URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Submission: On March 03 via manual from US — Scanned from ES

Summary

This website contacted 50 IPs in 7 countries across 41 domains to perform 133 HTTP transactions. The main IP is 2.16.186.218, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.eonline.com. The Cisco Umbrella rank of the primary domain is 25411.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 9th 2021. Valid for: a year.
This is the only time www.eonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 2.16.186.218 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 199.27.170.201 14042 (COMCAST-C...)
7 104.89.32.152 16625 (AKAMAI-AS)
10 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a02:26f0:b60... 20940 (AKAMAI-ASN1)
1 2a04:4e42:c00... 54113 (FASTLY)
2 2.18.232.60 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
3 142.250.185.130 15169 (GOOGLE)
4 34.249.134.87 16509 (AMAZON-02)
2 2600:9000:215... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2600:1f18:659... 14618 (AMAZON-AES)
1 18.66.192.121 16509 (AMAZON-02)
1 2a04:4e42::714 54113 (FASTLY)
1 52.72.58.170 14618 (AMAZON-AES)
2 104.111.226.183 16625 (AKAMAI-AS)
4 2.18.235.40 16625 (AKAMAI-AS)
1 2.20.157.55 16625 (AKAMAI-AS)
8 8 104.79.89.79 16625 (AKAMAI-AS)
1 2 18.134.84.16 16509 (AMAZON-02)
1 52.49.218.107 16509 (AMAZON-02)
2 54.154.249.228 16509 (AMAZON-02)
1 143.204.98.82 16509 (AMAZON-02)
2 99.83.154.140 16509 (AMAZON-02)
1 52.208.32.237 16509 (AMAZON-02)
1 143.204.98.33 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
6 15.188.95.229 16509 (AMAZON-02)
1 143.204.98.102 16509 (AMAZON-02)
2 3 35.71.131.137 16509 (AMAZON-02)
3 3 142.250.185.194 15169 (GOOGLE)
2 2 52.215.92.65 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 35.156.243.46 16509 (AMAZON-02)
1 63.251.232.165 29791 (VOXEL-DOT...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 108.157.4.80 16509 (AMAZON-02)
2 92.123.195.105 20940 (AKAMAI-ASN1)
2 2.19.194.249 20940 (AKAMAI-ASN1)
1 1 2600:1f18:659... 14618 (AMAZON-AES)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 34.120.133.55 15169 (GOOGLE)
1 184.73.243.156 14618 (AMAZON-AES)
6 2600:9000:215... 16509 (AMAZON-02)
1 34.206.180.77 14618 (AMAZON-AES)
1 52.16.242.219 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
3 199.27.170.198 14042 (COMCAST-C...)
1 143.204.101.195 16509 (AMAZON-02)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... ()
133 50
Apex Domain
Subdomains
Transfer
21 eonline.com
www.eonline.com — Cisco Umbrella Rank: 25411
akns-images.eonline.com — Cisco Umbrella Rank: 30355
swa.eonline.com — Cisco Umbrella Rank: 53116
619 KB
14 theplatform.com
player.theplatform.com — Cisco Umbrella Rank: 32419
pdk.theplatform.com — Cisco Umbrella Rank: 14766
link.theplatform.com — Cisco Umbrella Rank: 8754 Failed
east.manifest.na.theplatform.com — Cisco Umbrella Rank: 58421
redirect.manifest.theplatform.com Failed
566 KB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 450
184 KB
9 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 515
118 KB
8 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2367
secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7375 Failed
s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com Failed
udo5i4xyw7gdo18jqxbhxraiaftkk1646316510.nuid.imrworldwide.com
133 KB
8 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 626
6 KB
6 omtrdc.net
eonline.tt.omtrdc.net — Cisco Umbrella Rank: 61393
comcastentertainmentgroup.hb.omtrdc.net — Cisco Umbrella Rank: 54838
2 KB
6 fwmrm.net
29773.v.fwmrm.net — Cisco Umbrella Rank: 9245
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3206
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10111
3 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
151 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
mb.moatads.com — Cisco Umbrella Rank: 587
81 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
eo.demdex.net — Cisco Umbrella Rank: 59263
8 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 399
338 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
1 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 950
load77.exelator.com — Cisco Umbrella Rank: 3015
2 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 874
66 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1029
mab.chartbeat.com — Cisco Umbrella Rank: 1863
24 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
13 KB
2 akamaized.net
eonlinevideos.akamaized.net — Cisco Umbrella Rank: 73139
34 KB
2 akamaihd.net
pmd205470tn-a.akamaihd.net — Cisco Umbrella Rank: 31503
546 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 125
107 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
1 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2409
496 B
2 nbcudigitaladops.com
www.nbcudigitaladops.com — Cisco Umbrella Rank: 20842
2 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 727
593 B
2 gstatic.com
fonts.gstatic.com
91 KB
2 nbcuni.com
mps.nbcuni.com — Cisco Umbrella Rank: 10158
83 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 347
1 KB
1 cloudfront.net
d28nxrgt4y7pn6.cloudfront.net
524 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 3832
167 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 713
328 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
42 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 381
489 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1282
408 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
1009 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
41 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 966
201 B
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2526
43 KB
1 taboola.com
c2.taboola.com — Cisco Umbrella Rank: 6920
18 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1238
4 KB
133 41
Domain Requested by
11 www.eonline.com www.eonline.com
10 cdn.cookielaw.org www.eonline.com
cdn.cookielaw.org
9 assets.adobedtm.com www.eonline.com
assets.adobedtm.com
8 ads.stickyadstv.com 8 redirects
8 akns-images.eonline.com www.eonline.com
7 pdk.theplatform.com www.eonline.com
player.theplatform.com
6 cdn-gl.imrworldwide.com eonlinevideos.akamaized.net
cdn-gl.imrworldwide.com
4 comcastentertainmentgroup.hb.omtrdc.net pmd205470tn-a.akamaihd.net
4 z.moatads.com mps.nbcuni.com
pdk.theplatform.com
www.eonline.com
4 dpm.demdex.net www.eonline.com
3 imasdk.googleapis.com pdk.theplatform.com
imasdk.googleapis.com
3 east.manifest.na.theplatform.com pdk.theplatform.com
3 cm.g.doubleclick.net 3 redirects
3 match.adsrvr.org 2 redirects www.eonline.com
3 29773.v.fwmrm.net www.eonline.com
3 securepubads.g.doubleclick.net mps.nbcuni.com
securepubads.g.doubleclick.net
www.eonline.com
3 player.theplatform.com 1 redirects www.eonline.com
2 pagead2.googlesyndication.com imasdk.googleapis.com
srcdoc
2 eonlinevideos.akamaized.net pdk.theplatform.com
2 pmd205470tn-a.akamaihd.net pdk.theplatform.com
2 sb.scorecardresearch.com pdk.theplatform.com
2 pm.w55c.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 swa.eonline.com www.eonline.com
2 loadm.exelator.com 2 redirects
2 api.sail-personalize.com ak.sail-horizon.com
2 eonline.tt.omtrdc.net www.eonline.com
2 1f2e7.v.fwmrm.net 1 redirects www.eonline.com
2 www.nbcudigitaladops.com mps.nbcuni.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 static.chartbeat.com www.eonline.com
2 fonts.gstatic.com fonts.googleapis.com
2 mps.nbcuni.com www.eonline.com
1 s0.2mdn.net imasdk.googleapis.com
1 gum.criteo.com static.criteo.net
1 d28nxrgt4y7pn6.cloudfront.net www.eonline.com
1 udo5i4xyw7gdo18jqxbhxraiaftkk1646316510.nuid.imrworldwide.com www.eonline.com
1 secure-sdk.imrworldwide.com www.eonline.com
1 link.theplatform.com pdk.theplatform.com
1 id.sv.rkdms.com www.eonline.com
1 api.rlcdn.com www.eonline.com
1 static.criteo.net js-sec.indexww.com
1 dmp.v.fwmrm.net 1 redirects
1 pixel.quantserve.com 1 redirects
1 cm.adgrx.com www.eonline.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 vars.hotjar.com static.hotjar.com
1 load77.exelator.com www.eonline.com
1 script.hotjar.com static.hotjar.com
1 mb.moatads.com z.moatads.com
1 static.hotjar.com www.eonline.com
1 eo.demdex.net assets.adobedtm.com
1 js-sec.indexww.com mps.nbcuni.com
1 ping.chartbeat.net www.eonline.com
1 mab.chartbeat.com www.eonline.com
1 ak.sail-horizon.com assets.adobedtm.com
1 c2.taboola.com www.eonline.com
1 polyfill.io www.eonline.com
1 fonts.googleapis.com www.eonline.com
0 redirect.manifest.theplatform.com Failed pdk.theplatform.com
0 s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com Failed www.eonline.com
133 61
Subject Issuer Validity Valid
*.eonline.com
DigiCert SHA2 Secure Server CA
2021-06-09 -
2022-06-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2021-06-01 -
2022-05-31
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-10 -
2022-09-10
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020
2021-06-04 -
2022-07-06
a year crt.sh
*.nbcuni.com
DigiCert SHA2 Secure Server CA
2022-02-28 -
2023-02-28
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2022-01-12 -
2023-01-12
a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-29 -
2022-12-30
a year crt.sh
ak.sail-horizon.com
Amazon
2022-01-06 -
2023-02-02
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
www.nbcudigitaladops.com
DigiCert SHA2 Secure Server CA
2021-06-02 -
2022-06-07
a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA
2021-11-27 -
2022-11-29
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-11 -
2022-10-12
a year crt.sh
player.theplatform.com
Entrust Certification Authority - L1K
2022-01-05 -
2023-02-04
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
api.sail-personalize.com
Amazon
2021-06-24 -
2022-07-23
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-25 -
2022-06-25
a year crt.sh
pdk.theplatform.com
GeoTrust RSA CA 2018
2021-10-05 -
2022-10-04
a year crt.sh
swa.eonline.com
DigiCert TLS RSA SHA256 2020 CA1
2021-08-25 -
2022-09-25
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA
2021-07-15 -
2022-07-20
a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-02 -
2022-05-03
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
securedvisit.com
Amazon
2021-11-30 -
2022-12-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-04 -
2023-02-03
a year crt.sh
*.hb.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-12-02 -
2023-01-02
a year crt.sh
link.theplatform.com
Entrust Certification Authority - L1K
2020-08-11 -
2022-11-10
2 years crt.sh
*.nuid.imrworldwide.com
Amazon
2021-06-11 -
2022-07-10
a year crt.sh
east.manifest.na.theplatform.com
Entrust Certification Authority - L1K
2020-05-06 -
2022-08-03
2 years crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Frame ID: 4BCED270FB03DF2809EB81554D5D86BC
Requests: 78 HTTP requests in this frame

Frame: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Frame ID: A5AD640E044D55B6C0BEB7CE18049EF1
Requests: 52 HTTP requests in this frame

Frame: https://eo.demdex.net/dest5.html?d_nsid=0
Frame ID: F1709A36CCCD1F1B3BD347FD1535B56D
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 775287DB3C1760767B2F4678AF44DE03
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 938C6CFFB5D7F588DDC8F198C97E7870
Requests: 3 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 22FC1EA8C028DC9D8A9CE8B1BAE7FCC6
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eonline.com&gdpr=1&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Frame ID: 33EAAF1A29706F30E396C1DB7DB0B1FE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Frame ID: F4CC725F5E6E135B44565DF42B0A3BE5
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Frame ID: 6C2ED7F74C65708B4F1B8345732A1C48
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 701C886B45B3DC7FDC0A7CF66B0F4F5C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Get the Perfect Boy Brows in 4 Steps - E! OnlineBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Overall confidence: 100%
Detected patterns
  • chartbeat\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

133
Requests

89 %
HTTPS

35 %
IPv6

41
Domains

61
Subdomains

50
IPs

7
Countries

3336 kB
Transfer

9106 kB
Size

62
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://player.theplatform.com/pdk/BdHJDC/tpPdkController.js HTTP 302
  • https://pdk.theplatform.com/pdk/tpPdkController.js
Request Chain 58
  • https://ads.stickyadstv.com/user-matching?id=185 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=f5eeb3d2715aa2e3bd35675db7f45fc&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 73
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=56386201654349179833766365781085927174 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=56386201654349179833766365781085927174&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 78
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f5eeb3d2715aa2e3bd35675db7f45fc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1c62_7070875565019929264 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=c854ce30-59bc-44da-881f-10424ec2822d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjVlZWIzZDI3MTVhYTJlM2JkMzU2NzVkYjdmNDVmYw==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEItCK5-_hN_NXs8UaqRRs6c&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACNzE7EQZgAAH6iAq0v6A&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f5eeb3d2715aa2e3bd35675db7f45fc?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-H1_bl9JE2oPZLVFulaBvUaZMbbzc7E78A2Bh3JCu~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=8ukZQl7I1NpM875 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Request Chain 79
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTYzODYyMDE2NTQzNDkxNzk4MzM3NjYzNjU3ODEwODU5MjcxNzQ= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTYzODYyMDE2NTQzNDkxNzk4MzM3NjYzNjU3ODEwODU5MjcxNzQ=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKoPB7hobNaNmzVdzWID4CM&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 80
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=ha5LhND-HdCerRqN1alUhdauSI2e-kCM0qRGGcTI
Request Chain 94
  • https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=796&dpuuid=l1c62_7070875565019929264&gdpr=0&gdpr_consent=

