    52.16.141.233 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-141-233.eu-west-1.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    35.186.247.88 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 88.247.186.35.bc.googleusercontent.com
data.cdnbasket.net
1    35.227.251.121 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 121.251.227.35.bc.googleusercontent.com
page.cdnbasket.net
1    35.227.220.176 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 176.220.227.35.bc.googleusercontent.com
view.cdnbasket.net
1    151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    54.217.244.94 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-244-94.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
1    130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 17.47.211.130.bc.googleusercontent.com
ids.cdnwidget.com
1    52.222.168.208 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-168-208.fra54.r.cloudfront.net
session.timecommerce.net
4    130.211.27.95 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 95.27.211.130.bc.googleusercontent.com
uid1.vindicosuite.com
1    2600:9000:2043:ba00:6:f5a3:efc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
chirp.bizrate.com
Apex Domain
Subdomains		 Transfer
17 ew.com
ew.com
334 KB
12 gstatic.com
fonts.gstatic.com
163 KB
6 demdex.net
dpm.demdex.net
timeinc.demdex.net
9 KB
5 facebook.com
www.facebook.com
staticxx.facebook.com
1 KB
4 vindicosuite.com
uid1.vindicosuite.com
9 KB
4 krxd.net
cdn.krxd.net
consumer.krxd.net
beacon.krxd.net
113 KB
4 google-analytics.com
www.google-analytics.com
32 KB
3 cdnbasket.net
data.cdnbasket.net
page.cdnbasket.net
view.cdnbasket.net
1 KB
3 doubleclick.net
6927309.fls.doubleclick.net
stats.g.doubleclick.net
836 B
3 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 segment.io
api.segment.io
402 B
3 globalwebindex.net
gwiqcdn.globalwebindex.net
gwiq-v3.globalwebindex.net
15 KB
3 bounceexchange.com
tag.bounceexchange.com
assets.bounceexchange.com
143 KB
3 facebook.net
connect.facebook.net
118 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
7 KB
2 imrworldwide.com
cdn-gl.imrworldwide.com
secure-dcr.imrworldwide.com
9 KB
2 instagram.com
platform.instagram.com
www.instagram.com
5 KB
1 bizrate.com
chirp.bizrate.com
256 B
1 timecommerce.net
session.timecommerce.net
1 KB
1 cdnwidget.com
ids.cdnwidget.com
170 B
1 nr-data.net
bam.nr-data.net
261 B
1 newrelic.com
js-agent.newrelic.com
9 KB
1 everesttech.net
cm.everesttech.net
527 B
1 crazyegg.com
script.crazyegg.com
5 KB
1 google.de
www.google.de
109 B
1 google.com
www.google.com
193 B
1 aamapi.com
aamapi.com
277 B
1 pippio.com
pippio.com
62 B
1 betrad.com
c.betrad.com
371 B
1 googletagmanager.com
www.googletagmanager.com
94 KB
1 segment.com
cdn.segment.com
66 KB
1 sharethrough.com
native.sharethrough.com
108 KB
1 adsb4trk.com
xbrkb.adsb4trk.com
1 KB
1 rinat.site
rinat.site
549 B
88 34
Domain Requested by
17 ew.com ew.com
12 fonts.gstatic.com ajax.googleapis.com
4 uid1.vindicosuite.com rinat.site
uid1.vindicosuite.com
4 www.facebook.com ew.com
4 www.google-analytics.com 1 redirects cdn.segment.com
www.google-analytics.com
3 timeinc.demdex.net rinat.site
ew.com
3 sb.scorecardresearch.com 1 redirects ew.com
www.googletagmanager.com
3 api.segment.io ew.com
3 dpm.demdex.net ew.com
3 connect.facebook.net cdn.segment.com
ew.com
connect.facebook.net
2 gwiq-v3.globalwebindex.net ew.com
2 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
2 6927309.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cdn.krxd.net cdn.segment.com
cdn.krxd.net
2 fonts.googleapis.com ajax.googleapis.com
ew.com
1 chirp.bizrate.com rinat.site
1 session.timecommerce.net rinat.site
1 ids.cdnwidget.com ew.com
1 bam.nr-data.net js-agent.newrelic.com
1 beacon.krxd.net cdn.krxd.net
1 js-agent.newrelic.com ew.com
1 view.cdnbasket.net ew.com
1 page.cdnbasket.net ew.com
1 data.cdnbasket.net ew.com
1 secure-dcr.imrworldwide.com 1 redirects
1 consumer.krxd.net cdn.krxd.net
1 staticxx.facebook.com connect.facebook.net
1 cm.everesttech.net 1 redirects
1 script.crazyegg.com cdn.segment.com
1 www.google.de ew.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 aamapi.com www.googletagmanager.com
1 pippio.com rinat.site
1 c.betrad.com rinat.site
1 cdn-gl.imrworldwide.com rinat.site
1 gwiqcdn.globalwebindex.net www.googletagmanager.com
1 tag.bounceexchange.com rinat.site
1 www.instagram.com ew.com
1 platform.instagram.com 1 redirects
1 www.googletagmanager.com cdn.segment.com
1 cdn.segment.com ew.com
1 ajax.googleapis.com ew.com
1 native.sharethrough.com ew.com
1 xbrkb.adsb4trk.com 1 redirects
1 rinat.site
88 46
Subject Issuer Validity Valid
*.ew.com
Amazon		 2018-06-05 -
2019-07-05		 a year crt.sh
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2		 2018-09-18 -
2019-11-17		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2018-05-08 -
2019-07-18		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
*.c.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-10-09 -
2019-09-27		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2019-01-10 -
2019-04-10		 3 months crt.sh
tag.bounceexchange.com
Thawte RSA CA 2018		 2018-08-13 -
2020-08-12		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.globalwebindex.net
RapidSSL RSA CA 2018		 2017-12-13 -
2020-12-19		 3 years crt.sh
*.imrworldwide.com
DigiCert SHA2 Secure Server CA		 2018-02-15 -
2019-07-11		 a year crt.sh
*.betrad.com
DigiCert SHA2 Secure Server CA		 2018-02-06 -
2019-04-07		 a year crt.sh
pippio.com
COMODO RSA Domain Validation Secure Server CA		 2017-10-23 -
2020-11-15		 3 years crt.sh
*.segment.io
DigiCert SHA2 Secure Server CA		 2018-05-10 -
2019-07-26		 a year crt.sh
aamapi.com
Amazon		 2018-08-20 -
2019-09-20		 a year crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-01-15 -
2019-04-09		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-20 -
2019-09-18		 9 months crt.sh
*.bounceexchange.com
Amazon		 2018-08-21 -
2019-09-21		 a year crt.sh
*.cdnbasket.net
Go Daddy Secure Certificate Authority - G2		 2018-09-19 -
2019-09-27		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-01-08 -
2019-04-14		 3 months crt.sh
*.krxd.net
Go Daddy Secure Certificate Authority - G2		 2017-06-12 -
2019-07-11		 2 years crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh
*.cdnwidget.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-01 -
2019-03-01		 a year crt.sh
*.timecommerce.net
Amazon		 2018-03-19 -
2019-04-19		 a year crt.sh
*.vindicosuite.com
DigiCert SHA2 Secure Server CA		 2017-08-09 -
2020-08-13		 3 years crt.sh
*.bizrate.com
COMODO RSA Organization Validation Secure Server CA		 2017-04-06 -
2019-04-06		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://ew.com/
Frame ID: B796EAD0BBF348CF84BBDDBF8836B2E8
Requests: 83 HTTP requests in this frame

Frame: https://6927309.fls.doubleclick.net/activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F
Frame ID: 56A1E5B0882EBBFFC1F3BFC522C792D3
Requests: 1 HTTP requests in this frame

Frame: https://timeinc.demdex.net/dest5.html?d_nsid=undefined
Frame ID: B211CABEA9ED57DBF57B79C9D0341C4A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Frame ID: BD3CDF4590E8DD337B0706D8E5A23843
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame10.min.html
Frame ID: 0BF1B3552B654984ACC0419E825E3576
Requests: 1 HTTP requests in this frame

Frame: https://timeinc.demdex.net/dest5.html?d_nsid=0
Frame ID: ADC96616EE1181497F2BC743FAFD4888
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rinat.site/ Page URL
  2. http://xbrkb.adsb4trk.com/c/bbdeb1f412b0f112 HTTP 302
    https://ew.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^bouncex$/i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^CE2$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /googleapis\.com\/.+webfont/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 50%
Detected patterns
  • env /^head$/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • html /<script[\s\S]*cdn\.segment\.com\/analytics.js[\s\S]*script>/i
  • script /cdn\.segment\.com\/analytics\.js/i
  • env /^analytics$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