133 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request you-re-doing-it-wrong-boy-brows
www.eonline.com/news/857291/
107 KB
28 KB
Document
General
Full URL
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
943934fe0df6312d1b39c9ca901d582b3b9566b9efd69a07e6f6f3c7bc8194e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

content-type
text/html; charset=utf-8
content-length
27809
server
Apache
x-frame-options
SAMEORIGIN
etag
W/"1aa92-by++41LAEeMmr+IgB1LjrAmjwho-gzip"
content-encoding
gzip
access-control-allow-origin
*
date
Thu, 03 Mar 2022 14:08:27 GMT
vary
Accept-Encoding
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
css
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 13:46:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Mar 2022 14:08:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Mar 2022 14:08:27 GMT
articledetail.7080c29d09464f3011a0.css
www.eonline.com/dist/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://www.eonline.com/dist/css/articledetail.7080c29d09464f3011a0.css
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
9ae5c20f00c460da157d5b2862736a5950db1ec5297c4dbe590483394e1a828b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jan 2022 20:30:47 GMT
server
Akamai Resource Optimizer
etag
"4e14-5d5669ed9af00-gzip"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
3831
x-content-type-options
nosniff, nosniff
890.79f5153c024f712b8857.css
www.eonline.com/dist/css/
46 KB
11 KB
Stylesheet
General
Full URL
https://www.eonline.com/dist/css/890.79f5153c024f712b8857.css
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
70f26830f4e22375b0e522280ba2dbf6af0f2abe03c2de7ca4f96f54534cc1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:09 GMT
server
Apache
etag
"b820-5d8b3a09de040-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
10437
x-content-type-options
nosniff, nosniff
webpack.runtime.83f78eec6e21a5ff0dc6.js
www.eonline.com/dist/js/
6 KB
3 KB
Script
General
Full URL
https://www.eonline.com/dist/js/webpack.runtime.83f78eec6e21a5ff0dc6.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1576f0a5c5e534f3d32c281d4954b7a2c28ae44819520c71dba8d94b4ff3a98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:09 GMT
server
Apache
etag
"1820-5d8b3a09de040-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
3131
x-content-type-options
nosniff, nosniff
16.c5d49f51c069139909ce.js
www.eonline.com/dist/js/
427 KB
140 KB
Script
General
Full URL
https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ae21647d1849fc6a0306a9539d049e912b9d59fab83dff959b5c08f637f0b69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:09 GMT
server
Apache
etag
"6ab5f-5d8b3a09de040-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
142248
x-content-type-options
nosniff, nosniff
494.a06be6d89f145438f4b9.js
www.eonline.com/dist/js/
22 KB
6 KB
Script
General
Full URL
https://www.eonline.com/dist/js/494.a06be6d89f145438f4b9.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e20075cfb7ae72fc9a6ad53738afe082145da7586353c4a00b9bc73f3fdde166
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 12 Jun 2021 23:22:03 GMT
server
Akamai Resource Optimizer
etag
"5657-5c46ac974b640-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
5384
x-content-type-options
nosniff, nosniff
455.3cfa176e567652bb6539.js
www.eonline.com/dist/js/
24 KB
6 KB
Script
General
Full URL
https://www.eonline.com/dist/js/455.3cfa176e567652bb6539.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
69b1fa3acbdba08be1044c245a8a008fcfc0f7565dc42174bb3ebd3a21844f80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:09 GMT
server
Apache
etag
"6071-5d8b3a09de040-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
5562
x-content-type-options
nosniff, nosniff
783.90c0d8ec9afe7df8ba6e.js
www.eonline.com/dist/js/
6 KB
2 KB
Script
General
Full URL
https://www.eonline.com/dist/js/783.90c0d8ec9afe7df8ba6e.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
e0da565315a090d118f867bf7eccae0ecc9b7424b7434aee6e14ee5d4acd5bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jan 2022 05:27:53 GMT
server
Akamai Resource Optimizer
etag
"1600-5d5669ed9af00-gzip"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
1980
x-content-type-options
nosniff, nosniff
890.3fdc340c0639181e7b1c.js
www.eonline.com/dist/js/
90 KB
26 KB
Script
General
Full URL
https://www.eonline.com/dist/js/890.3fdc340c0639181e7b1c.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eed1fc5ebe6ae7fe63f7d65cc4ffaf2c32c66fb1912b6e2654c86c40c0690f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:09 GMT
server
Apache
etag
"16933-5d8b3a09de040-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
26203
x-content-type-options
nosniff, nosniff
articledetail.badaf1c7c565dd8f8344.js
www.eonline.com/dist/js/
88 KB
28 KB
Script
General
Full URL
https://www.eonline.com/dist/js/articledetail.badaf1c7c565dd8f8344.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2533886bf42a4893e21f7c069f69f6a5a977984766509cfa8d80447707659337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:09 GMT
server
Apache
etag
"160e1-5d8b3a09de040-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
28226
x-content-type-options
nosniff, nosniff
tpPdkController.js
pdk.theplatform.com/pdk/
Redirect Chain
  • https://player.theplatform.com/pdk/BdHJDC/tpPdkController.js
  • https://pdk.theplatform.com/pdk/tpPdkController.js
20 KB
6 KB
Script
General
Full URL
https://pdk.theplatform.com/pdk/tpPdkController.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ec2c2239ca096648cc18d4cda3842ca3db7622cbd5a7ac178f54d43d69ab39f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 21:34:48 GMT
Server
Apache
ETag
"114a25-4ecb-5839bfdfdee00"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5435

Redirect headers

Date
Thu, 03 Mar 2022 14:08:28 GMT, Thu, 03 Mar 2022 14:08:28 GMT
Server
Jetty(8.1.16.2)
Access-Control-Allow-Origin
*
X-Cache
HIT from player.theplatform.com:443
P3P
CP="CUR CUS NOI STA NAV PSAi OUR OTRo IND"
Location
https://pdk.theplatform.com/pdk/tpPdkController.js
Cache-Control
no-cache
Connection
close
Content-Type
text/html;charset=UTF-8
tcf.stub.js
cdn.cookielaw.org/consent/
2 KB
1 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/tcf.stub.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wWRR1dd+iePr7uQuaw5L+w==
age
5400
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 20:14:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75d276db-d01e-0032-4a75-2e8036000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6e62f1bd4f4d3839-MAD
expires
Thu, 03 Mar 2022 18:08:27 GMT
launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
assets.adobedtm.com/
334 KB
92 KB
Script
General
Full URL
https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5a42e0d38bf0d01d8bb80c522a60d774999221285de438d65c34ae0821ced852

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:27 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 18:45:09 GMT
server
AkamaiNetStorage
etag
"600c04dd1c0f46df063d9c997067bfbc:1643827509.979972"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
93848
expires
Thu, 03 Mar 2022 15:08:27 GMT
polyfill.min.js
polyfill.io/v3/
16 KB
4 KB
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?version=3.52.1&features=Object.assign%2CPromise%2Ces6%2CSymbol%2CMap%2CWeakMap%2CSet%2CWeakSet%2CrequestAnimationFrame%2CUint8Array%2CIntersectionObserver%2CIntersectionObserverEntry%2CResizeObserver%2CCustomEvent%2CArray.prototype.lastIndexOf%2CArray.prototype.find%2CArray.prototype.some%2CArray.from%2CObject.freeze%2Cfetch%2CObject.entries%2CNode.prototype.contains%2CArray.prototype.findIndex%7Cgated%2CArray.prototype.includes%7Cgated%2CString.prototype.includes%7Cgated
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6d30ac453d4a6814c1dc805b634d9d715547665ffcf2ee982ecde4677970b20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
596381
detected-user-agent
Chrome/89.0.4389
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=45, HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
3788
referrer-policy
origin-when-cross-origin
last-modified
Thu, 24 Feb 2022 16:08:11 GMT
date
Thu, 03 Mar 2022 14:08:28 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
load-e-web.js
mps.nbcuni.com/fetch/ext/
281 KB
67 KB
Script
General
Full URL
https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-60.deploy.static.akamaitechnologies.com
Software
Apache / PHP/7.1.33
Resource Hash
2ac309c0e58ae47a5c344e827b28f16f76092bbb8a0c246096e418ab3e2f61f2

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:27 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
67746
Expires
Thu, 03 Mar 2022 14:08:27 GMT
sprite.6f9393fa6512f901d7c0d55b6195bd9f.svg
www.eonline.com/dist/svg/
32 KB
12 KB
Other
General
Full URL
https://www.eonline.com/dist/svg/sprite.6f9393fa6512f901d7c0d55b6195bd9f.svg
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6dbbe82b101e40c13823192c3db34e051ce826a72814b10b2c98109f7d5d8369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade, no-referrer-when-downgrade
last-modified
Wed, 23 Feb 2022 18:28:34 GMT
server
Apache
etag
"7fe0-5d8b3a21b5880-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
date
Thu, 03 Mar 2022 14:08:27 GMT
accept-ranges
bytes
content-length
11710
x-content-type-options
nosniff, nosniff
51DeFuxquvAn
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame A5AD
0
0

memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.eonline.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:45:07 GMT
x-content-type-options
nosniff
age
141800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:45:07 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v28/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.eonline.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 22:53:33 GMT
x-content-type-options
nosniff
age
141294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47836
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Mar 2023 22:53:33 GMT
newsroom.js
c2.taboola.com/nr/eonline-eonline/
78 KB
18 KB
Script
General
Full URL
https://c2.taboola.com/nr/eonline-eonline/newsroom.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/articledetail.badaf1c7c565dd8f8344.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04a0fa92e0f783d278c77610630814569bb804d1a12b344bb2b7934529cae360

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"62696b3c39ab0516c9f32e9fa3a0bba6"
age
153
x-cache
HIT
content-length
18366
x-amz-id-2
vRYiwYkObnxfI1yiD0eA3YtGrjCbqF7v0ZDREkEUghl+myiRbiwyYfy5jVSnrgAs4dT7LN2hNTw=
x-served-by
cache-mad22020-MAD
last-modified
Tue, 08 Feb 2022 05:57:01 GMT
server
AmazonS3
x-timer
S1646316508.984516,VS0,VE1
date
Thu, 03 Mar 2022 14:08:27 GMT
vary
Accept-Encoding
x-amz-request-id
2Y5J3SV2Y58XXQ04
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
otSDKStub.js
cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/
13 KB
5 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/otSDKStub.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/890.3fdc340c0639181e7b1c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e00caac038d69fd33d1e799dae6141d5faa7b0fd91063277ab4bc3e09e76607f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Origin
https://www.eonline.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OlejsekX5A/KRUZGPkDKfQ==
age
12246
vary
Accept-Encoding
content-length
4262
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 18:48:45 GMT
server
cloudflare
etag
0x8D8EEF574213C0B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b72fba9d-201e-004a-7dd6-ede881000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1bedfeb667d-MAD
expires
Thu, 03 Mar 2022 18:08:27 GMT
rs_765x1024-170525154710-765.Lily-Collins-Boy-Brow.jl.052517.jpg
akns-images.eonline.com/eol_images/Entire_Site/2017425/
175 KB
176 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2017425/rs_765x1024-170525154710-765.Lily-Collins-Boy-Brow.jl.052517.jpg?fit=around%7C765:1024&output-quality=90&crop=765:1024;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b2fd8b4f6092497299bee977d3603fa35957a12a408a8b2e815e27840d32b76f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
last-modified
Wed, 08 Dec 2021 21:13:49 GMT
server
Akamai Image Manager
etag
"d42094abfa7f61359c0ac56e4c6cb870:1495752431.406269"
content-type
image/webp
cache-control
private, no-transform, max-age=2583119
content-length
179472
expires
Sat, 02 Apr 2022 11:40:27 GMT
rs_600x600-170508164704-600.Spring-Beauty-Buys.jpg
akns-images.eonline.com/eol_images/Entire_Site/201748/
4 KB
4 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/201748/rs_600x600-170508164704-600.Spring-Beauty-Buys.jpg?fit=around%7C100:100&output-quality=90&crop=100:100;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
1e2ab64dbab6b8e9444ee0f501d26d274beb21c0572a880a38fae92ca55a2a0e

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
x-check-cacheable
YES
x-serial
1259
etag
"847bffe96b83d05140714f59496e54fe:1494287295.270675"
content-type
image/webp
cache-control
private, no-transform, max-age=2437103
last-modified
Thu, 09 Dec 2021 06:00:11 GMT
content-length
3932
server
Akamai Image Manager
expires
Thu, 31 Mar 2022 19:06:51 GMT
rs_634x1024-170525201144-YDIW-boy-brows-laura-mercier-brush.jpg
akns-images.eonline.com/eol_images/Entire_Site/2017425/
23 KB
23 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2017425/rs_634x1024-170525201144-YDIW-boy-brows-laura-mercier-brush.jpg?fit=around%7C634:1024&output-quality=90&crop=634:1024;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
456291a6be47ddbcc80db509981bc398d20a6b2410e1a4575cb134fa63f9d389

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
x-check-cacheable
YES
x-serial
681
etag
"66a5a809349536373364f0d56b53675a:1495768305.41583"
content-type
image/webp
cache-control
private, no-transform, max-age=364231
last-modified
Wed, 08 Dec 2021 20:41:53 GMT
content-length
23466
server
Akamai Image Manager
expires
Mon, 07 Mar 2022 19:18:59 GMT
rs_1200x1200-220302132020-1200-Katie_Meyer-2019_NCAA_Division-gj.jpg
akns-images.eonline.com/eol_images/Entire_Site/202222/
24 KB
24 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202222/rs_1200x1200-220302132020-1200-Katie_Meyer-2019_NCAA_Division-gj.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
3b9ebfa1a15de4905402abad9c40fb5376813487602fb851bbe6b58ed590bfa8

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
last-modified
Wed, 02 Mar 2022 21:50:00 GMT
server
Akamai Image Manager
etag
"3ccb0f390c9ea48d0f45b989c729c7a4:1646256022.526845"
content-type
image/webp
cache-control
private, no-transform, max-age=2533238
content-length
24732
expires
Fri, 01 Apr 2022 21:49:06 GMT
rs_1200x1200-210503134625-1200-Bill-Gates-Melinda-Gates-mp.jpg
akns-images.eonline.com/eol_images/Entire_Site/202143/
23 KB
23 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202143/rs_1200x1200-210503134625-1200-Bill-Gates-Melinda-Gates-mp.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
aeeee262bdd390e8a792ae7babf48f4b9d524eeaf388e5377b9f865166fb2c86

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
x-check-cacheable
YES
x-serial
1664
etag
"12b37207ccdce70bdf40fa04296d3436:1620074789.196134"
content-type
image/webp
cache-control
private, no-transform, max-age=2513560
last-modified
Wed, 02 Mar 2022 17:00:25 GMT
content-length
23158
server
Akamai Image Manager
expires
Fri, 01 Apr 2022 16:21:08 GMT
rs_1200x1200-220302144849-1200-kim-kardashian-kanye-west.jpg
akns-images.eonline.com/eol_images/Entire_Site/202222/
23 KB
23 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/202222/rs_1200x1200-220302144849-1200-kim-kardashian-kanye-west.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
85751164fefb6fe81e7661c8841fee46500446f08f0440c7d67038a9d6a27935

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
x-check-cacheable
YES
x-serial
1114
etag
"1c265a0d74319ea693adfeddbd112b80:1646261331.454123"
content-type
image/webp
cache-control
private, no-transform, max-age=2556244
last-modified
Thu, 03 Mar 2022 04:13:25 GMT
content-length
23308
server
Akamai Image Manager
expires
Sat, 02 Apr 2022 04:12:32 GMT
rs_1200x1200-220222072206-1200-lala_kent_randall_emmett-baby_instagram-gj.jpg
akns-images.eonline.com/eol_images/Entire_Site/2022122/
41 KB
42 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022122/rs_1200x1200-220222072206-1200-lala_kent_randall_emmett-baby_instagram-gj.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e98061a45f474ff7c33ea553ba4bd3dd246271311a35ebf3d2c7ef69083b4c91

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
last-modified
Tue, 22 Feb 2022 16:45:40 GMT
server
Akamai Image Manager
etag
"3f81a480b515654d7513423f04116040:1645543327.644273"
content-type
image/webp
cache-control
private, no-transform, max-age=1823933
content-length
42420
expires
Thu, 24 Mar 2022 16:47:21 GMT
rs_1200x1200-220225044952-1200-Peta-Murgatroyd-Maksim-Chmerkovskiy-ukraine-2-022522.jpg
akns-images.eonline.com/eol_images/Entire_Site/2022125/
37 KB
38 KB
Image
General
Full URL
https://akns-images.eonline.com/eol_images/Entire_Site/2022125/rs_1200x1200-220225044952-1200-Peta-Murgatroyd-Maksim-Chmerkovskiy-ukraine-2-022522.jpg?fit=around%7C300:300&output-quality=90&crop=300:300;center,top
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.218 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-218.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
7591e49413d4a95d6cd9dd81995956dabde6bede6de41e7cf064f0dc1aafac75

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
x-check-cacheable
YES
x-serial
423
etag
"72cd12a9a57b3ee9bc2f71599d1ebd8a:1645793393.343775"
content-type
image/webp
cache-control
private, no-transform, max-age=2073023
last-modified
Fri, 25 Feb 2022 13:59:34 GMT
content-length
38340
server
Akamai Image Manager
expires
Sun, 27 Mar 2022 13:58:51 GMT
51DeFuxquvAn
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame A5AD
0
0

/
mps.nbcuni.com/request/page/json/params/
71 KB
16 KB
XHR
General
Full URL
https://mps.nbcuni.com/request/page/json/params/?CALLBACK=mpsCallback&cat=topics%7Cbeauty%7Cnews%20detail&site=e-web&path=%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows&type=news%20detail&cag%5Bzoneid%5D=intl&cag%5Bdfpnetwork%5D=2620&cag%5Bprimary%5D=beauty&cag%5Btopics%5D=beauty%7Clifestyle%7Cemma%20roberts%7Clily%20collins%7Ccara%20delevingne%7Cdoing%20it%20wrong&content_id=857291&cag%5Bgeoid%5D=uk&NOLOAD=mpstools&USE_OVERLAY=0&IRSOURCE=false&ASYNC=1
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-60.deploy.static.akamaitechnologies.com
Software
Apache / PHP/7.1.33
Resource Hash
a549e1791454ecbffa94dc2ccc3b6537ada87365e3261bf6751f0a0433efe82b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:28 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15284
Expires
Thu, 03 Mar 2022 14:08:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
82 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
6725607c4df85ca3e8e5abd96579968cc3d8a44bb1b64979bbd2abab0f41b747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28047
x-xss-protection
0
server
sffe
etag
"1148 / 559 of 1000 / last-modified: 1646309331"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 03 Mar 2022 14:08:28 GMT
f7922f3b-1487-4360-9a55-04a5ff49b019.json
cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/f7922f3b-1487-4360-9a55-04a5ff49b019.json
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e065e454d999272c81abc2c8a21e7446d9d9b98e43fb4b64e5877d53870f56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
JkjtrbtIe66lGle+68SUQQ==
age
12247
vary
Accept-Encoding
content-length
1397
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 18:48:41 GMT
server
cloudflare
etag
0x8D8EEF5717BB3F1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
acbaac9e-f01e-0084-58d6-ed8ece000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1bf28d8667d-MAD
expires
Thu, 03 Mar 2022 18:08:28 GMT
id
dpm.demdex.net/
1004 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=B3ABA272551949410A4C98A2%40AdobeOrg&d_nsid=0&ts=1646316508045
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.134.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-134-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e00759002d503b39ec2fee29b381c01e78ad6dedf701c0a8537ee4347bec040b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v028-04067149c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
YQX5pZpNRho=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.eonline.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
591
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:01 GMT
server
AkamaiNetStorage
etag
"4635bffccc756e9a52eae8011adb9137:1629320641.842128"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12188
expires
Thu, 03 Mar 2022 15:08:28 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"8b210658d66894c896047ae490138f1c:1629320642.068491"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1593
expires
Thu, 03 Mar 2022 15:08:28 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 21:04:02 GMT
server
AkamaiNetStorage
etag
"46ddc14338df08a965a4d5269b73d1ad:1629320642.34831"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8763
expires
Thu, 03 Mar 2022 15:08:28 GMT
chartbeat_mab.js
static.chartbeat.com/js/
22 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 12:55:55 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 02:25:43 GMT
server
nginx
age
4353
etag
W/"61e0df27-59c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
pnwYGvcJjCur_dkEJ0fKHYzZI8O85YeWTJ9Vm7CHQysP0gbF1DLlQA==
expires
Thu, 03 Mar 2022 14:55:55 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
184 B
384 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeaca5120938c6c25bc4df6e61ed2ee0b554574bba2b37e263f45fb6735d94b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e62f1c01ef06678-MAD
RC86481b102d774fb195e4d7b627398c98-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/
499 B
593 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/RC86481b102d774fb195e4d7b627398c98-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
433930e2ebceb8895d8d0d2c85318b78263944d95a0ae186beac40ed9fb68a2f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 18:45:11 GMT
server
AkamaiNetStorage
etag
"13a0a64aad20e5e9a9cfe9f13d6651bb:1643827511.271058"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
328
expires
Thu, 03 Mar 2022 15:08:28 GMT
RC35aedf730be44b4ea864c879f6e36648-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/
681 B
670 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/RC35aedf730be44b4ea864c879f6e36648-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f3b8471e99000f7892f92acaa64885882cf4d86870aacc6f5352df078f0f57f3

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 18:45:11 GMT
server
AkamaiNetStorage
etag
"13a0a64aad20e5e9a9cfe9f13d6651bb:1643827511.271058"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
405
expires
Thu, 03 Mar 2022 15:08:28 GMT
RC224b9642ab9d4f2489130c99e42c9aec-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/
459 B
554 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/RC224b9642ab9d4f2489130c99e42c9aec-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5bef7b1f2d1aca14c4656464ea159f3d25810624521f3e12a17729d352167c0f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 18:45:11 GMT
server
AkamaiNetStorage
etag
"13a0a64aad20e5e9a9cfe9f13d6651bb:1643827511.271058"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
289
expires
Thu, 03 Mar 2022 15:08:28 GMT
RC14f6544f87c346d89c287f6cc1ab6b07-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/
629 B
664 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/RC14f6544f87c346d89c287f6cc1ab6b07-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1b110dc210ea649876c58ce28de71b7b43dc7bb9ac9e130c201fdb7798dfa50b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 18:45:11 GMT
server
AkamaiNetStorage
etag
"13a0a64aad20e5e9a9cfe9f13d6651bb:1643827511.271058"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
400
expires
Thu, 03 Mar 2022 15:08:28 GMT
RCe8452ee1fb624058b323e0e125e2a7b5-source.min.js
assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/
680 B
628 B
Script
General
Full URL
https://assets.adobedtm.com/39952453358b/bbeab55061fe/a8326bd89027/RCe8452ee1fb624058b323e0e125e2a7b5-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:183::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
00d8f923dff1b3367c6131c2fee8e3311431052803defec19363d859fbd56c90

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Wed, 02 Feb 2022 18:45:11 GMT
server
AkamaiNetStorage
etag
"13a0a64aad20e5e9a9cfe9f13d6651bb:1643827511.271058"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.eonline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
363
expires
Thu, 03 Mar 2022 15:08:28 GMT
u
29773.v.fwmrm.net/ad/
0
411 B
Image
General
Full URL
https://29773.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fwww.eonline.com%2Ffw-syncpixel.gif%3F_uid%3D%23%7Buser.id%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:76e2:e824:b454:65c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:29 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5a00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 13:11:02 GMT
content-encoding
gzip
last-modified
Thu, 03 Feb 2022 22:23:33 GMT
server
nginx
age
3446
etag
W/"61fc55e5-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OrVNotYsuX2dNHqLrvzaJJ76XC7Ok7et-wyBPvuIRLJoU7Nz1ZkG_w==
expires
Thu, 03 Mar 2022 15:11:02 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/
121 KB
43 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-121.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:05:26 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
183
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
MUC50-P1
x-amz-cf-id
S5hoX8_2Nm6gX6RVNrn2DTlYpUdXUjfwxANb4SUlg0zA8QZEdaKUYg==
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.12.0/
361 KB
80 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Origin
https://www.eonline.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Aib4Vlvkay7u77hQspwwDQ==
age
11721597
vary
Accept-Encoding
content-length
81328
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:09 GMT
server
cloudflare
etag
0x8D8BD11958F56CC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9bd9caf4-701e-00bc-2a6c-c4cf97000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1c07bba667d-MAD
pubads_impl_2022030201.js
securepubads.g.doubleclick.net/gpt/
364 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030201.js?cb=31065453
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 12:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124504
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 09:35:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Mar 2023 12:45:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
234 B
155 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.eonline.com
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2620859af9688adb239c06c7d01aec94150d91e62a76abd62faa6a5c8ade6c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:08:28 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
200 B
514 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=x.eonline.com&domain=eonline.com&path=%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6174d123224241765b4f365df22e4840673a3a72797379134d53ed24c6d69d21