88
Requests

99 %
HTTPS

34 %
IPv6

34
Domains

46
Subdomains

38
IPs

3
Countries

1243 kB
Transfer

4351 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rinat.site/ Page URL
  2. http://xbrkb.adsb4trk.com/c/bbdeb1f412b0f112 HTTP 302
    https://ew.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js
Request Chain 35
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&ns__t=1549125628330&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=http%3A%2F%2Frinat.site%2F HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1549125628330&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=http%3A%2F%2Frinat.site%2F
Request Chain 36
  • https://6927309.fls.doubleclick.net/activityi;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F HTTP 302
  • https://6927309.fls.doubleclick.net/activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F
Request Chain 52
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1211504325&t=pageview&_s=1&dl=https%3A%2F%2Few.com%2F&dr=http%3A%2F%2Frinat.site%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%7C%20EW.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAEADQ~&jid=1444382316&gjid=757372068&cid=1224674948.1549125628&tid=UA-97981691-4&_gid=1652442205.1549125628&_r=1&cd8=gdpr&cd10=ew.com&cd7=own&cd1=&cd9=front%20end&z=1347741005 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_gid=1652442205.1549125628&gjid=757372068&_v=j73&z=1347741005 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_v=j73&z=1347741005 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_v=j73&z=1347741005&slf_rd=1&random=2765143573
Request Chain 61
  • https://cm.everesttech.net/cm/dd?d_uuid=74487015991882079671503908174197244750 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XFXH-AAADlANsjx0
Request Chain 65
  • https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&st=dcr&rt=text&forward=0&sup=0&ad=0&asn=homepage&ci=us-100120&c6=vc,c32&c9=devid,&c11=agg,1&c12=apv,&c13=asid,PC1601761-BBBF-4503-8F00-80834F197676&c15=apn,ewCOM&c16=sdkv,bj.5.1.5&c26=dmap,1&c29=plid,15491256286496201&c30=bldv,1.0.0.22&c32=segA,NA&c33=segB,NA&c34=segC,NA&at=view&cr=V&c27=cln,0&rnd=632286 HTTP 302
  • https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access_method=0&segment_a=d4cd0dabcf4caa22ad92fab40844c786&segment_b=d4cd0dabcf4caa22ad92fab40844c786&segment_c=d4cd0dabcf4caa22ad92fab40844c786&content_type=text&segment1=ZZ&segment2=111&segment3=NA&osversion=OSX10_13_5&device_type=DSK&platform=DSK&appid=PC1601761-BBBF-4503-8F00-80834F197676&length=0&ad_duration=0&ad_count=0&impressions=1&advertiser_id=DSK&app_launch=0&ver=1&placement_id=d4cd0dabcf4caa22ad92fab40844c786&data_date=20190202&day_id=sat&hour_id=05&ad_supp=2&h=b19098be4f&rnd=1549125629

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
rinat.site/ 		89 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rinat.site/
Protocol
HTTP/1.1
Server
2606:4700:30::681b:87b9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
755708eb88d99eef33ee21032d94692edaf136e2215d89f845607b9abc925d16

Request headers

Host
rinat.site
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 16:40:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d9af2a320472a6d2426f2dfd3e46e67591549125627; expires=Sun, 02-Feb-20 16:40:27 GMT; path=/; domain=.rinat.site; HttpOnly
Last-Modified
Mon, 08 Oct 2018 13:58:25 GMT
X-Turbo-Charged-By
LiteSpeed
Server
cloudflare
CF-RAY
4a2e19856671647b-FRA
Content-Encoding
gzip
Primary Request /
ew.com/
Redirect Chain
  • http://xbrkb.adsb4trk.com/c/bbdeb1f412b0f112
  • https://ew.com/
31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
27f3ae09b6cf631db0ce55dee4c751762b7edc34c3c8654258f9fd3b1eca7d36

Request headers

:method
GET
:authority
ew.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://rinat.site/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://rinat.site/

Response headers

status
200
content-type
text/html; charset=utf-8
date
Sat, 02 Feb 2019 16:39:51 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
cache-control
max-age=5
etag
W/"7dcb-17BVzD8mUlyNKb/c7MmOwaNc5Kw"
content-encoding
gzip
age
36
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
x-amz-cf-id
THnNksp6bax5wb8IXqrRalvIi-jwu25Sl2yXu9qSjXzQpAPCvMaLMw==

Redirect headers

Server
nginx
Date
Sat, 02 Feb 2019 16:40:27 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Location
https://ew.com/
Set-Cookie
unique_1408909=unique_1408909; expires=Sun, 03-Feb-2019 16:40:27 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5c55c7fbdc39b946768876; expires=Sun, 03-Feb-2019 16:40:27 GMT; Max-Age=86400; path=/; HttpOnly unique_1408909=unique_1408909; expires=Sun, 03-Feb-2019 16:40:27 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5c55c7fbdc39b946768876; expires=Sun, 03-Feb-2019 16:40:27 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=400864; expires=Mon, 04-Mar-2019 16:40:27 GMT; Max-Age=2592000; path=/; HttpOnly unique_1408909=unique_1408909; expires=Sun, 03-Feb-2019 16:40:27 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5c55c7fbdc39b946768876; expires=Sun, 03-Feb-2019 16:40:27 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=400864; expires=Mon, 04-Mar-2019 16:40:27 GMT; Max-Age=2592000; path=/; HttpOnly tid=qhdpv5c55c7fbdc396149028320; path=/; HttpOnly
Status
302 Found
X-Powered-By
PHP/7.0.32
main.js
ew.com/dist/ 		290 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/main.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
e4af793b98536fe685dc1f911f371c963987ca6f61456c73f4a51da01f82c63e

Request headers

:path
/dist/main.js
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
rXhrY7Inq7u10amH5Ka-nzhskQcWVaNeNM7MDu5z_MUMWawbFYS_iw==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
sfp.js
native.sharethrough.com/assets/ 		369 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.228 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-228.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f844c93852c1962d84b5fa4cedff4c17823e0a73e9e1f0f744e5c98eddd362d

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:39:46 GMT
content-encoding
gzip
last-modified
Fri, 01 Feb 2019 17:39:42 GMT
server
AmazonS3
age
43
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-id
uJgs7OxL48WxrW1wVwquv9gSI1T9DoUlUiOVW_m3L-bby8XQZfuLoA==
via
1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
expires
Fri, 01 Feb 2019 18:39:40 GMT
style.css
ew.com/dist/ 		785 KB
111 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/style.css
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
cd78c89ed011ad8676d3463cb9e664f22e4f654bc7b65ee527325c2088b2a376

Request headers

:path
/dist/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
qtsZ_F4hofEZg3iCVUFx4CzhXtnadJ1Hkw0Cjr0bCzklQPIZGPNiUg==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 12:42:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100705
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
5437
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Feb 2020 12:42:03 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/ 		309 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.172.22 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-172-22.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
423af1d9f4e0e28c54f6ef9349ba4569cc90f527ce56456b48121feb60da3147

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 14:26:23 GMT
content-encoding
gzip
age
105
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
67144
via
1.1 c771900addaa417be1d0b79ff157a3f9.cloudfront.net (CloudFront)
last-modified
Fri, 01 Feb 2019 17:06:03 GMT
server
AmazonS3
etag
"06452ea805847037b900c7a069bc21e0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
hXZW6QIBRwhsQHYGnAu1bI_cgMRDw60T
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-amz-cf-id
u6sdXUBwijHteWfJlcv5GWNO_AqHJ27vOn_Rv-14qY3RnxrHNm235A==
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
98596fadff1c7114e641bfe6181b1aef3c3dad4777342b5c2011144f9bad2094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 02 Feb 2019 16:40:28 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 02 Feb 2019 16:40:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 16:40:28 GMT
nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v13/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7281b1ca00d97d58c69337fe4e75a8e780041fe2b89407a03c2e2c5f7f00ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Mon, 21 Jan 2019 15:44:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:37 GMT
server
sffe
age
1040145
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18156
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 15:44:43 GMT
nuFlD-vYSZviVYUb_rj3ij__anPXBb__lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v13/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v13/nuFlD-vYSZviVYUb_rj3ij__anPXBb__lW4e5j5hNKc.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
40995d4c68c0d2e7cc40036a40ddd6867d8450e7e96fde3d497d7614c876d85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Tue, 22 Jan 2019 18:17:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:20:27 GMT
server
sffe
age
944563
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
17268
x-xss-protection
1; mode=block
expires
Wed, 22 Jan 2020 18:17:45 GMT
xn7gYHIn1mWmdg52ggexSvfedN4.woff2
fonts.gstatic.com/s/rasa/v4/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rasa/v4/xn7gYHIn1mWmdg52ggexSvfedN4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
79ebf2951da2d9bc5d4af83af985637e8c7e2e9e9bda22146644ed1b142bc986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Thu, 24 Jan 2019 08:14:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:44:15 GMT
server
sffe
age
807962
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
17700
x-xss-protection
1; mode=block
expires
Fri, 24 Jan 2020 08:14:26 GMT
xn7vYHIn1mWmfqVUlyqTR90.woff2
fonts.gstatic.com/s/rasa/v4/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rasa/v4/xn7vYHIn1mWmfqVUlyqTR90.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
eda0e088569f488beac71d392a74ead9fc6e6d33cad82420ff9d4f074eab9e22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Tue, 15 Jan 2019 22:45:51 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:46:04 GMT
server
sffe
age
1533277
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18556
x-xss-protection
1; mode=block
expires
Wed, 15 Jan 2020 22:45:51 GMT
xn7gYHIn1mWmdh5xggexSvfedN4.woff2
fonts.gstatic.com/s/rasa/v4/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rasa/v4/xn7gYHIn1mWmdh5xggexSvfedN4.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d081d1833eb0363c2d16fe741319c15418d05cae593516d5c0517e9366d0d18e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Thu, 31 Jan 2019 14:16:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:44:17 GMT
server
sffe
age
181467
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
18288
x-xss-protection
1; mode=block
expires
Fri, 31 Jan 2020 14:16:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Mon, 21 Jan 2019 15:45:15 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:47 GMT
server
sffe
age
1040113
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10876
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 15:45:15 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Thu, 31 Jan 2019 14:16:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
181467
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10748
x-xss-protection
1; mode=block
expires
Fri, 31 Jan 2020 14:16:01 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Mon, 21 Jan 2019 15:44:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
1040157
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10788
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 15:44:31 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Thu, 31 Jan 2019 14:16:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:03 GMT
server
sffe
age
181449
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10764
x-xss-protection
1; mode=block
expires
Fri, 31 Jan 2020 14:16:19 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Wed, 23 Jan 2019 12:56:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:33:04 GMT
server
sffe
age
877449
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10752
x-xss-protection
1; mode=block
expires
Thu, 23 Jan 2020 12:56:19 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Mon, 21 Jan 2019 15:44:26 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:04 GMT
server
sffe
age
1040162
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10740
x-xss-protection
1; mode=block
expires
Tue, 21 Jan 2020 15:44:26 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v16/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:500,600,700,900%7CRasa:300,400,700%7CRoboto:300,400,500,700,900%7CRoboto+Condensed:400,700
Origin
https://ew.com