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
160
x-served-by
cache-mad22070-MAD
access-control-allow-origin
*
x-timer
S1646316508.388747,VS0,VE223
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 01 Mar 2022 14:08:28 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=x.eonline.com&p=%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows&u=BEwbZBDAyq2NC3SrwZ&d=eonline.com&g=53221&g0=us&g1=alanah-joseph&n=1&f=00001&c=0&x=0&m=0&y=6991&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2200&t=Bm145vNMDRzr2VeHyqUf6BFHVnY&V=129&i=Get%20the%20Perfect%20Boy%20Brows%20in%204%20Steps%20-%20E!%20Online&tz=0&sn=1&sv=HIJf0o0YsJzknX_DJuo6bDbYYbI&sd=1&im=061b0fff&_
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.58.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-58-170.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 14:08:28 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
en.json
cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/b665559b-bcf1-4565-9c01-02bbd6f41d64/
105 KB
22 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/f7922f3b-1487-4360-9a55-04a5ff49b019/b665559b-bcf1-4565-9c01-02bbd6f41d64/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a72d2537dda12e0d4ae09cd36fe0c7f4e4a7707eb281643493777144c1c57f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BpDNwe1wyxhmOi30oRugKQ==
age
7534
vary
Accept-Encoding
content-length
22233
x-ms-lease-status
unlocked
last-modified
Wed, 24 Mar 2021 18:48:41 GMT
server
cloudflare
etag
0x8D8EEF571D5F2E2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ec5748d2-801e-00a2-3e15-b6157a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1c11d52667d-MAD
expires
Thu, 03 Mar 2022 18:08:28 GMT
iab2Data.json
cdn.cookielaw.org/vendorlist/
276 KB
38 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/vendorlist/iab2Data.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6274543538b2744ea1c112cc42704fde835a7e654f49d8ae903d35e72230b694
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
QyUWAkxzWiCIbEo7/3OaGQ==
age
7679
vary
Accept-Encoding
content-length
38976
x-ms-lease-status
unlocked
last-modified
Thu, 03 Mar 2022 11:50:12 GMT
server
cloudflare
etag
0x8D9FD0BF96890DB
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f064619e-b01e-0104-25f6-2e6b31000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1c11d55667d-MAD
otTCF.js
cdn.cookielaw.org/scripttemplates/6.12.0/
67 KB
15 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/otTCF.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Origin
https://www.eonline.com
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
zuNs8AMhreqmYWNqqh//eQ==
age
11318
vary
Accept-Encoding
content-length
14815
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:08 GMT
server
cloudflare
etag
0x8D8BD1194CBE1FA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
72bace0a-e01e-00b2-2cd6-ed239c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1c11d56667d-MAD
global_header.js
www.nbcudigitaladops.com/hosted/
3 KB
1 KB
Script
General
Full URL
https://www.nbcudigitaladops.com/hosted/global_header.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.226.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
97dde029fd4bcb2d54124814d94bcc8a3001f057e8002feb81cf506fd4265332

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:28 GMT
Content-Encoding
gzip
Server
AkamaiNetStorage
ETag
"17ad26e689045d4d6592841ba6b505e4:1458337832"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1976720
Connection
keep-alive
Content-Length
1121
yi.js
z.moatads.com/nbcuyieldheader7581548001/
215 KB
75 KB
Script
General
Full URL
https://z.moatads.com/nbcuyieldheader7581548001/yi.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c850687ac7b2c5db73e6ad306a860e507d7db83c237a3347d7f28cc0c2c384a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
last-modified
Tue, 08 Feb 2022 16:32:33 GMT
server
AmazonS3
x-amz-request-id
EMFKB1BDFB53BWXH
etag
"1f9ff73418ef33420b5eab155d7e68da"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61343
accept-ranges
bytes
content-length
76810
x-amz-id-2
iHPy4gsH+SVZfrXS+MqIZ0N3aLioyfubiXwsjXLNmfUTIVfCHZ0CAIKl1GsTf3QVhLSiGCLGqF0=
185796-36689253545932.js
js-sec.indexww.com/ht/p/
149 KB
41 KB
Script
General
Full URL
https://js-sec.indexww.com/ht/p/185796-36689253545932.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0d1a24fd99a5fd3c0fee67302464e1f5b6aeab6e48e54026683e6d147e785ac

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 14:05:31 GMT
Server
Apache
ETag
"905b92-255c0-5d950e41cf014"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3599
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Thu, 03 Mar 2022 15:08:28 GMT
u
1f2e7.v.fwmrm.net/ad/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=185
  • https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=f5eeb3d2715aa2e3bd35675db7f45fc&_fw_gdpr=0&_fw_gdpr_consent=
43 B
455 B
Image
General
Full URL
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=f5eeb3d2715aa2e3bd35675db7f45fc&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Server
18.134.84.16 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-84-16.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:28 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=300
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://1f2e7.v.fwmrm.net/ad/u?nw=127719&dpid=127719&token=b8ce708402a6286faf64c964294f2046&gif=1&buid=f5eeb3d2715aa2e3bd35675db7f45fc&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1646316508485076-415
Expires
Thu, 03 Mar 2022 14:08:28 GMT
dest5.html
eo.demdex.net/ Frame F170
7 KB
3 KB
Document
General
Full URL
https://eo.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENfb0d8c9c83a248f186134c5888716f23.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.218.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-218-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 3 Mar 2022 14:08:28 GMT
DCS
dcs-prod-irl1-1-v028-00e80f1a0.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 14 Feb 2022 15:44:39 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
FcWjLCUMS/E=
transfer-encoding
chunked
Connection
keep-alive
delivery
eonline.tt.omtrdc.net/rest/v1/
350 B
587 B
XHR
General
Full URL
https://eonline.tt.omtrdc.net/rest/v1/delivery?client=eonline&sessionId=8d7f31999ee04a50b7301d4f0334edf4&version=2.5.0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-249-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eae2dc49506cf1c872723445b7469c383ab6f73b02017b41f648495d25cb0f46

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
7763014c80b30d35c12b705ea06806c8
delivery
eonline.tt.omtrdc.net/rest/v1/
350 B
588 B
XHR
General
Full URL
https://eonline.tt.omtrdc.net/rest/v1/delivery?client=eonline&sessionId=8d7f31999ee04a50b7301d4f0334edf4&version=2.5.0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.249.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-249-228.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8f03514c3c61cd0710db4657af3a9642f2d48373ea99589caa7a592958236537

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
7e0ae154ee4f68aa703ecc7090b875dc
51DeFuxquvAn
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame A5AD
19 KB
19 KB
Document
General
Full URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.201 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.2) /
Resource Hash
20501b59783bab50def451e80143d8d6424ea0ab68e53e33a0c81c277a832c3e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows

Response headers

Date
Thu, 03 Mar 2022 14:08:28 GMT Thu, 03 Mar 2022 14:08:28 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=UTF-8
P3P
CP="CUR CUS NOI STA NAV PSAi OUR OTRo IND"
Cache-Control
no-cache
X-Cache
MISS from player.theplatform.com:443
Connection
close
Server
Jetty(8.1.16.2)
otFlat.json
cdn.cookielaw.org/scripttemplates/6.12.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
IpszPceh6jWRl6sjS0PrYA==
age
11318
vary
Accept-Encoding
content-length
3212
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:01 GMT
server
cloudflare
etag
0x8D8BD1190DD964B
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4f1d1bcc-a01e-0132-50dc-edc663000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1c1befe667d-MAD
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/
45 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/6.12.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.12.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8604270f373497ce07708cc73163913f3e204ad0c655a7efe1baff345675c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
GnXyviRqBJ9J+P0JZdTpiw==
age
10057
vary
Accept-Encoding
content-length
11771
x-ms-lease-status
unlocked
last-modified
Wed, 20 Jan 2021 07:04:04 GMT
server
cloudflare
etag
0x8D8BD11927636AA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8646366e-901e-017e-73dc-ed017c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6e62f1c1bf00667d-MAD
hotjar-1762303.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1762303.js?sv=6
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
aabffd2ca6a86402bd288152ea63850eb33e662995a167212329a96f23febc19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
br
x-content-type-options
nosniff
x-amz-cf-pop
FRA50-C1
x-cache-hit
1
etag
W/a27df036092d9752fef6cadff382b67a
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
1927
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
x-amz-cf-id
goIESL8yMcJwhDjoQNpYXwmj7AJZ0yFk9d7Sk4E9FkEma9lWThtoxA==
otCCPAiab.js
cdn.cookielaw.org/opt-out/
22 KB
6 KB
Script
General
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
5297
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ba92b85e-701e-0130-054d-28c499000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6e62f1c228ad3839-MAD
simple
api.sail-personalize.com/v1/personalize/
288 B
496 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
0caf9c24b141371e8077656705413c1c37722df6765dab553d046a267032a28d

Request headers

x-lib-version
v1.0.1
Accept-Language
es-ES,es;q=0.9
authorization
Bearer c6505d0af7ef6ab50b1a7bb4dadf14af
content-type
application/json
accept
application/json
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-referring-url
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
195
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://www.eonline.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
truncated
/
817 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/
182 B
209 B
Script
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5929fb048956f115443f4d28a15a01e87b3caa2cabcf4f2c70f793ec53eb4f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6e62f1c28c9c6678-MAD
v2
mb.moatads.com/yi/
358 B
533 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%3AxkrG%3D01%60%3CY%24d!K%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-hoFF2iVmV38nsW5MfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-rghCXLleOfQ59g%3D%3D&sc=1&os=1-sw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.eonline.com%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows&pcode=nbcuyieldheader7581548001&rx=19427903660&callback=MoatNadoAllJsonpRequest_30356272
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.32.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-32-237.eu-west-1.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
290542d4c678a71eaa90064b81fee4ae088d9d6f5215b7cc5c6c8641f3807f8d

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:28 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"46c67a3bb392ec15830e94455112f7fa8e7f84ad"
content-length
358
content-type
text/html; charset=UTF-8
modules.f5f76c095cd0aa128146.js
script.hotjar.com/
236 KB
62 KB
Script
General
Full URL
https://script.hotjar.com/modules.f5f76c095cd0aa128146.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1762303.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-33.fra50.r.cloudfront.net
Software
/
Resource Hash
56cc974cdbc181ec3815a38c5bcdee5ca84d5dd905f3a3f9c54a27eca6ef4b97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 08:06:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
21742
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62860
access-control-allow-origin
*
last-modified
Thu, 03 Mar 2022 08:05:45 GMT
etag
"91a379c029db7dab1ba03895733f21a2"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
k9j2RWp6fttL6tr49H_zpihZWtTjwEryAfJdVqUTGqhUp6DVejYHDA==
pixel.gif
load77.exelator.com/ Frame F170
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=56386201654349179833766365781085927174
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=56386201654349179833766365781085927174&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
332 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt
AcO1ryyRnKv/9lMEAA
x-accel-expires
@1647069671
date
Thu, 03 Mar 2022 14:08:29 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
Uu7XwqwEluc
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
283638
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
43

Redirect headers

date
Thu, 03 Mar 2022 14:08:29 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
player.js
pdk.theplatform.com/pdk6/current/pdk/ Frame A5AD
905 KB
244 KB
Script
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/player.js
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3770e5d86e165b98783763fa56cdc1644259ce75daa0561263b9613ca627108d

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:39:26 GMT
Server
Apache
ETag
"16083c-e23d6-5c467d7dfd780"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249805
smooth.css
pdk.theplatform.com/pdk6/current/pdk/skins/ Frame A5AD
58 KB
10 KB
Stylesheet
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/skins/smooth.css
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9298ad57b79ad1267dae11b3613ea779f763eebf484d84c21540b8ef4a99b6a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:38:06 GMT
Server
Apache
ETag
"16c720-e6b7-5c467d31b2380"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10440
s61793934787594
swa.eonline.com/b/ss/comcastegeonlineglobaldev/10/JS-2.22.1-LBWB/
1 KB
2 KB
XHR
General
Full URL
https://swa.eonline.com/b/ss/comcastegeonlineglobaldev/10/JS-2.22.1-LBWB/s61793934787594
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
515fdc5d8967f75ecc756f7bd0523f63be30b1ecf24a68037b768adbe77756f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-aam-tid
DhnAJIIpRVw=
date
Thu, 03 Mar 2022 14:08:28 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
1154
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v028-094b2c1e4.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Fri, 04 Mar 2022 14:08:28 GMT
server
jag
xserver
anedge-cdfbd77b-6fcch
etag
3535437780596064256-4619915193361860497
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.eonline.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Wed, 02 Mar 2022 14:08:28 GMT
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 7752
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1762303.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-102.fra50.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
-4y50VfpLWvGink6W881T9zYgIAPm5jtVANW4f2YmlDEG3s1c18A7g==
age
2351782
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f5eeb3d2715aa2e3bd35675db7f45fc&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l1c62_7070875565019929264
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=c854ce30-59bc-44da-881f-10424ec2822d
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjVlZWIzZDI3MTVhYTJlM2JkMzU2NzVkYjdmNDVmYw==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEItCK5-_hN_NXs8UaqRRs6c&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AACNzE7EQZgAAH6iAq0v6A&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f5eeb3d2715aa2e3bd35675db7f45fc?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-H1_bl9JE2oPZLVFulaBvUaZMbbzc7E78A2Bh3JCu~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=8ukZQl7I1NpM875
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Server
63.251.232.165 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:31 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-9
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:31 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1646316511139025-408
Expires
Thu, 03 Mar 2022 14:08:31 GMT
ibs:dpid=771&dpuuid=CAESEKoPB7hobNaNmzVdzWID4CM&google_cver=1
dpm.demdex.net/ Frame F170
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTYzODYyMDE2NTQzNDkxNzk4MzM3NjYzNjU3ODEwODU5MjcxNzQ=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTYzODYyMDE2NTQzNDkxNzk4MzM3NjYzNjU3ODEwODU5MjcxNzQ=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKoPB7hobNaNmzVdzWID4CM&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKoPB7hobNaNmzVdzWID4CM&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Server
34.249.134.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-134-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v028-09d666913.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sYtbCtqDT60=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 14:08:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKoPB7hobNaNmzVdzWID4CM&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=1175&&dpuuid=ha5LhND-HdCerRqN1alUhdauSI2e-kCM0qRGGcTI
dpm.demdex.net/ Frame F170
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=ha5LhND-HdCerRqN1alUhdauSI2e-kCM0qRGGcTI
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=ha5LhND-HdCerRqN1alUhdauSI2e-kCM0qRGGcTI
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Server
34.249.134.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-134-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v028-03c8e435b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ou+RKWacSIU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 03 Mar 2022 14:08:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=ha5LhND-HdCerRqN1alUhdauSI2e-kCM0qRGGcTI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
u
29773.v.fwmrm.net/ad/ Frame F170
0
411 B
Image
General
Full URL
https://29773.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:76e2:e824:b454:65c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:29 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
tile.jpg
pdk.theplatform.com/next/images/ Frame A5AD
536 B
781 B
Image
General
Full URL
https://pdk.theplatform.com/next/images/tile.jpg
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51ffb44c70721fd6063bb69e87bf7849b8bcfeeab08fe1a76b253cbba5c29b81

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:29 GMT
Last-Modified
Fri, 08 Mar 2019 21:31:28 GMT
Server
Apache
ETag
"1587b9-218-5839bf2122c00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
536
truncated
/ Frame A5AD
847 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f02f4faf2063a112ddfcb5abb7c4af9568a1800dcea25a7d50e6b873422f3082

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8ae83b9cdb1225c5e8c939b27f2832231d7cfd6961826fa2dfad808a1393637

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ce44c403aeb19251dc26669bdb037eaca39296fd09af5758b867225f8c5d7f6

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66ea8edb8663be45322c040cb3e46e5b32252daee0394c20a8816fecc29fdf1f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c13919d444c4492f8dc05ad884bf0801711d95c2797e57ac8cdb25f508ecf61

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A5AD
864 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71b00f7328f1f074db7eb9c6aad679fd218d38a68d1e2b089328a8b51b99c18a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
current.js
sb.scorecardresearch.com/plugins/streaming-theplatform/v2/ Frame A5AD
211 KB
54 KB
Script
General
Full URL
https://sb.scorecardresearch.com/plugins/streaming-theplatform/v2/current.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 13:47:44 GMT
content-encoding
gzip
etag
W/"d66a3a4675b852d43a4b63cac8eff1aa"
last-modified
Fri, 26 Feb 2021 14:39:06 GMT
server
AmazonS3
age
1248
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Y5di7XsVPRg3aSoP3tZKV-DhV728u9jXLYqLErYzEDIrw9iGAGXTKA==
MoatPlugIn.js
z.moatads.com/the_platform_pdk_029384908/ Frame A5AD
5 KB
2 KB
Script
General
Full URL
https://z.moatads.com/the_platform_pdk_029384908/MoatPlugIn.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:29 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 15:09:30 GMT
server
AmazonS3
x-amz-request-id
8D39D312586B7FFF
etag
"565c54c8f052a6fd51524ec6233c87af"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=7083
accept-ranges
bytes
content-length
2237
x-amz-id-2
QwZ7UWW3AxhxjJsULlODPg16Z1sVWgCEjNZG0Lc0yGPQKFTHf31oVmR86fPs9fNGTTAGgGrlrpc=
heartbeats_2_0_13.js
pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/ Frame A5AD
273 KB
273 KB
Script
General
Full URL
https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.195.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-195-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5178686db7707415c14bc775aaee217d0a2eb716f4719e75dfd34aa59abc35bd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:29 GMT
Last-Modified
Thu, 04 Oct 2018 17:32:38 GMT
Server
AkamaiNetStorage
ETag
"b04f582946ff3bf7fe21c0531ba7382f:1538674358.768129"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
279053
nielsen-sdk-plugin-v2__763497.js
eonlinevideos.akamaized.net/transcoded/complete/ Frame A5AD
17 KB
17 KB
Script
General
Full URL
https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.19.194.249 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-194-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6dadeb4436aae22cabbcbf6ef123236a9a266d1eb336ec2bdfe2527c636ad8fd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:29 GMT
Last-Modified
Wed, 08 Apr 2020 21:50:03 GMT
Server
AkamaiNetStorage
ETag
"6cc01b51e1c4f4845dbd7e2fcd9dab4a:1586382603"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Content-Length
16987
truncated
/ Frame A5AD
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
ibs:dpid=796&dpuuid=l1c62_7070875565019929264&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame F170
Redirect Chain
  • https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=796&dpuuid=l1c62_7070875565019929264&gdpr=0&gdpr_consent=
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=796&dpuuid=l1c62_7070875565019929264&gdpr=0&gdpr_consent=
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Server
34.249.134.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-134-87.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://eo.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v028-026847d37.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5Uig4bHNRf4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:29 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Location
https://dpm.demdex.net/ibs:dpid=796&dpuuid=l1c62_7070875565019929264&gdpr=0&gdpr_consent=
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
publishertag.js
static.criteo.net/js/ld/
128 KB
42 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-36689253545932.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2b393bb3b10ebc669e26880f42307f502cc8a84ed0e0b873c4155de8b8639cbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:29 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:20 GMT
server
nginx
etag
W/"62194aa8-200be"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Mar 2022 14:08:29 GMT
identity
api.rlcdn.com/api/
44 B
328 B
XHR
General
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 14:08:29 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.eonline.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
/
id.sv.rkdms.com/identity/
2 B
167 B
XHR
General
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=NBCU&sv_domain=www.eonline.com
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.243.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-243-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.eonline.com
date
Thu, 03 Mar 2022 14:08:29 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
2
vary
Origin
content-type
application/json
rid
match.adsrvr.org/track/
109 B
542 B
XHR
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185796
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a3201307b8320fd57335c291ced23c705c9ba9f4929976304f5e5e4adbd34001

Request headers

Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Accept-Language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 03 Mar 2022 14:08:29 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.eonline.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 02 Apr 2022 14:08:29 GMT
PABAEA433-404F-4B0B-997C-0072538261F8.js
cdn-gl.imrworldwide.com/conf/ Frame A5AD
43 KB
8 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Requested by
Host: eonlinevideos.akamaized.net
URL: https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b291f3516bc21120a56c44b382646e4a820bc29f5163b3f4ef08e6ca8234dd6b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uQ_iOzt4dDl_m6eAyiOhZTMkHoCptkz8
content-encoding
gzip
etag
W/"1e631e6bef9cdf2e43b1841790c725c7"
last-modified
Thu, 03 Mar 2022 11:17:45 GMT
server
AmazonS3
age
2320
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Thu, 03 Mar 2022 13:30:31 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_YLntIFASpSM4W6b8qziLwsQ_TDqcEXuBsGTBYqoqThGZNJtR_saSA==
e-online.xml
comcastentertainmentgroup.hb.omtrdc.net/settings/ Frame A5AD
228 B
522 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/settings/e-online.xml?r=1646316509580
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:29 GMT
x-content-type-options
nosniff
last-modified
Fri, 11 Feb 2022 19:48:56 GMT
server
jag
etag
"2700017eea54d840"
access-control-allow-methods
GET, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
228
x-xss-protection
1; mode=block
51DeFuxquvAn
link.theplatform.com/s/BdHJDC/media/ Frame A5AD
0
0

truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
740c91d53d19d6530c4fdfd1053776f65e428b06de45616b723a4673c90b68d5

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ Frame A5AD
193 KB
54 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding
gzip
etag
W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
server
AmazonS3
age
316
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 03 Mar 2022 14:03:14 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
v0C18C5Vstc7JVDziPo3ehTPlKcQ1tuyBgyJtJSrvrpyerkepKkI5Q==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 938C
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/

Response headers

content-type
text/html
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server
AmazonS3
content-encoding
gzip
date
Thu, 03 Mar 2022 13:40:39 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
IvPao8mHmIKY2tsmrvCpFGaweSRm9z7X1D2UvSV0B4ERWZ4xO6OCiA==
age
1671
51DeFuxquvAn
player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/ Frame A5AD
19 KB
19 KB
Document
General
Full URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/dist/js/16.c5d49f51c069139909ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.201 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.2) /
Resource Hash
69ad909f58d1be29084531f75776970945c448bb73ef9ff9ba3bd40f5b3d598a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows

Response headers

Date
Thu, 03 Mar 2022 14:08:29 GMT Thu, 03 Mar 2022 14:08:29 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html;charset=UTF-8
P3P
CP="CUR CUS NOI STA NAV PSAi OUR OTRo IND"
Cache-Control
no-cache
X-Cache
MISS from player.theplatform.com:443
Connection
close
Server
Jetty(8.1.16.2)
51DeFuxquvAn
link.theplatform.com/s/BdHJDC/media/ Frame A5AD
0
0

gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 938C
0
0

/
s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com/ Frame 938C
0
0

player.js
pdk.theplatform.com/pdk6/current/pdk/ Frame A5AD
905 KB
244 KB
Script
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/player.js
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3770e5d86e165b98783763fa56cdc1644259ce75daa0561263b9613ca627108d

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:39:26 GMT
Server
Apache
ETag
"16083c-e23d6-5c467d7dfd780"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249805
smooth.css
pdk.theplatform.com/pdk6/current/pdk/skins/ Frame A5AD
58 KB
10 KB
Stylesheet
General
Full URL
https://pdk.theplatform.com/pdk6/current/pdk/skins/smooth.css
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d9298ad57b79ad1267dae11b3613ea779f763eebf484d84c21540b8ef4a99b6a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Jun 2021 11:38:06 GMT
Server
Apache
ETag
"16c720-e6b7-5c467d31b2380"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10440
truncated
/ Frame A5AD
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
tile.jpg
pdk.theplatform.com/next/images/ Frame A5AD
536 B
781 B
Image
General
Full URL
https://pdk.theplatform.com/next/images/tile.jpg
Requested by
Host: player.theplatform.com
URL: https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.89.32.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-32-152.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
51ffb44c70721fd6063bb69e87bf7849b8bcfeeab08fe1a76b253cbba5c29b81