Response headers

date
Thu, 20 Dec 2018 22:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:25:19 GMT
server
sffe
age
3782246
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10688
x-xss-protection
1; mode=block
expires
Fri, 20 Dec 2019 22:03:02 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
5165
date
Sat, 02 Feb 2019 15:14:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
17543
expires
Sat, 02 Feb 2019 17:14:23 GMT
fbevents.js
connect.facebook.net/en_US/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a22ff3d67954eca0f973caf14127deb569671199ba35bd3c09bfb401fb71724d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15900
x-xss-protection
0
pragma
public
x-fb-debug
gaNfX2GRf1DFWxuTbzyqE8rOuj5+dUATBmG9pL+pfm+9/udcJ+X1xjtxXqMYPZEwYWM42EQTL4DvuyAZn0Cy0A==
date
Sat, 02 Feb 2019 16:40:28 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
stiufge0y.js
cdn.krxd.net/controltag/ 		145 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/stiufge0y.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
b0359e88fe42b2cd031607dccb4e7d88a16492123066020680cf701bdfad751f

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date
Sat, 02 Feb 2019 16:40:28 GMT
Content-Encoding
gzip
Age
741
X-Cache
MISS, HIT, HIT
X-Request-Backend
krux_scala_config_webservice
X-App-Cache
HIT
Connection
keep-alive
Content-Length
32759
X-Served-By
config-service-a004.krxd.net, cache-iad2144-IAD, cache-hhn1529-HHN
X-Response-Time
2
Accept-Ranges
bytes
X-Do-Esi
esi
X-Timer
S1549125628.220836,VS0,VE0
ETag
"8b868a9429d0bcf305251cd19de2cd95453c8853"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish, 1.1 varnish
Cache-Control
public, max-age=1200
X-Age
0
X-Cache-Hits
0, 1, 5
gtm.js
www.googletagmanager.com/ 		416 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
e88aea70bd29cae168a70c189870d5b08680a232eebfe6f29106ac3c36462817
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
96253
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 16:40:28 GMT
js
www.google-analytics.com/gtm/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P3VQ7M8&cid=1224674948.1549125628
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
75cf13b0ac6afd29fe9b456c9db38d763ebf3ae28dfd1828afe1718ed331fef3
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
14108
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 16:40:28 GMT
embed.js
www.instagram.com/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/embed.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:2880:f22d:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e5ab08932b6577df32d70c0a23beb37c26eb43837004a8179e6a635c953b2146

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
br
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
access-control-allow-origin
*
etag
"/static/bundles/metro/EmbedSDK.js/03f0a04706b1.js"
vary
Accept-Encoding
content-type
text/javascript
status
200
edge-control
private,max-age=21600
cache-control
private,max-age=21600
content-length
4809

Redirect headers

status
301
date
Sat, 02 Feb 2019 16:40:28 GMT
server
proxygen-bolt
content-length
0
location
https://www.instagram.com/embed.js
content-type
text/plain
sdk.js
connect.facebook.net/en_US/ 		183 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4645491595a0ed597b1fd3ae0b61542c7768a7cca924d83d1d67652327d24d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5h98C30rmanIY5V0VyofUg==
status
200
vary
Accept-Encoding
content-length
58174
x-xss-protection
0
x-fb-debug
au8BWqwuzzXj+7ZecQwnlGu1KfSmMtcAuOz5PsQew1Hz91CVdeYlIXXe/nlP1PkHiJPqwfJqG83REQwhiQ1YPw==
x-fb-content-md5
8979b95be0e1c7a46a254a8e62226e2c
date
Sat, 02 Feb 2019 16:40:28 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
access-control-allow-credentials
true
etag
"06d8f9271c4518100291605360b9278b"
timing-allow-origin
*
expires
Sat, 02 Feb 2019 16:44:05 GMT
1576393572602771
connect.facebook.net/signals/config/ 		185 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1576393572602771?v=2.8.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
23c8aa39b87a9117944aef6360be2656cab7287694c7e33c59176af3f16f6eb4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
44978
x-xss-protection
0
pragma
public
x-fb-debug
dbQREYkX8lEEZ5uUtY5Emrnw90GBxewwCOwJldNDvzM018ORay5rGMujg0LWhOwZc8vuqPd0UvSohNKBdj+QhQ==
date
Sat, 02 Feb 2019 16:40:28 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.js
tag.bounceexchange.com/1494/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/1494/i.js
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.92.63 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
63.92.190.35.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
6743118bf624febab2e41fc1a43d3f8a90f1355cfbac51fb7c85e0ab43cdb452

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
server
fasthttp
etag
5aa52f94763aa9
content-type
text/plain; charset=utf-8
status
200
cache-control
no-cache, must-revalidate
x-region
europe-west3
alt-svc
clear
content-length
24966
via
1.1 google
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A7FC606253FC752B0A4C98A2%40AdobeOrg&d_nsid=0&d_cid_ic=timeuser%01&ts=1549125628309
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.36.162 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-36-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
031f3df851999a7670bd4b6cdee960853aee7e3c0061718006c4fee9fdb7ba0a

Request headers

Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v018-07db49580.edge-irl1.demdex.com 5.47.3.20190129122145 7ms
Pragma
no-cache
Content-Encoding
gzip
X-Error
300
X-TID
NHgArp9oSIY=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://ew.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1168
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gwiq.js
gwiqcdn.globalwebindex.net/gwiq/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.93.216 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
216.93.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2ecb9afac87ca44820ee0bae7027e57b8900b385fc8e39cd289fcc0518bd41c4

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:27:02 GMT
age
806
status
200
x-guploader-uploadid
AEnB2Upg5JbUgexUKvAOZgLLq4nYpi49JVc_qW-bRWxm9dk7Kd35E8ihquNJN-QLOMemKxzPXL-RVYP45zs9ynaiDEdRDkV-6g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14165
last-modified
Mon, 11 Jun 2018 11:45:02 GMT
server
UploadServer
etag
"0ac20b87baa97328aca30f7eff8667b1"
x-goog-hash
crc32c=q+FuBw==, md5=CsILh7qpcyisow9+/4ZnsQ==
x-goog-generation
1528717502761800
cache-control
public, max-age=3600
x-goog-stored-content-length
14165
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 02 Feb 2019 17:27:02 GMT
nlsDcrLite510.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsDcrLite510.min.js
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.23 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-23.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77aada385806e67e30d42a7190b25d73b8d78b17a0d1e021ccb274907f273a6a

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
NAa.D2igA80kfjGpgUKXM6xV1rGfwyIe
content-encoding
gzip
last-modified
Thu, 06 Dec 2018 14:16:48 GMT
server
AmazonS3
age
400
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
date
Sat, 02 Feb 2019 16:33:59 GMT
x-amz-cf-id
LAB6cjD2zd3lYMFksqAD0vYFhJ8pPw2LVmUQ-O6Uik-GGrrq42zh3A==
via
1.1 3ef066dcf359ad5dbc339df978147194.cloudfront.net (CloudFront)
c.js
c.betrad.com/geo/ 		27 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.betrad.com/geo/c.js
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.71.200 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-71-200.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e099925c8a41c42b69f8d087376431ebe918c76af9c261adbaf8df1a252d1e8c