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:30 GMT
Last-Modified
Fri, 08 Mar 2019 21:31:28 GMT
Server
Apache
ETag
"1587b9-218-5839bf2122c00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
536
truncated
/ Frame A5AD
847 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f02f4faf2063a112ddfcb5abb7c4af9568a1800dcea25a7d50e6b873422f3082

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8ae83b9cdb1225c5e8c939b27f2832231d7cfd6961826fa2dfad808a1393637

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ce44c403aeb19251dc26669bdb037eaca39296fd09af5758b867225f8c5d7f6

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66ea8edb8663be45322c040cb3e46e5b32252daee0394c20a8816fecc29fdf1f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c13919d444c4492f8dc05ad884bf0801711d95c2797e57ac8cdb25f508ecf61

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A5AD
864 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71b00f7328f1f074db7eb9c6aad679fd218d38a68d1e2b089328a8b51b99c18a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
current.js
sb.scorecardresearch.com/plugins/streaming-theplatform/v2/ Frame A5AD
211 KB
54 KB
Script
General
Full URL
https://sb.scorecardresearch.com/plugins/streaming-theplatform/v2/current.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-80.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 13:47:44 GMT
content-encoding
gzip
etag
W/"d66a3a4675b852d43a4b63cac8eff1aa"
last-modified
Fri, 26 Feb 2021 14:39:06 GMT
server
AmazonS3
age
1249
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
mhmV23FtZ1Xr6G68ENelyZ7zCQT42klal7dCoMXlHOLjHDcg0tyJSQ==
MoatPlugIn.js
z.moatads.com/the_platform_pdk_029384908/ Frame A5AD
5 KB
2 KB
Script
General
Full URL
https://z.moatads.com/the_platform_pdk_029384908/MoatPlugIn.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:30 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 15:09:30 GMT
server
AmazonS3
x-amz-request-id
8D39D312586B7FFF
etag
"565c54c8f052a6fd51524ec6233c87af"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=7082
accept-ranges
bytes
content-length
2237
x-amz-id-2
QwZ7UWW3AxhxjJsULlODPg16Z1sVWgCEjNZG0Lc0yGPQKFTHf31oVmR86fPs9fNGTTAGgGrlrpc=
heartbeats_2_0_13.js
pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/ Frame A5AD
273 KB
273 KB
Script
General
Full URL
https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.123.195.105 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-195-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5178686db7707415c14bc775aaee217d0a2eb716f4719e75dfd34aa59abc35bd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:30 GMT
Last-Modified
Thu, 04 Oct 2018 17:32:38 GMT
Server
AkamaiNetStorage
ETag
"b04f582946ff3bf7fe21c0531ba7382f:1538674358.768129"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
279053
nielsen-sdk-plugin-v2__763497.js
eonlinevideos.akamaized.net/transcoded/complete/ Frame A5AD
17 KB
17 KB
Script
General
Full URL
https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.19.194.249 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-194-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6dadeb4436aae22cabbcbf6ef123236a9a266d1eb336ec2bdfe2527c636ad8fd

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:30 GMT
Last-Modified
Wed, 08 Apr 2020 21:50:03 GMT
Server
AkamaiNetStorage
ETag
"6cc01b51e1c4f4845dbd7e2fcd9dab4a:1586382603"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
Content-Length
16987
PABAEA433-404F-4B0B-997C-0072538261F8.js
cdn-gl.imrworldwide.com/conf/ Frame A5AD
43 KB
8 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Requested by
Host: eonlinevideos.akamaized.net
URL: https://eonlinevideos.akamaized.net/transcoded/complete/nielsen-sdk-plugin-v2__763497.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b291f3516bc21120a56c44b382646e4a820bc29f5163b3f4ef08e6ca8234dd6b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uQ_iOzt4dDl_m6eAyiOhZTMkHoCptkz8
content-encoding
gzip
etag
W/"1e631e6bef9cdf2e43b1841790c725c7"
last-modified
Thu, 03 Mar 2022 11:17:45 GMT
server
AmazonS3
age
2321
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Thu, 03 Mar 2022 13:30:31 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rKE9JzyiQ6GZCGVSUaZ_ThpBh7oFGxBfLuZtSO4xZ84P3CL9lfVACA==
e-online.xml
comcastentertainmentgroup.hb.omtrdc.net/settings/ Frame A5AD
228 B
312 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/settings/e-online.xml?r=1646316510514
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 11 Feb 2022 19:48:56 GMT
server
jag
etag
"2700017eea54d840"
access-control-allow-methods
GET, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
228
x-xss-protection
1; mode=block
51DeFuxquvAn
link.theplatform.com/s/BdHJDC/media/ Frame A5AD
3 KB
4 KB
XHR
General
Full URL
https://link.theplatform.com/s/BdHJDC/media/51DeFuxquvAn?csid=e_online_vod_ooc&vcid2=PaYSh-EjROJtIlF0Y0nYJ&_fw_h_referer=www.eonline.com&fw_gdpr=1&_fw_us_privacy=1---&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&player=E%21+Online+Video+Player&policy=155289502&format=SMIL&tracking=true&formats=MPEG-DASH+widevine,M3U+appleHlsEncryption,M3U+none,MPEG-DASH+none,MPEG4,MP3&vpaid=script&schema=2.0&sdk=PDK+6.4.9
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.180.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-180-77.compute-1.amazonaws.com
Software
openresty/1.15.8.3 /
Resource Hash
b8125532866f0e619531f20bfb914a3eda2ae44bd3b2c258a68d9a019eb7a019

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:30 GMT
Server
openresty/1.15.8.3
X-Cache
MISS from link.theplatform.com:443
Content-Type
application/smil; charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3219
truncated
/ Frame A5AD
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
740c91d53d19d6530c4fdfd1053776f65e428b06de45616b723a4673c90b68d5

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ Frame A5AD
193 KB
54 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PABAEA433-404F-4B0B-997C-0072538261F8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMRN_04lvqSJdvtl7TZbazXb3VGsS_cB
content-encoding
gzip
etag
W/"711241d99f4dbd99c7bef0f79ce85582"
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
server
AmazonS3
age
317
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 03 Mar 2022 14:03:14 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Gw03dWFI4mb6VfBWge8_lUnXYljW9WRAlQAzz9e6fn2jRW92n5cEzg==
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 22FC
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/

Response headers

content-type
text/html
last-modified
Mon, 29 Nov 2021 14:37:17 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
IljONPHQ882rCgbxybbkGTEVB8TZxE7m
server
AmazonS3
content-encoding
gzip
date
Thu, 03 Mar 2022 13:40:39 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
zGpdggtMcMAVsWmEbMMvBU28JJoXz5jbxInBBuslbmgdShPLa_1-zQ==
age
1672
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 22FC
44 B
563 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PABAEA433-404F-4B0B-997C-0072538261F8&sessionId=udo5i4xyw7gdo18jqxbhxraiaftkk1646316510&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.242.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-242-219.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 14:08:30 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
udo5i4xyw7gdo18jqxbhxraiaftkk1646316510.nuid.imrworldwide.com/ Frame 22FC
35 B
349 B
Image
General
Full URL
https://udo5i4xyw7gdo18jqxbhxraiaftkk1646316510.nuid.imrworldwide.com/
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:8a00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 04:28:29 GMT
via
1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
34802
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
35
x-amz-cf-id
QIJ52lb7lSpZEfQ8pzHhyyW5abyOblJnuQ-WNnyJ1ELMNbIHv96tpg==
LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS.meta
east.manifest.na.theplatform.com/m/BdHJDC/ Frame A5AD
14 KB
3 KB
XHR
General
Full URL
https://east.manifest.na.theplatform.com/m/BdHJDC/LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS.meta?sid=4929795b-a613-451b-90ef-19c99b3edbe5&policy=155289502&date=1646316510739&ip=185.183.106.151&schema=1.1&manifest=M3U&tracking=true&csid=e_online_vod_ooc&_fw_us_privacy=1---&vcid2=PaYSh-EjROJtIlF0Y0nYJ&_fw_h_referer=www.eonline.com&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&vpaid=script&fw_gdpr=1&sdk=PDK+6.4.9&player=E%21+Online+Video+Player&sig=485f1d694396c3b5c29fe0c1f812fe8661b954bf3fcfe488545fe83d92f7bad7
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.198 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.TP-SNAPSHOT) /
Resource Hash
7e707fd524d626ed588824bec3b96ec54d269639f5b26caee418599287723a9a

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:31 GMT, Thu, 03 Mar 2022 14:08:31 GMT
Content-Encoding
gzip
Server
Jetty(8.1.16.TP-SNAPSHOT)
Content-Type
application/x-mpegURL;charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Length
2998
Expires
Thu, 01 Jan 1970 00:00:00 GMT
global.js
www.nbcudigitaladops.com/hosted/
1 KB
895 B
Script
General
Full URL
https://www.nbcudigitaladops.com/hosted/global.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-e-web.js?nowrite=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.226.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-226-183.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
be103e7cd3fbcc3964b55a59a948464f6357f089b29389855941c0c004c3755f

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:31 GMT
Content-Encoding
gzip
Server
AkamaiNetStorage
ETag
"ecab88c59016ef9d08fdc7db983ade44:1375295665"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=13239527
Connection
keep-alive
Content-Length
595
moatcontent.js
z.moatads.com/nbcu194EPtQ90/
0
253 B
Script
General
Full URL
https://z.moatads.com/nbcu194EPtQ90/moatcontent.js
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:31 GMT
last-modified
Wed, 26 Oct 2016 23:04:33 GMT
server
AmazonS3
x-amz-request-id
907196956CD4A293
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=7130
accept-ranges
bytes
content-length
0
x-amz-id-2
sUbdEv9f8Gz2hS/MoasybNgALE6QHdzSSgxGL0PonM88ZvZUJPMbmEPN2Ge+pr6g+CpmqfmZ+fA=
/
d28nxrgt4y7pn6.cloudfront.net/
43 B
524 B
Image
General
Full URL
https://d28nxrgt4y7pn6.cloudfront.net/?a=1212b7832905405abe5afd281711940f
Requested by
Host: www.eonline.com
URL: https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-195.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:32 GMT
Via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Last-Modified
Mon, 22 Apr 2013 19:31:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA50-C1
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache
RefreshHit from cloudfront
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
Wuo4vLQLFDpQOhi3QayzTr5CHOpl0BhYqFP2DBcCYUsyOTzbj0OvjA==
syncframe
gum.criteo.com/ Frame 33EA
2 KB
1 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eonline.com&gdpr=1&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9
Referer
https://www.eonline.com/news/857291/you-re-doing-it-wrong-boy-brows

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
461
date
Thu, 03 Mar 2022 14:08:30 GMT
content-length
972
strict-transport-security
max-age=31536000; preload;
1
29773.v.fwmrm.net/ad/l/ Frame A5AD
0
280 B
Image
General
Full URL
https://29773.v.fwmrm.net/ad/l/1?s=o1788&n=169843%3B169843%3B171224%3B187827%3B188286%3B375524%3B375613%3B375617%3B375620%3B376521%3B378491%3B378678%3B378841%3B379619%3B382283%3B382314%3B382315%3B384777%3B505334%3B511664%3B512116%3B516448&t=1646316511120038470&f=786432&cn=slotImpression&et=i&tpos=0&init=1&slid=0,1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:76e2:e824:b454:65c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Mar 2022 14:08:32 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
s65740298497752
swa.eonline.com/b/ss/comcastegeonlineglobaldev/1/JS-2.2.0/ Frame A5AD
43 B
229 B
Image
General
Full URL
https://swa.eonline.com/b/ss/comcastegeonlineglobaldev/1/JS-2.2.0/s65740298497752?AQB=1&ndh=1&pf=1&t=3%2F2%2F2022%2014%3A8%3A32%204%200&vid=HBCWA6103787039&ce=UTF-8&pageName=E%21%20Online%20Video%20Player&g=https%3A%2F%2Fplayer.theplatform.com%2Fp%2FBdHJDC%2Fpdk6PocStable%2Fselect%2Fmedia%2F51DeFuxquvAn%3Fform%3Dhtml%26playAll%3Dtrue%26playIndex%3Dfirst%26autoPlay%3Dtrue%26logLevel%3Dnone%26params%3Dcsid%253De_online_vod_ooc%2526vcid2%253DPaYSh-EjROJtIlF0Y0nYJ%2526_fw_h_referer%253Dwww.eonline.com%2526fw_gdpr%253&r=https%3A%2F%2Fwww.eonline.com%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows&c.&globalDataType=com.theplatform.pdk.data%3A%3APdkEvent&data=%5Bobject%20Object%5D&type=OnReleaseStart&timestamp=2091.1000003814697&scope=player&showName=E%21%20Style%20Collective&a.&contentType=VOD%20Clip&media.&name=260980&friendlyName=How%20to%20Get%20the%20Perfect%20Boy%20Brows&length=44&playerName=E%21%20Online%20Video%20Player&channel=On-Domain&view=true&vsid=164631651201244123735&.media&.a&.c&pe=ms_s&pev3=video&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=746&bh=419&-g=D1%2526_fw_us_privacy%253D1---%2526gdpr_consent%253DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&mcorgid=B3ABA272551949410A4C98A2%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:32 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 04 Mar 2022 14:08:32 GMT
server
jag
xserver
anedge-cdfbd77b-6sfds
etag
3535437790637162496-4619859769768645345
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 02 Mar 2022 14:08:32 GMT
vpaid_adapter.js
imasdk.googleapis.com/js/sdkloader/ Frame F4CC
64 KB
24 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65ba4aa8b35a69ec097b33bc471e4fb8e044cc30225c088d714554a294782b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 13:58:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23646
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 23:43:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Thu, 03 Mar 2022 14:13:30 GMT
truncated
/ Frame A5AD
618 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d98e3cc3bb3c63f05e3cf21aa2e94a7ac9336965139d954d2df250d125564d1b