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 16:40:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Feb 2015 01:13:52 GMT
Server
Apache
ETag
"11b0cb2abfd705f33d1c42f1d747fc55:1424394832"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47
sync
pippio.com/api/ 		0
62 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pippio.com/api/sync?pid=8242
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.178.254.65 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Sat, 02 Feb 2019 16:40:28 GMT
via
1.1 google
alt-svc
clear
i
api.segment.io/v1/ 		21 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.247.77 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-69-247-77.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Sat, 02 Feb 2019 16:40:28 GMT
access-control-allow-origin
https://ew.com
content-length
21
vary
Origin
content-type
application/json
init-182h1kagypftheeqt3p.js
aamapi.com/api/ 		0
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aamapi.com/api/init-182h1kagypftheeqt3p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.21.20 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-88-21-20.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 16:40:29 GMT
Content-Encoding
gzip
Server
openresty
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
20
Expires
-1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&ns__t=1549125628330&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=http%3A%2F%2Frinat.site%2F
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1549125628330&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=http%3A%2F%2Frinat.site%2F
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1549125628330&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=http%3A%2F%2Frinat.site%2F
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.89.123 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-89-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 16:40:28 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1549125628330&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=http%3A%2F%2Frinat.site%2F
Pragma
no-cache
Date
Sat, 02 Feb 2019 16:40:28 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F
6927309.fls.doubleclick.net/ Frame 56A1
Redirect Chain
  • https://6927309.fls.doubleclick.net/activityi;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.co...
  • https://6927309.fls.doubleclick.net/activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Fe...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://6927309.fls.doubleclick.net/activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.18.6 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra02s19-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
6927309.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://ew.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sat, 02 Feb 2019 16:40:28 GMT
expires
Sat, 02 Feb 2019 16:40:28 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
794
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUmCfIfT9P895RaJAVllgVAny17ALBctRBhTu1x4Mh7pm-X8nx7d_6WeIvTa; expires=Thu, 27-Feb-2020 16:40:28 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Sat, 02 Feb 2019 16:40:28 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6927309.fls.doubleclick.net/activityi;dc_pre=CLzErNa-neACFREU4Aoda_sBQg;src=6927309;type=ewmay0;cat=unive0;ord=1;num=8098435586845;gtm=2wg1d1;auiddc=1915917804.1549125628;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Feb-2019 16:55:28 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
37-37.js
ew.com/dist/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/37-37.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
2864824cb0fdf0b88e9323ec47bbaf2170dd607b105e1dcd0edbe2afe126390f

Request headers

:path
/dist/37-37.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
pY5E4xKgrquq0GRJWgislWvjDPijGd4Pl7jMbuY0QjeUQxN5kKh3Qw==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
1-1.js
ew.com/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/1-1.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
66d388875570d327f310a4519eab59d5b4962824794e6bfe8687b57fa1ee100d

Request headers

:path
/dist/1-1.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
fGC81ZULWB9aRpF6cFCB_kST5pQrEu1z1UZ_TsDzTjPxUEyw_VkQbw==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
2-2.js
ew.com/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/2-2.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
f50168a5a3fd64c68a5ba5338940fea4cb7dd387fcb0e6763703c03c753894f2

Request headers

:path
/dist/2-2.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
At_EXc6Sghl77Gv4-nfemPZpg3fvByOOC8U56UJJnI5U7Db2YeMHAw==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
10-10.js
ew.com/dist/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/10-10.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
1bd0d61cd1a28c5d2684aaa70893ac999bf6ae4fd0ee64d36a970c7a0e066002

Request headers

:path
/dist/10-10.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
ZuOB5P6-OOZZ6Q9OaszxNn-QLtaug3bmb5x1yDT6t0LNkppv_gcqvQ==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
4-4.js
ew.com/dist/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/4-4.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
6910f2454f02e496c4c56dde23fe7f4c61daaf60d1e944d41b9649057a513a1c

Request headers

:path
/dist/4-4.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
yfGZVmgxf-uVbZWEn-F9u-06fuxJtJYAuyJrevO0jxBTwQvkOJinxA==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
7-7.js
ew.com/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/7-7.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
80a19262216037a9243bf2a2e76f4f301ac975bb9439b3aede69b3c2be87763c

Request headers

:path
/dist/7-7.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
Uq-oQRz_7iFQ5eOeOL2CVoCrPLVQ7laJAl2jVsa21zzwomImojMLcg==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
3-3.js
ew.com/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/3-3.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
7fe0df666356da59a2e360258ddb10a989fe4b816cbb39e11147df4a283e2cae

Request headers

:path
/dist/3-3.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
Mp4cHbXjO2tdoCbn-NA9g-s7jlc5TfqS2v0odzJebxTx20k9yjXxVg==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
8-8.js
ew.com/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/8-8.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
6a53edd462bd5122b46d1333853837c1a6bf3e8ae2d6fab6d0b64d69cc4cf721

Request headers

:path
/dist/8-8.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
5mpcFmT_IsOA4bNPLKH8fG7rjvxA9rWVCAlxKCb8gcH8IB88mqMszg==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
21-21.js
ew.com/dist/ 		140 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/21-21.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
a5aa3f76315d1d575a0547d3ff139dd1746ddceff6ba6c9dde4ee3e5be7f48d1

Request headers

:path
/dist/21-21.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
aB9TLHx6YFlXWLI0DSesdADy-Iw6RKumIFOz_FxfQQ2Uj-z-R5MtTA==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
0-0.js
ew.com/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/0-0.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
5573c5c28631ec0fbff0110bbeaef0f56b948172b2ee76d2f52dde2411c27420

Request headers

:path
/dist/0-0.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
33pawsGup6meWV2MF5wbfHnARdUOMXRvcw2jrpj9lCMHv9aT-9745A==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
20-20.js
ew.com/dist/ 		93 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/20-20.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
d823a595ef6a070e6c4b46a736079c3950ce0c1189ce9a878dae9f7586c33984

Request headers

:path
/dist/20-20.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
fAnURndmnPl1c4cZ9QvXL0wbJxg-lZ9OVB6UD-Q7XpH0N5Le0ZLQJg==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
27-27.js
ew.com/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/27-27.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
e4a146d1fcffbe97b02773f0a4e4fea9d7b1c81a527fcf819e60c3a3a8ffc3bb

Request headers

:path
/dist/27-27.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
h_nqL08QaFn-DvowrpmmcpsBvwoNLUnlGHwZ1_QuOPK3KIuz0HtYLg==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
6-6.js
ew.com/dist/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/6-6.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
2334c9df75ef41dabb5561015343479f42aa9fc0bf9b76923bf8d9b04ac3ef86

Request headers

:path
/dist/6-6.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
-KeV9oF7ckWtBw8lD2GSvI_dbX9ExTdoa78RfOf7j5xqE3HLy3my1Q==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
24-24.js
ew.com/dist/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ew.com/dist/24-24.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.235 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-235.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
8e47a4f970e59cd75fbbf9729e6cdc9ee19e5447161d9c5d4b8bd99811e87258

Request headers

:path
/dist/24-24.js
pragma
no-cache
cookie
ajs_user_id=null; ajs_group_id=null; _ga=GA1.2.1224674948.1549125628; _gid=GA1.2.1652442205.1549125628; _gcl_au=1.1.1915917804.1549125628; AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg=T; ajs_anonymous_id=%22de32efc2-f50b-42cf-bb22-159666165a6d%22
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ew.com
referer
https://ew.com/
:scheme
https
:method
GET
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 19:24:41 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
accept-ranges
bytes
x-amz-cf-id
LYjpHnVi77TJtJ2uiBgFLutVCpfOI7L8Nyyry2PddKAczbD5ksBYOA==
via
1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
p
api.segment.io/v1/ 		21 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.247.77 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-69-247-77.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Sat, 02 Feb 2019 16:40:28 GMT
access-control-allow-origin
https://ew.com
content-length
21
vary
Origin
content-type
application/json
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1211504325&t=pageview&_s=1&dl=https%3A%2F%2Few.com%2F&dr=http%3A%2F%2Frinat.site%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%7C%20EW.com&sd=24-bit&sr=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_gid=1652442205.1549125628&gjid=757372068&_v=j73&z=1347741005
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_v=j73&z=1347741005
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_v=j73&z=1347741005&slf_rd=1&random=2765143573
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_v=j73&z=1347741005&slf_rd=1&random=2765143573
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Feb 2019 16:40:28 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Feb 2019 16:40:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97981691-4&cid=1224674948.1549125628&jid=1444382316&_v=j73&z=1347741005&slf_rd=1&random=2765143573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.09ebc571a022d419934530eaf14c8a78
cdn.krxd.net/ctjs/ 		247 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/stiufge0y.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
0b57722c5650587fd2bce696f64780e9bd054d8fe51aad3ac197f54c3fe03056

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date
Sat, 02 Feb 2019 16:40:28 GMT
Content-Encoding
gzip
Age
3878379
X-Cache
HIT
Connection
keep-alive
Content-Length
80533
X-Served-By
cache-hhn1529-HHN
Last-Modified
Wed, 19 Dec 2018 18:55:08 GMT
X-Timer
S1549125628.414402,VS0,VE0
ETag
"09ebc571a022d419934530eaf14c8a78"
Content-Type
application/javascript
Via
1.1 varnish
Expires
Sat, 16 Dec 2028 18:55:07 GMT
Cache-Control
public, max-age=315360000
Accept-Ranges
bytes
X-Cache-Hits
2452537
6699.js
script.crazyegg.com/pages/scripts/0080/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0080/6699.js?430312
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4aa01d888f7f6f4c361f5a3e6967192dd5b6fcdd305af84720a70142107f2b

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
cf-cache-status
HIT
cf-polished
origSize=10670
x-cache
RefreshHit from cloudfront
status
200
content-encoding
gzip
last-modified
Tue, 29 Jan 2019 05:58:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private, max-age=10800
cf-ray
4a2e1989d8a0c2ab-FRA
x-amz-cf-id
hso6uy3I7IH73mXyxRcIYar2tPGqqNe9cAGBXYC1dtbPDvXUjPjaeg==
cf-bgj
minify
/
www.facebook.com/tr/ 		44 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1576393572602771&ev=PageView&dl=https%3A%2F%2Few.com%2F&rl=http%3A%2F%2Frinat.site%2F&if=false&ts=1549125628443&sw=1600&sh=1200&v=2.8.39&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1549125628441.1486824108&it=1549125628267&coo=false&rqm=GET
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sat, 02 Feb 2019 16:40:28 GMT
css
fonts.googleapis.com/ 		4 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0cbeef1cf3fbe7e0874802b1cb90e875f3bdbd49e2473bf73bd0efc1f2abac1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 02 Feb 2019 16:40:28 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 02 Feb 2019 16:40:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sat, 02 Feb 2019 16:40:28 GMT
ijs_all_modules_cjs_min_45d42674d9ac157937eee1c504a885b7.js
assets.bounceexchange.com/assets/smart-tags/versioned/ 		492 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tags/versioned/ijs_all_modules_cjs_min_45d42674d9ac157937eee1c504a885b7.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/1494/i.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.167.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-167-241.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a60cec8044f89963080ae7367595c340a27363bfe4791edf9c21e59ba82d13a

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 01 Feb 2019 22:21:51 GMT
content-encoding
gzip
last-modified
Fri, 01 Feb 2019 22:07:00 GMT
server
AmazonS3
age
65918
etag
"d6069e1a0861fdcb634632d610518028"
x-cache
Hit from cloudfront
x-amz-version-id
CAg0zz2GdGZqaquKdvDSFb9JyptbMntM
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
120411
via
1.1 bd3e2233bf25337a89461c638cad13b9.cloudfront.net (CloudFront)
x-amz-cf-id
z0PxG_dmzdX7M-gLa2K2guLBT6ACuDEjyQcnmROE-eazbWJ4BVuhqA==
c0248
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/c0248
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.80.55 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
55.80.190.35.bc.googleusercontent.com
Software
akka-http/10.1.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://ew.com
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,x-requested-with

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
via
1.1 google
alt-svc
clear
server
akka-http/10.1.5
x-b3-traceid
57198e8672b0d54c
access-control-allow-origin
https://ew.com
access-control-max-age
1800
access-control-allow-methods
GET, POST, OPTIONS
status
200
x-b3-spanid
6153193405378d1b
x-b3-sampled
0
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
content-length
0
Cookie set dest5.html
timeinc.demdex.net/ Frame B211 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://timeinc.demdex.net/dest5.html?d_nsid=undefined
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
timeinc.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://ew.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=74487015991882079671503908174197244750
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 01 Feb 2019 14:33:49 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=74487015991882079671503908174197244750;Path=/;Domain=.demdex.net;Expires=Thu, 01-Aug-2019 16:40:28 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
hPe9CN8WS1k=
Content-Length
2764
Connection
keep-alive
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A7FC606253FC752B0A4C98A2%40AdobeOrg&d_nsid=0&d_mid=74460081541011119311500937622102595178&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=timeuser%01&ts=1549125628522
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.36.162 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-36-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b3497da641209df2da0e355810be98610d592fdd228fa96d5954591efdd22243

Request headers

Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v018-0f15d5108.edge-irl1.demdex.com 5.47.3.20190129122145 10ms
Pragma
no-cache
Content-Encoding
gzip
X-Error
300
X-TID
zTm3lpQfScU=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://ew.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1169
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=411&dpuuid=XFXH-AAADlANsjx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=74487015991882079671503908174197244750
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XFXH-AAADlANsjx0
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XFXH-AAADlANsjx0
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.36.162 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-36-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v018-0e6a2f8a3.edge-irl1.demdex.com 5.47.3.20190129122145 4ms
Pragma
no-cache
X-TID
QYVEuT77RqM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 02 Feb 2019 16:40:28 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XFXH-AAADlANsjx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
c0248
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/c0248
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.80.55 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
55.80.190.35.bc.googleusercontent.com
Software
akka-http/10.1.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
Origin
https://ew.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
via
1.1 google
server
akka-http/10.1.5
x-b3-traceid
bc6cb39e9b704e58
status
204
content-type
application/json
access-control-allow-origin
https://ew.com
x-b3-spanid
60d1e27300a78db8
x-b3-sampled
0
access-control-allow-credentials
true
alt-svc
clear
GMRn6XEBZ06.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame BD3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/GMRn6XEBZ06.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://ew.com/
accept-encoding
gzip, deflate, br
cookie
fr=06wWRvFB65AQclWFu..BcVcf8...1.0.BcVcf8.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Sat, 01 Feb 2020 22:03:09 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
HaoipJir/ez8bMh37ANTXOMX5mGACcHx6eNI3Js7KVknheRz62hDGvwcI2QgKhww8TBTvUf4MAYM4fusZ2WKEQ==
content-length
10883
date
Sat, 02 Feb 2019 16:40:28 GMT
1b008fc9-b074-4b2e-8e4a-c1e1f07d344b
consumer.krxd.net/consent/get/ 		236 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/1b008fc9-b074-4b2e-8e4a-c1e1f07d344b?idt=device&dt=kxcookie&callback=Krux.ns.meredith.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.175 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2d66a3c752dea3feac6c3428e18b436d17592d34dc2a486819449cb62bfbcdb2

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 16:40:28 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS, MISS
X-Request-Backend
krux_scala_consumer_webservice
Connection
keep-alive
Content-Length
192
X-Served-By
consumer-a004-dub.krxd.net, cache-hhn1527-HHN
Accept-Ranges
bytes
X-Timer
S1549125629.787119,VS0,VE26
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Via
1.1 varnish
Cache-Control
max-age=1800
X-Age
0
X-Cache-Hits
0, 0
brandlift.php
www.facebook.com/
Redirect Chain
  • https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&st=dcr&rt=text&forward=0&sup=0&ad=0&asn=homepage&ci=us-100120&c6=vc,c32&c9=devid,&c11=agg,1&c12=apv,&c13=asid,PC1601761-BBBF-4503-8F00-80834F1...
  • https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access...
67 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access_method=0&segment_a=d4cd0dabcf4caa22ad92fab40844c786&segment_b=d4cd0dabcf4caa22ad92fab40844c786&segment_c=d4cd0dabcf4caa22ad92fab40844c786&content_type=text&segment1=ZZ&segment2=111&segment3=NA&osversion=OSX10_13_5&device_type=DSK&platform=DSK&appid=PC1601761-BBBF-4503-8F00-80834F197676&length=0&ad_duration=0&ad_count=0&impressions=1&advertiser_id=DSK&app_launch=0&ver=1&placement_id=d4cd0dabcf4caa22ad92fab40844c786&data_date=20190202&day_id=sat&hour_id=05&ad_supp=2&h=b19098be4f&rnd=1549125629
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
X3vp5wsFPncAKdVbNz8+xr++kOKaMKW5+FMW23Q9x+87lWW0TxrVMG/0Ke4zVTvEX8CCON4ONExx5VgsP3rMxQ==
content-encoding
br
x-content-type-options
nosniff
date
Sat, 02 Feb 2019 16:40:29 GMT
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
content-type
image/png
status
200
cache-control
private, no-store, no-cache, must-revalidate
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 02 Feb 2019 16:40:29 GMT
server
nginx
access-control-allow-origin
*
location
https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access_method=0&segment_a=d4cd0dabcf4caa22ad92fab40844c786&segment_b=d4cd0dabcf4caa22ad92fab40844c786&segment_c=d4cd0dabcf4caa22ad92fab40844c786&content_type=text&segment1=ZZ&segment2=111&segment3=NA&osversion=OSX10_13_5&device_type=DSK&platform=DSK&appid=PC1601761-BBBF-4503-8F00-80834F197676&length=0&ad_duration=0&ad_count=0&impressions=1&advertiser_id=DSK&app_launch=0&ver=1&placement_id=d4cd0dabcf4caa22ad92fab40844c786&data_date=20190202&day_id=sat&hour_id=05&ad_supp=2&h=b19098be4f&rnd=1549125629
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
status
302
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
local_storage_frame10.min.html
assets.bounceexchange.com/assets/bounce/ Frame 0BF1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame10.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tags/versioned/ijs_all_modules_cjs_min_45d42674d9ac157937eee1c504a885b7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.167.241 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-167-241.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
assets.bounceexchange.com
:scheme
https
:path
/assets/bounce/local_storage_frame10.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://ew.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/