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F4CC
367 KB
121 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124251
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:08:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4CC
0
442 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.6325320341895164&wt=1646316512307&sdkv=h.3.502.0&xai=undefined&url=2,https%3A%2F%2Fwww.eonline.com%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows$0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/2620/ca-video-pub-5672557457834454-tag%26description_url%3Dhttp%253A%252F%252Fwww.eonline.com%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26max_ad_duration%3D15000%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26vad_type%3Dlinear%26channel%3Dvastadp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 14:08:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS.m3u8
east.manifest.na.theplatform.com/m/BdHJDC/ Frame A5AD
6 KB
2 KB
XHR
General
Full URL
https://east.manifest.na.theplatform.com/m/BdHJDC/LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS.m3u8?sid=4929795b-a613-451b-90ef-19c99b3edbe5&policy=155289502&date=1646316510739&ip=185.183.106.151&schema=1.1&manifest=M3U&tracking=true&csid=e_online_vod_ooc&_fw_us_privacy=1---&vcid2=PaYSh-EjROJtIlF0Y0nYJ&_fw_h_referer=www.eonline.com&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&vpaid=script&fw_gdpr=1&sdk=PDK+6.4.9&player=E%21+Online+Video+Player&sig=7ffa90ef6820fe88417825895fd0b6c0d22d9da2527044a8cd4f60e10777f80a
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.198 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.TP-SNAPSHOT) /
Resource Hash
5651bfc932e34dc7dc17e0aabad8a91da521bd4033ee4b82a31c20aab7e9806c

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:32 GMT, Thu, 03 Mar 2022 14:08:32 GMT
Content-Encoding
gzip
Server
Jetty(8.1.16.TP-SNAPSHOT)
Content-Type
application/x-mpegURL;charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Length
1016
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
comcastentertainmentgroup.hb.omtrdc.net/ Frame A5AD
0
16 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/?s:sc:rsid=comcastegeonlineglobaldev&s:sc:tracking_server=swa.eonline.com&h:sc:ssl=1&s:user:id=HBCWA6103787039&s:sp:ovp=theplatform&s:sp:sdk=mpx-javascript-player-sdk&s:sp:channel=On-Domain&s:sp:player_name=E!%20Online%20Video%20Player&s:sp:hb_version=js-n-1.6.9.113-3dff70&l:sp:hb_api_lvl=4&s:event:sid=164631651201244123735&s:event:type=start&l:event:duration=0&l:event:playhead=0&l:event:ts=1646316512023&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=How%20to%20Get%20the%20Perfect%20Boy%20Brows&s:asset:video_id=260980&s:asset:publisher=E!%2BOnline&l:asset:length=44&s:stream:type=VOD%20Clip&l:stream:bitrate=0&l:stream:fps=0&l:stream:dropped_frames=0&l:stream:startup_time=0&s:meta:globalDataType=com.theplatform.pdk.data%3A%3APdkEvent&s:meta:data=%5Bobject%20Object%5D&s:meta:type=OnReleaseStart&s:meta:timestamp=2091.1000003814697&s:meta:scope=player&s:meta:showName=E!%20Style%20Collective
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Mar 2022 14:08:32 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
/
comcastentertainmentgroup.hb.omtrdc.net/ Frame A5AD
0
39 B
XHR
General
Full URL
https://comcastentertainmentgroup.hb.omtrdc.net/?s:sc:rsid=comcastegeonlineglobaldev&s:sc:tracking_server=swa.eonline.com&h:sc:ssl=1&s:user:id=HBCWA6103787039&s:sp:ovp=theplatform&s:sp:sdk=mpx-javascript-player-sdk&s:sp:channel=On-Domain&s:sp:player_name=E!%20Online%20Video%20Player&s:sp:hb_version=js-n-1.6.9.113-3dff70&l:sp:hb_api_lvl=4&s:event:sid=164631651201244123735&s:event:type=aa_start&l:event:duration=0&l:event:playhead=0&l:event:ts=1646316512044&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=How%20to%20Get%20the%20Perfect%20Boy%20Brows&s:asset:video_id=260980&s:asset:publisher=E!%2BOnline&l:asset:length=44&s:stream:type=VOD%20Clip&l:stream:bitrate=0&l:stream:fps=0&l:stream:dropped_frames=0&l:stream:startup_time=0
Requested by
Host: pmd205470tn-a.akamaihd.net
URL: https://pmd205470tn-a.akamaihd.net/PDK_Plugins/300/461/heartbeats_2_0_13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Mar 2022 14:08:32 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
7.m3u8
east.manifest.na.theplatform.com/m/BdHJDC/LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS/ Frame A5AD
2 KB
1 KB
XHR
General
Full URL
https://east.manifest.na.theplatform.com/m/BdHJDC/LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS/7.m3u8?sid=4929795b-a613-451b-90ef-19c99b3edbe5&policy=155289502&date=1646316513324&ip=185.183.106.151&schema=1.1&cid=4545ee21-9f06-42c6-b3b4-356acb96ae18&host=eonlinetc-vh.akamaihd.net&meta=false&manifest=M3U&_fw_us_privacy=1---&csid=e_online_vod_ooc&vcid2=PaYSh-EjROJtIlF0Y0nYJ&_fw_h_referer=www.eonline.com&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&tracking=true&vpaid=script&fw_gdpr=1&sdk=PDK+6.4.9&player=E%21+Online+Video+Player&sig=48e50da0ecf5e35e7f326de72a1af1d90f1640fa747b7539e1153b6cdefe0b77
Requested by
Host: pdk.theplatform.com
URL: https://pdk.theplatform.com/pdk6/current/pdk/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.27.170.198 Philadelphia, United States, ASN14042 (COMCAST-COMM-MGT-1, US),
Reverse DNS
Software
Jetty(8.1.16.TP-SNAPSHOT) /
Resource Hash
8015bbf8d2b3849008fbd15e7c4fcca8eda3eb05939a288b92a8bd49fdaf947d

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
https://player.theplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 14:08:33 GMT, Thu, 03 Mar 2022 14:08:33 GMT
Content-Encoding
gzip
Server
Jetty(8.1.16.TP-SNAPSHOT)
Content-Type
application/x-mpegURL;charset=UTF-8
Access-Control-Allow-Origin
https://player.theplatform.com
Access-Control-Expose-Headers
date
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Length
887
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aHR0cHM6Ly9lb25saW5ldGMtdmguYWthbWFpaGQubmV0L2kvdHJhbnNjb2RlZC9jb21wbGV0ZS8wNC84OS8wNDg5NWRjYS0zZGE1LTRhZTUtOGRkMi03YzgxYTVjZWQ4NDUvZXNjXzIwMTcwNTI5X2Jyb3dzXzI2MDk4MF8sMjAwLDQwMCwzMDAsMTIwLDY1LDMwL...
redirect.manifest.theplatform.com/r/BdHJDC/LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS/ Frame A5AD
0
0

bridge3.502.0_en.html
imasdk.googleapis.com/js/core/ Frame 6C2E
588 KB
191 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.502.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
es-ES,es;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195644
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 01 Mar 2022 23:31:34 GMT
expires
Wed, 01 Mar 2023 23:31:34 GMT
cache-control
public, max-age=31536000
last-modified
Wed, 23 Feb 2022 23:41:21 GMT
content-type
text/html
age
139019
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame F4CC
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 14:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 03 Mar 2022 14:08:34 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 701C
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 13:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 03 Mar 2022 14:12:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
player.theplatform.com
URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=fw_gdpr%3D0
Domain
player.theplatform.com
URL
https://player.theplatform.com/p/BdHJDC/pdk6PocStable/select/media/51DeFuxquvAn?form=html&playAll=true&playIndex=first&autoPlay=true&logLevel=none&params=csid%3De_online_vod_ooc%26vcid2%3DPaYSh-EjROJtIlF0Y0nYJ%26_fw_h_referer%3Dwww.eonline.com%26fw_gdpr%3D0
Domain
link.theplatform.com
URL
https://link.theplatform.com/s/BdHJDC/media/51DeFuxquvAn?csid=e_online_vod_ooc&vcid2=PaYSh-EjROJtIlF0Y0nYJ&_fw_h_referer=www.eonline.com&fw_gdpr=1&gdpr_consent=CPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA&player=E%21+Online+Video+Player&policy=155289502&format=SMIL&tracking=true&formats=MPEG-DASH+widevine,M3U+appleHlsEncryption,M3U+none,MPEG-DASH+none,MPEG4,MP3&vpaid=script&schema=2.0&sdk=PDK+6.4.9
Domain
link.theplatform.com
URL
https://link.theplatform.com/s/BdHJDC/media/51DeFuxquvAn?autoplay=true&_fw_h_referer=www.eonline.com&csid=e_online_vod_ooc&policy=155289502&vcid2=PaYSh-EjROJtIlF0Y0nYJ&fw_gdpr%3D1%26_fw_us_privacy%3D1---%26gdpr_consent%3DCPVR_acPVR_acAcABBENCECgAAAAAAAAACiQAAAAAAChIAIC8xgAEBeY6ACAvMlABAXmUgAgLzAA.YAAAAAAAAAAA=&format=SMIL&tracking=true&formats=MPEG-DASH+widevine,M3U+appleHlsEncryption,M3U+none,MPEG-DASH+none,MPEG4,MP3&vpaid=script&schema=2.0&sdk=PDK+6.4.9
Domain
secure-sdk.imrworldwide.com
URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PABAEA433-404F-4B0B-997C-0072538261F8&sessionId=s6uulq6a69ztzmbqsratxjhha42fi1646316509&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.615&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Domain
s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com
URL
https://s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com/
Domain
redirect.manifest.theplatform.com
URL
https://redirect.manifest.theplatform.com/r/BdHJDC/LrZJ1A6PabvE,urdvljMZZaik,wJtZwx8C_3PW,WR0v7iB2xzZb,LoFidr0v_4m6,Sg4WgCL57p4e,jbFIRqsXcAWS/aHR0cHM6Ly9lb25saW5ldGMtdmguYWthbWFpaGQubmV0L2kvdHJhbnNjb2RlZC9jb21wbGV0ZS8wNC84OS8wNDg5NWRjYS0zZGE1LTRhZTUtOGRkMi03YzgxYTVjZWQ4NDUvZXNjXzIwMTcwNTI5X2Jyb3dzXzI2MDk4MF8sMjAwLDQwMCwzMDAsMTIwLDY1LDMwLDIwLDBrLm1wNC5jc21pbC9zZWdtZW50MV82X2F2LnRzP251bGw9MCZfYWxpZF89RG1nVFV3Vlc5TjkyUVhMVXJOWm54UT09?sid=4929795b-a613-451b-90ef-19c99b3edbe5&policy=155289502&date=1646316513474&ip=185.183.106.151&schema=1.0&cid=4545ee21-9f06-42c6-b3b4-356acb96ae18&aid=2225861496&dur=44000&sig=25d62d2a119a4a151f37c9c5d3d7c5b3d142ebd2e07ec57347fa37ae9ccfbd41