Response headers

status
200
content-type
text/html
content-length
995
date
Mon, 10 Dec 2018 18:23:32 GMT
last-modified
Thu, 06 Dec 2018 22:10:11 GMT
etag
"55fccc7bc73db2181e976f1ccec90e2c"
cache-control
max-age=31536000
content-encoding
gzip
x-amz-version-id
iR64T.LKj_uq4qI1dcEGfT66vRlvUKzS
accept-ranges
bytes
server
AmazonS3
age
4659417
x-cache
Hit from cloudfront
via
1.1 bd3e2233bf25337a89461c638cad13b9.cloudfront.net (CloudFront)
x-amz-cf-id
6gugunvWPUqsvG-y7Z5fXA2szaVQLH-KaZ20oOW83nDbldzsYdSXdQ==
/
data.cdnbasket.net/ 		14 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.cdnbasket.net/
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.247.88 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
88.247.186.35.bc.googleusercontent.com
Software
/
Resource Hash
333e62715e266d0c761ffa44237843334e5d536b379a13e80cf1438a6ee214af

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/
Origin
https://ew.com

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 16:40:29 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/ 		57 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://page.cdnbasket.net/
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.251.121 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
121.251.227.35.bc.googleusercontent.com
Software
/
Resource Hash
dfbee137b9cc5d1df2f31405f6499a9b541d4056a32fa0e893e326b144c8c118

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/
Origin
https://ew.com

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 16:40:29 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/ 		57 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://view.cdnbasket.net/
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.220.176 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
176.220.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d92266acc5458a659fffd5948d19f1d523df8665bac82d500018e5c65ba2d7ee

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/
Origin
https://ew.com

Response headers

Pragma
no-cache
Date
Sat, 02 Feb 2019 16:40:29 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
www.facebook.com/tr/ 		44 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1576393572602771&ev=Microdata&dl=https%3A%2F%2Few.com%2F&rl=http%3A%2F%2Frinat.site%2F&if=false&ts=1549125628947&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22https%3A%2F%2Few.com%2F%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22EW.com%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Few.com%2F%22%2C%22og%3Adescription%22%3A%22Entertainment%20Weekly%20has%20all%20the%20latest%20news%20about%20TV%20shows%2C%20movies%2C%20and%20music%2C%20as%20well%20as%20exclusive%20behind%20the%20scenes%20content%20from%20the%20entertainment%20industry.%20%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Few.com%2Fimg%2Fmisc%2Fog-default.png%22%7D&cd[Meta]=%7B%22title%22%3A%22%20%7C%20EW.com%22%2C%22meta%3Akeywords%22%3A%22entertainment%2C%20entertainment%20news%2C%20ew%2C%20entertainment%20weekly%22%2C%22meta%3Adescription%22%3A%22Entertainment%20Weekly%20has%20all%20the%20latest%20news%20about%20TV%20shows%2C%20movies%2C%20and%20music%2C%20as%20well%20as%20exclusive%20behind%20the%20scenes%20content%20from%20the%20entertainment%20industry.%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22EW.com%22%2C%22url%22%3A%22https%3A%2F%2Few.com%2F%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22https%3A%2F%2Few.com%2Fimg%2Flogo.png%22%2C%22width%22%3A275%2C%22height%22%3A60%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2FSportsIllustrated%22%2C%22https%3A%2F%2Ftwitter.com%2FSInow%22%2C%22https%3A%2F%2Fwww.pinterest.com%2F%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fsportsillustrated%22%5D%7D%5D%5D&sw=1600&sh=1200&v=2.8.39&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1549125628441.1486824108&it=1549125628267&coo=false&eid=&es=automatic&rqm=GET
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sat, 02 Feb 2019 16:40:28 GMT
nr-1026.min.js
js-agent.newrelic.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1026.min.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:29 GMT
content-encoding
gzip
x-amz-request-id
048DE3716287750E
x-cache
HIT
status
200
content-length
8844
x-amz-id-2
woHne7NOGzzcMj18QARIvzHraWM6icjjJGji2yzSfbgYrRHpwEFyv2dIMwGaAHL5TajjzEYXQJU=
x-served-by
cache-hhn1527-HHN
last-modified
Wed, 28 Feb 2018 23:33:30 GMT
server
AmazonS3
x-timer
S1549125629.352051,VS0,VE0
etag
"230c916aaa9194e21891a639a9c2b8eb"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
189
Cookie set dest5.html
timeinc.demdex.net/ Frame ADC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://timeinc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
timeinc.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://ew.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=74487015991882079671503908174197244750; dextp=21-1-1549125628817|60-1-1549125628870|358-1-1549125628882|477-1-1549125628911|771-1-1549125628925|822-1-1549125628941|992-1-1549125628956|22052-1-1549125628971|30064-1-1549125628987|575-1-1549125629001|49276-1-1549125629017|73426-1-1549125629031|75557-1-1549125629048|79908-1-1549125629062|2340-1-1549125629078|66757-1-1549125629092|121998-1-1549125629108|124894-1-1549125629123|129099-1-1549125629138
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 01 Feb 2019 14:34:57 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=74487015991882079671503908174197244750;Path=/;Domain=.demdex.net;Expires=Thu, 01-Aug-2019 16:40:29 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
PL91ZSAWRsA=
Content-Length
2764
Connection
keep-alive
cs.js
sb.scorecardresearch.com/c2/6035728/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/6035728/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.89.123 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-89-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 16:40:29 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Tue, 05 Feb 2019 16:40:29 GMT
optout_check
beacon.krxd.net/ 		62 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.meredith.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.09ebc571a022d419934530eaf14c8a78
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.244.94 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-217-244-94.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e00e55ad0f456863da2c1eb4e2dc577430c1645c92a4bc01dc6a98557e7807fb

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 16:40:29 GMT
Cache-Control
private, max-age=0, s-max-age=0
X-Request-Time
D=50 t=1549125629
Connection
keep-alive
X-Served-By
beacon-n011-dub.krxd.net
Content-Length
62
Content-Type
text/javascript
t
api.segment.io/v1/ 		21 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.247.77 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-69-247-77.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Sat, 02 Feb 2019 16:40:29 GMT
access-control-allow-origin
https://ew.com
content-length
21
vary
Origin
content-type
application/json
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=1211504325&t=event&ni=1&_s=2&dl=https%3A%2F%2Few.com%2F&dr=http%3A%2F%2Frinat.site%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%7C%20EW.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Pageview-SFDMP&ev=0&_u=6GBAAEADQ~&jid=&gjid=&cid=1224674948.1549125628&tid=UA-97981691-4&_gid=1652442205.1549125628&cd8=gdpr&cd10=ew.com&cd7=own&cd1=&cd9=front%20end&z=1387052650
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Jan 2019 09:33:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
371194
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1576393572602771&ev=Pageview-SFDMP&dl=https%3A%2F%2Few.com%2F&rl=http%3A%2F%2Frinat.site%2F&if=false&ts=1549125629383&cd[affiliateLinkCount]=0&cd[contentAuthorName]=%5B%22%22%5D&cd[contentCmsTerms]=%5B%22%22%5D&cd[contentShownOnPlatform]=own&cd[contentType]=gdpr&cd[memberLoggedIn]=false&cd[referrer]=http%3A%2F%2Frinat.site%2F&cd[search]=&cd[timeIncApplication]=front%20end&cd[timeIncBrand]=ew.com&cd[url]=https%3A%2F%2Few.com%2F&sw=1600&sh=1200&v=2.8.39&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1549125628441.1486824108&it=1549125628267&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Sat, 02 Feb 2019 16:40:29 GMT
f8013d5a46
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/f8013d5a46?a=48986041&sa=1&v=1026.7a27a3e&t=Unnamed%20Transaction&rst=1599&ref=https://ew.com/&be=196&fe=1545&dc=201&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1549125627801,%22n%22:0,%22f%22:125,%22dn%22:126,%22dne%22:139,%22c%22:139,%22s%22:147,%22ce%22:161,%22rq%22:161,%22rp%22:177,%22rpe%22:180,%22dl%22:185,%22di%22:201,%22ds%22:201,%22de%22:202,%22dc%22:1545,%22l%22:1545,%22le%22:1568%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1026.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
event
timeinc.demdex.net/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://timeinc.demdex.net/event?_ts=1549125629404
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c0c12c25fcfa38fdd5897a9897fb1a7e36c4fc5fec632b51605bdcd9acb7bebd

Request headers

Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v018-08d3f6add.edge-irl1.demdex.com 5.47.3.20190129122145 14ms
Pragma
no-cache
X-Error
300
X-TID
w2QcFUP1RTc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://ew.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
3665
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c
ids.cdnwidget.com/ 		37 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=069063100&GCS2=MTQ4LjI1MS40NS4xNzAsMmEwMTo0Zjg6MjAyOmE5Ojoy&pe=false&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.25%22%2C%22wsid%22%3A1494%2C%22loadID%22%3A%22ineN1GFxDIXKXpg%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A4%2C%22IDStageStart%22%3A5%2C%22netComplete%22%3A126%2C%22obsReq0%22%3A454%2C%22obsReq2%22%3A483%2C%22obsReq1%22%3A586%2C%22IDStagePrefire%22%3A586%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
17.47.211.130.bc.googleusercontent.com
Software
/
Resource Hash
33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://ew.com/
Origin
https://ew.com

Response headers

status
200
date
Sat, 02 Feb 2019 16:40:29 GMT
via
1.1 google
access-control-allow-credentials
true
access-control-allow-origin
https://ew.com
alt-svc
clear
content-type
application/json
s
session.timecommerce.net/v1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://session.timecommerce.net/v1/s?rr=http%3A%2F%2Frinat.site%2F
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.168.208 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-168-208.fra54.r.cloudfront.net
Software
/
Resource Hash
96301334e8b418d17a9c3fc35f31c634541924dc8c417e3e3a67784cd28d0997

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 02 Feb 2019 16:40:33 GMT
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront), 1.1 b4b6d30e349cbed36f8141249dcef99f.cloudfront.net (CloudFront)
x-amzn-RequestId
426e89a1-2709-11e9-86bf-5b6c13c523e5
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/json
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
x-amz-apigw-id
UewwOFR0IAMF1_w=
X-Amz-Cf-Id
0yCcsu9X-noZwArh-ZETGwiOrkynomK3870iAazIBFp6b450xAngXA==
X-Amzn-Trace-Id
Root=1-5c55c801-fcedefa0634ff46e36a3d688;Sampled=0
tm.js
uid1.vindicosuite.com/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uid1.vindicosuite.com/js/tm.js?r=http%3A%2F%2Frinat.site%2F&u=https%3A%2F%2Few.com%2F&tid=88e94ea4-65dc-4e99-bac4-1017eb6939eb
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.27.95 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
95.27.211.130.bc.googleusercontent.com
Software
/
Resource Hash
68f8bd0d7f31ce98b6eb525c12cf6d7653467dbaa6b9080cb67bfe73d26b796b

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Feb 2019 16:40:33 GMT
via
1.1 google
last-modified
Wed, 10 Oct 2018 15:28:55 GMT
content-type
application/x-javascript
status
200
cache-control
no-cache, private, max-age=0
accept-ranges
bytes
alt-svc
clear
content-length
8433
s.js
uid1.vindicosuite.com/ 		230 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uid1.vindicosuite.com/s.js
Requested by
Host: uid1.vindicosuite.com
URL: https://uid1.vindicosuite.com/js/tm.js?r=http%3A%2F%2Frinat.site%2F&u=https%3A%2F%2Few.com%2F&tid=88e94ea4-65dc-4e99-bac4-1017eb6939eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.27.95 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
95.27.211.130.bc.googleusercontent.com
Software
WebStar /
Resource Hash
97edc2806ea99708c7e433caffefb4cd2263c3c5f479db72e1d1fb59504659ba

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:33 GMT
via
1.1 google
server
WebStar
etag
vBJr_PRp5MoBMC
vary
Server
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age, private, max-age=0
alt-svc
clear
content-length
230
/
uid1.vindicosuite.com/e/ 		0
63 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uid1.vindicosuite.com/e/?i=2&cc=globalTI_SID%3D88e94ea4-65dc-4e99-bac4-1017eb6939eb%3B%20uct%3DSat%252C%252002%2520Feb%25202019%252016%253A40%253A33%2520GMT%3B%20uci%3DvBJr_PRp5MoBMC&p=120&r=http%3A%2F%2Frinat.site%2F&s=0&t=vBJr_PRp5MoBMC&u=https%3A%2F%2Few.com%2F
Requested by
Host: uid1.vindicosuite.com
URL: https://uid1.vindicosuite.com/js/tm.js?r=http%3A%2F%2Frinat.site%2F&u=https%3A%2F%2Few.com%2F&tid=88e94ea4-65dc-4e99-bac4-1017eb6939eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.27.95 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
95.27.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 02 Feb 2019 16:40:33 GMT
via
1.1 google
alt-svc
clear
content-length
0
content-type
text/plain; charset=utf-8
/
uid1.vindicosuite.com/e/ 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://uid1.vindicosuite.com/e/?i=5&cc=globalTI_SID%3D88e94ea4-65dc-4e99-bac4-1017eb6939eb%3B%20uct%3DSat%252C%252002%2520Feb%25202019%252016%253A40%253A33%2520GMT%3B%20uci%3DvBJr_PRp5MoBMC&p=120&r=http%3A%2F%2Frinat.site%2F&s=0&t=vBJr_PRp5MoBMC&u=https%3A%2F%2Few.com%2F
Requested by
Host: uid1.vindicosuite.com
URL: https://uid1.vindicosuite.com/js/tm.js?r=http%3A%2F%2Frinat.site%2F&u=https%3A%2F%2Few.com%2F&tid=88e94ea4-65dc-4e99-bac4-1017eb6939eb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.27.95 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
95.27.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Sat, 02 Feb 2019 16:40:33 GMT
via
1.1 google
alt-svc
clear
content-length
0
content-type
text/plain; charset=utf-8
sync.js
chirp.bizrate.com/ 		0
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chirp.bizrate.com/sync.js?tc=88e94ea4-65dc-4e99-bac4-1017eb6939eb&u=https%3A%2F%2Few.com%2F&r=http%3A%2F%2Frinat.site%2F
Requested by
Host: rinat.site
URL: http://rinat.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2043:ba00:6:f5a3:efc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 02 Feb 2019 16:40:33 GMT
via
1.1 0176a7920fd558900dd5f893f79acb9e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-cache
Error from cloudfront
content-type
text/plain;charset=UTF-8
status
200
content-length
0
x-amz-cf-id
Crq0nFEdw4bpmjLqqM2tJqFl6OMQ8F3gQm4maCbb9l1J0PN8cztiWA==
x-application-context
application:prod:8080

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| WebFontConfig object| analytics object| ELEMENT_CLIENT_CONFIG object| NREUM object| newrelic function| __nr_require object| WebFont string| GoogleAnalyticsObject function| ga function| normalize function| _fbq function| fbq function| Krux object| dataLayer object| __core-js_shared__ function| setImmediate function| clearImmediate function| UUIDv1 function| clamp object| STR undefined| UUID object| google_tag_data object| gaplugins object| gaGlobal object| google_tag_manager function| postscribe function| webpackJsonp function| _ function| $ function| jQuery object| TimeInc function| Visitor object| visitor function| get_aamCookie undefined| cookie_userid object| timeDil object| myDate object| d_names number| dindex string| day_of_week number| hour_of_day function| DIL object| s_c_il number| s_c_in object| nielsenMetadata object| c object| s object| globalTI object| customer_id object| CryptoJS string| base_url undefined| cookie string| pid object| head object| a function| hashEmail object| __brc object| gaData object| kruxDataLayer string| _bap_p_country object| FB object| bouncex object| $jscomp function| MIIScriptCtrl object| fortyone object| gwiq string| section object| karma object| CE2 object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| NOLLite object| instgrm function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| bxgraph function| MultiCookie string| globalTI_SID_MD5 object| _viantTMInit object| _viantTML object| _viantTMQ object| _viantTMC function| unload

20 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 06wWRvFB65AQclWFu..BcVcf8...1.0.BcVcf8.
.demdex.net/ Name: dextp
Value: 21-1-1549125628817|60-1-1549125628870|358-1-1549125628882|477-1-1549125628911|771-1-1549125628925|822-1-1549125628941|992-1-1549125628956|22052-1-1549125628971|30064-1-1549125628987|575-1-1549125629001|49276-1-1549125629017|73426-1-1549125629031|75557-1-1549125629048|79908-1-1549125629062|2340-1-1549125629078|66757-1-1549125629092|121998-1-1549125629108|124894-1-1549125629123|129099-1-1549125629138
.doubleclick.net/ Name: _fbp
Value: fb.1.1549125628648.1139174524
.doubleclick.net/ Name: IDE
Value: AHWqTUmCfIfT9P895RaJAVllgVAny17ALBctRBhTu1x4Mh7pm-X8nx7d_6WeIvTa
.ew.com/ Name: bounceClientVisit1494
Value:
ew.com/ Name: AMCV_A7FC606253FC752B0A4C98A2%40AdobeOrg
Value: 1099438348%7CMCMID%7C74460081541011119311500937622102595178%7CMCAAMLH-1549730428%7C6%7CMCAAMB-1549730428%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C56947556%7CMCOPTOUT-1549132828s%7CNONE%7CMCSYNCSOP%7C411-17937%7CvVersion%7C2.1.0
.ew.com/ Name: bounceClientVisit1494v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgKYDuAdAMYD2AtkSADQgBOMrAlgHYCGC5KDgmIgAvkA
ew.com/ Name: kxmeredith_visits
Value: 1
.ew.com/ Name: _gat
Value: 1
.ew.com/ Name: _fbp
Value: fb.1.1549125628441.1486824108
.ew.com/ Name: ajs_anonymous_id
Value: %22de32efc2-f50b-42cf-bb22-159666165a6d%22
ew.com/ Name: AMCVS_A7FC606253FC752B0A4C98A2%40AdobeOrg
Value: 1
.ew.com/ Name: _gid
Value: GA1.2.1652442205.1549125628
.demdex.net/ Name: demdex
Value: 74487015991882079671503908174197244750
.ew.com/ Name: ajs_user_id
Value: null
ew.com/ Name: kxmeredith_fp
Value: ee4d7c1adc7e1b4e89b23ea7aeed2560c867511a
ew.com/ Name: kxmeredith_cache_a2635f949ec4ea4ee6e2254af1336d242116406b
Value: ee4d7c1adc7e1b4e89b23ea7aeed2560c867511a
.ew.com/ Name: _gcl_au
Value: 1.1.1915917804.1549125628
.ew.com/ Name: _ga
Value: GA1.2.1224674948.1549125628
.ew.com/ Name: ajs_group_id
Value: null

1 Console Messages

Source Level URL
Text
console-api error URL: https://ew.com/dist/main.js(Line 1)
Message:
TypeError: e.default is not a function

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6927309.fls.doubleclick.net
aamapi.com
ajax.googleapis.com
api.segment.io
assets.bounceexchange.com
bam.nr-data.net
beacon.krxd.net
c.betrad.com
cdn-gl.imrworldwide.com
cdn.krxd.net
cdn.segment.com
chirp.bizrate.com
cm.everesttech.net
connect.facebook.net
consumer.krxd.net
data.cdnbasket.net
dpm.demdex.net
ew.com
fonts.googleapis.com
fonts.gstatic.com
gwiq-v3.globalwebindex.net
gwiqcdn.globalwebindex.net
ids.cdnwidget.com
js-agent.newrelic.com
native.sharethrough.com
page.cdnbasket.net
pippio.com
platform.instagram.com
rinat.site
sb.scorecardresearch.com
script.crazyegg.com
secure-dcr.imrworldwide.com
session.timecommerce.net
staticxx.facebook.com
stats.g.doubleclick.net
tag.bounceexchange.com
timeinc.demdex.net
uid1.vindicosuite.com
view.cdnbasket.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.instagram.com
xbrkb.adsb4trk.com
104.103.89.123
104.109.71.200
107.178.254.65
130.211.27.95
130.211.47.17
151.101.0.175
151.101.2.110
162.247.242.19
172.217.18.6
2600:9000:2043:ba00:6:f5a3:efc0:93a1
2606:4700:30::681b:87b9
2606:4700::6813:9308
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2008
2a00:1450:4001:820::200a
2a00:1450:400c:c0a::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
34.243.36.162
35.186.247.88
35.190.80.55
35.190.92.63
35.201.93.216
35.227.220.176
35.227.251.121
52.16.141.233
52.211.95.198
52.213.58.51
52.222.167.241
52.222.168.208
52.222.168.228
52.222.168.23
52.222.172.22
52.88.21.20
54.217.244.94
54.230.93.235
54.69.247.77
66.117.28.86
031f3df851999a7670bd4b6cdee960853aee7e3c0061718006c4fee9fdb7ba0a
0b57722c5650587fd2bce696f64780e9bd054d8fe51aad3ac197f54c3fe03056
0cbeef1cf3fbe7e0874802b1cb90e875f3bdbd49e2473bf73bd0efc1f2abac1d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1b4aa01d888f7f6f4c361f5a3e6967192dd5b6fcdd305af84720a70142107f2b
1bd0d61cd1a28c5d2684aaa70893ac999bf6ae4fd0ee64d36a970c7a0e066002
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1f844c93852c1962d84b5fa4cedff4c17823e0a73e9e1f0f744e5c98eddd362d
2334c9df75ef41dabb5561015343479f42aa9fc0bf9b76923bf8d9b04ac3ef86
23c8aa39b87a9117944aef6360be2656cab7287694c7e33c59176af3f16f6eb4
27f3ae09b6cf631db0ce55dee4c751762b7edc34c3c8654258f9fd3b1eca7d36
2864824cb0fdf0b88e9323ec47bbaf2170dd607b105e1dcd0edbe2afe126390f
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
2d66a3c752dea3feac6c3428e18b436d17592d34dc2a486819449cb62bfbcdb2
2ecb9afac87ca44820ee0bae7027e57b8900b385fc8e39cd289fcc0518bd41c4
33207c82efa045da3fbae51ad279020135b038e8a581fa89b34dd9faada6fb62
333e62715e266d0c761ffa44237843334e5d536b379a13e80cf1438a6ee214af
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
40995d4c68c0d2e7cc40036a40ddd6867d8450e7e96fde3d497d7614c876d85b
423af1d9f4e0e28c54f6ef9349ba4569cc90f527ce56456b48121feb60da3147
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4645491595a0ed597b1fd3ae0b61542c7768a7cca924d83d1d67652327d24d89
5573c5c28631ec0fbff0110bbeaef0f56b948172b2ee76d2f52dde2411c27420
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
66d388875570d327f310a4519eab59d5b4962824794e6bfe8687b57fa1ee100d
6743118bf624febab2e41fc1a43d3f8a90f1355cfbac51fb7c85e0ab43cdb452
68f8bd0d7f31ce98b6eb525c12cf6d7653467dbaa6b9080cb67bfe73d26b796b
6910f2454f02e496c4c56dde23fe7f4c61daaf60d1e944d41b9649057a513a1c
6a53edd462bd5122b46d1333853837c1a6bf3e8ae2d6fab6d0b64d69cc4cf721
755708eb88d99eef33ee21032d94692edaf136e2215d89f845607b9abc925d16
75cf13b0ac6afd29fe9b456c9db38d763ebf3ae28dfd1828afe1718ed331fef3
77aada385806e67e30d42a7190b25d73b8d78b17a0d1e021ccb274907f273a6a
79ebf2951da2d9bc5d4af83af985637e8c7e2e9e9bda22146644ed1b142bc986
7fe0df666356da59a2e360258ddb10a989fe4b816cbb39e11147df4a283e2cae
80a19262216037a9243bf2a2e76f4f301ac975bb9439b3aede69b3c2be87763c
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e47a4f970e59cd75fbbf9729e6cdc9ee19e5447161d9c5d4b8bd99811e87258
96301334e8b418d17a9c3fc35f31c634541924dc8c417e3e3a67784cd28d0997
97edc2806ea99708c7e433caffefb4cd2263c3c5f479db72e1d1fb59504659ba
98596fadff1c7114e641bfe6181b1aef3c3dad4777342b5c2011144f9bad2094
9a60cec8044f89963080ae7367595c340a27363bfe4791edf9c21e59ba82d13a
9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af
a22ff3d67954eca0f973caf14127deb569671199ba35bd3c09bfb401fb71724d
a319525d284a6601f494a8c32f74f8fdc2ec75cb1d5fda04b774dac68d15dc5a
a32cf4cbacae0c02bd7047d9cd93b4a95ae9bfde846b27699bd643c0909eed34
a5aa3f76315d1d575a0547d3ff139dd1746ddceff6ba6c9dde4ee3e5be7f48d1
aa7281b1ca00d97d58c69337fe4e75a8e780041fe2b89407a03c2e2c5f7f00ab
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b0359e88fe42b2cd031607dccb4e7d88a16492123066020680cf701bdfad751f
b3497da641209df2da0e355810be98610d592fdd228fa96d5954591efdd22243
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
c0c12c25fcfa38fdd5897a9897fb1a7e36c4fc5fec632b51605bdcd9acb7bebd
cd78c89ed011ad8676d3463cb9e664f22e4f654bc7b65ee527325c2088b2a376
d081d1833eb0363c2d16fe741319c15418d05cae593516d5c0517e9366d0d18e
d823a595ef6a070e6c4b46a736079c3950ce0c1189ce9a878dae9f7586c33984
d92266acc5458a659fffd5948d19f1d523df8665bac82d500018e5c65ba2d7ee
dfbee137b9cc5d1df2f31405f6499a9b541d4056a32fa0e893e326b144c8c118
e00e55ad0f456863da2c1eb4e2dc577430c1645c92a4bc01dc6a98557e7807fb
e099925c8a41c42b69f8d087376431ebe918c76af9c261adbaf8df1a252d1e8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a146d1fcffbe97b02773f0a4e4fea9d7b1c81a527fcf819e60c3a3a8ffc3bb
e4af793b98536fe685dc1f911f371c963987ca6f61456c73f4a51da01f82c63e
e5ab08932b6577df32d70c0a23beb37c26eb43837004a8179e6a635c953b2146
e88aea70bd29cae168a70c189870d5b08680a232eebfe6f29106ac3c36462817
eda0e088569f488beac71d392a74ead9fc6e6d33cad82420ff9d4f074eab9e22
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50168a5a3fd64c68a5ba5338940fea4cb7dd387fcb0e6763703c03c753894f2
f7c386915e39d8a925fe10d15744a9da95ac8f90423e12728e7fc3c5e34f4559