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone object| oncontextlost object| oncontextrestored object| mpscall object| mpsopts object| mps object| head object| mpsload object| dataLayer function| OptanonWrapper object| __APOLLO_STATE__ object| __PAGE_DATA__ object| __LOADABLE_LOADED_CHUNKS__ object| OneTrustTCFStub function| __tcfapi object| SENTRY_RELEASE object| __SENTRY__ object| _taboola object| _newsroom object| debugmode object| googletag object| gpt string| mpsinstance function| mpsCallback object| cats string| lastcat object| _mpshead object| _mpsstyles number| retval string| ret object| mpscall_original string| $dM string| sitepath object| sitepatharr string| cleanpath object| derived function| mpsGetAd string| mpsrequesturl string| OnetrustActiveGroups string| OptanonActiveGroups number| newsroomStartsLoadingTime object| tbNewsroom object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| _sf_async_config object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| jsonFeed function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| getNewRepeat function| getTimeParting function| getResponsiveLayout function| getVisitDuration function| getVisitNum function| endOfDatePeriod function| cleanStr object| otStubData object| ggeac object| google_js_reporting_queue object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| OneTrustStub boolean| __qsparam function| htmlParser function| postscribe string| __nbcudigitaladops_dtparams object| __nbcudigitaladops_inject object| __nbcudigitaladops object| __nbcudigitaladops_header number| randomOrd string| eTandomAd string| debugmsg string| warnmsg number| queuelen object| otIabModule object| Optanon object| OneTrust undefined| google_measure_js_timing string| avk object| __core-js_shared__ object| Sailthru function| hj object| _hjSettings function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed undefined| __nbcudigitaladops_gptparams object| $pdk object| js object| tpController function| cookieWrite function| cookieRead string| g object| _cbm undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_30356272 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| __otccpaooLocation object| adsbygoogle object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| s_i_comcastegeonlineglobaldev object| headertag object| Criteo function| headertag_render object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_120 object| Criteo_120

62 Cookies

Domain/Path Name / Value
mps.nbcuni.com/fetch/ext Name: adEdition
Value: none
mps.nbcuni.com/fetch/ext Name: geoEdition
Value: uk
.eonline.com/ Name: geoEdition
Value: uk
.eonline.com/ Name: adEdition
Value: ooc
.eonline.com/ Name: ssuid
Value: PaYSh-EjROJtIlF0Y0nYJ
.eonline.com/ Name: _uid
Value: PaYSh-EjROJtIlF0Y0nYJ
.eonline.com/ Name: at_check
Value: true
.eonline.com/ Name: s_plt
Value: 2.01
.eonline.com/ Name: s_pltp
Value: undefined
www.eonline.com/ Name: _cb_ls
Value: 1
www.eonline.com/ Name: _cb
Value: BEwbZBDAyq2NC3SrwZ
www.eonline.com/ Name: _chartbeat2
Value: .1646316508296.1646316508296.1.HIJf0o0YsJzknX_DJuo6bDbYYbI.1
www.eonline.com/ Name: _cb_svref
Value: null
www.eonline.com/ Name: adops_master_kvs
Value:
.demdex.net/ Name: demdex
Value: 56386201654349179833766365781085927174
.eonline.com/ Name: AMCVS_B3ABA272551949410A4C98A2%40AdobeOrg
Value: 1
.eonline.com/ Name: AMCV_B3ABA272551949410A4C98A2%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19055%7CMCMID%7C50653968222332509004345781230177914637%7CMCAAMLH-1646921308%7C6%7CMCAAMB-1646921308%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1646323708s%7CNONE%7CvVersion%7C5.2.0
www.eonline.com/ Name: sailthru_pageviews
Value: 1
.www.eonline.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Mar+03+2022+14%3A08%3A28+GMT%2B0000+(GMT)&version=6.12.0&hosts=&consentId=99ea509d-8bee-4911-90d0-fbf74a4c1994&interactionCount=0&landingPath=https%3A%2F%2Fwww.eonline.com%2Fnews%2F857291%2Fyou-re-doing-it-wrong-boy-brows&groups=1%3A1%2Cdummy%3A1%2C8%3A0%2C6%3A0%2CSTACK8%3A0%2C4%3A0%2CSTACK16%3A0%2C7%3A0
.eonline.com/ Name: mbox
Value: session#8d7f31999ee04a50b7301d4f0334edf4#1646318369|PC#8d7f31999ee04a50b7301d4f0334edf4.37_0#1709561309
ads.stickyadstv.com/ Name: uid-bp-2009
Value: 1
ads.stickyadstv.com/ Name: UID
Value: f5eeb3d2715aa2e3bd35675db7f45fc
ads.stickyadstv.com/ Name: sessionId
Value: 70d118ff755ccb74d7fd9bed9f3dea
.eonline.com/ Name: s_nr30
Value: 1646316508630-New
.eonline.com/ Name: s_gpv
Value: us%3Aarticle-detail%3Anews%3Ayoure-doing-it-wrong-boy-brows
www.eonline.com/ Name: usprivacy
Value: 1---
.eonline.com/ Name: s_vncw
Value: 1646524799756%26vn%3D1
.eonline.com/ Name: s_ivc
Value: true
.eonline.com/ Name: s_cc
Value: true
.eonline.com/ Name: aam_tnt
Value: aam_segment%3D1900987
.eonline.com/ Name: aam_uuid
Value: 56386201654349179833766365781085927174
.exelator.com/ Name: EE
Value: "a82a9c4cb885ce50814eae4412f82566"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHRwijRMtkkOcnCwjQ51dTAwtAkNTHVxMTQKM3CyNTMbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yMJySX5RZvoi1%252BDFRSlpDItKik8F71%252FBBwB3kinI"
.eonline.com/ Name: _hjSessionUser_1762303
Value: eyJpZCI6IjVmYjQ1YjU0LThjYWMtNTY1Mi04YjBkLThlZGJlMzZiMTg1NCIsImNyZWF0ZWQiOjE2NDYzMTY1MDkwMDEsImV4aXN0aW5nIjpmYWxzZX0=
.eonline.com/ Name: _hjFirstSeen
Value: 1
www.eonline.com/ Name: _hjIncludedInSessionSample
Value: 0
.eonline.com/ Name: _hjSession_1762303
Value: eyJpZCI6ImQyZjhjNjgwLWRjMTEtNDA2Ny04ZDc4LTViYjE5MGY1MDg0YSIsImNyZWF0ZWQiOjE2NDYzMTY1MDkwNTYsImluU2FtcGxlIjpmYWxzZX0=
.eonline.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.demdex.net/ Name: dextp
Value: 3-1-1646316508738|771-1-1646316508844|1175-1-1646316508948|796-1-1646316509133
www.eonline.com/ Name: sailthru_content
Value: 9ff928c4048a9b8bc3941c72d3aed14a
www.eonline.com/ Name: sailthru_visitor
Value: a28f18c5-ec7a-450b-8b95-4339acf03efd
.quantserve.com/ Name: d
Value: EIYBDAHJJbmvYA
.quantserve.com/ Name: mc
Value: 6220cbdd-1c9f5-1e219-f98a8
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l1c62_7070875565019929264
ads.stickyadstv.com/ Name: MRM_UID
Value: l1c62_7070875565019929264
.doubleclick.net/ Name: IDE
Value: AHWqTUk-Ch-rSxmd3al7IZMIT_LBlXA77a2zHZHGYZ5bY7zqWheivibV6NBt5Np_Ts8
.dpm.demdex.net/ Name: dpm
Value: 56386201654349179833766365781085927174
.adsrvr.org/ Name: TDID
Value: c854ce30-59bc-44da-881f-10424ec2822d
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi0-NzhwMq-OhAFOAE.
.fwmrm.net/ Name: _uid
Value: "l1c62_7070875565019929264"
ads.stickyadstv.com/ Name: uid-bp-892
Value: c854ce30-59bc-44da-881f-10424ec2822d
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEItCK5-_hN_NXs8UaqRRs6c
.bidr.io/ Name: bito
Value: AACNzE7EQZgAAH6iAq0v6A
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AACNzE7EQZgAAH6iAq0v6A
.yahoo.com/ Name: A3
Value: d=AQABBN7LIGICEIOuAAy9VFgjZFV5Hyof1DAFEgEBAQEdImIqYgAAAAAA_eMAAA&S=AQAAApFLUzhe0EAGQI5Wt51Bbqo
.imrworldwide.com/ Name: SSCVER
Value: v1
.imrworldwide.com/ Name: IMRID
Value: 67a10f40-9afb-11ec-8e9a-17345cc3aed4
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-H1_bl9JE2oPZLVFulaBvUaZMbbzc7E78A2Bh3JCu~A
.w55c.net/ Name: wfivefivec
Value: 8ukZQl7I1NpM875
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: 8ukZQl7I1NpM875

3 Console Messages

Source Level URL
Text
security error URL: https://www.eonline.com/dist/js/articledetail.badaf1c7c565dd8f8344.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://player.theplatform.com') does not match the recipient window's origin ('https://www.eonline.com').
security error URL: https://www.eonline.com/dist/js/articledetail.badaf1c7c565dd8f8344.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://player.theplatform.com') does not match the recipient window's origin ('https://www.eonline.com').
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
29773.v.fwmrm.net
ads.stickyadstv.com
ak.sail-horizon.com
akns-images.eonline.com
api.rlcdn.com
api.sail-personalize.com
assets.adobedtm.com
c2.taboola.com
cdn-gl.imrworldwide.com
cdn.cookielaw.org
cm.adgrx.com
cm.g.doubleclick.net
comcastentertainmentgroup.hb.omtrdc.net
d28nxrgt4y7pn6.cloudfront.net
dmp.v.fwmrm.net
dpm.demdex.net
east.manifest.na.theplatform.com
eo.demdex.net
eonline.tt.omtrdc.net
eonlinevideos.akamaized.net
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
gum.criteo.com
id.sv.rkdms.com
imasdk.googleapis.com
js-sec.indexww.com
link.theplatform.com
load77.exelator.com
loadm.exelator.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
mps.nbcuni.com
pagead2.googlesyndication.com
pdk.theplatform.com
ping.chartbeat.net
pixel.quantserve.com
player.theplatform.com
pm.w55c.net
pmd205470tn-a.akamaihd.net
polyfill.io
pr-bh.ybp.yahoo.com
redirect.manifest.theplatform.com
s0.2mdn.net
s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com
sb.scorecardresearch.com
script.hotjar.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
static.hotjar.com
swa.eonline.com
udo5i4xyw7gdo18jqxbhxraiaftkk1646316510.nuid.imrworldwide.com
vars.hotjar.com
www.eonline.com
www.nbcudigitaladops.com
z.moatads.com
link.theplatform.com
player.theplatform.com
redirect.manifest.theplatform.com
s6uulq6a69ztzmbqsratxjhha42fi1646316509.nuid.imrworldwide.com
secure-sdk.imrworldwide.com
104.111.226.183
104.79.89.79
104.89.32.152
108.157.4.80
142.250.185.130
142.250.185.194
143.204.101.195
143.204.98.102
143.204.98.33
143.204.98.82
15.188.95.229
151.101.193.44
18.134.84.16
18.66.192.121
184.73.243.156
199.27.170.198
199.27.170.201
2.16.186.218
2.18.232.60
2.18.235.40
2.19.194.249
2.20.157.55
2600:1f18:6593:f607:76e2:e824:b454:65c8
2600:1f18:6593:f608:d96:5850:6736:187e
2600:9000:2156:5a00:18:1fcd:34f:cdc1
2600:9000:2156:d800:2:42d9:3100:93a1
2600:9000:2315:8a00:1d:667e:2a40:93a1
2606:4700:10::6814:b844
2606:4700::6810:9440
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:800::2006
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::200a
2a02:2638:1::13
2a02:2638::3
2a02:26f0:b600:183::1e80
2a02:6ea0:c700::1
2a04:4e42::714
2a04:4e42:c00::282
2a05:d018:d29:3605:50ad:b5f8:175c:22d1
34.120.133.55
34.206.180.77
34.249.134.87
34.254.143.3
35.156.243.46
35.71.131.137
52.16.242.219
52.208.32.237
52.215.92.65
52.49.218.107
52.72.58.170
54.154.249.228
63.251.232.165
92.123.195.105
99.83.154.140
00d8f923dff1b3367c6131c2fee8e3311431052803defec19363d859fbd56c90
02a8cd07f9b72905689074cfd8852c03cde76a58d1ae30939ee6c05f737d47e4
04a0fa92e0f783d278c77610630814569bb804d1a12b344bb2b7934529cae360
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
0caf9c24b141371e8077656705413c1c37722df6765dab553d046a267032a28d
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
0e4f55efcc67f64b25439780e031ec3414567ce8593bb05924437b63c8a87095
0ec2c2239ca096648cc18d4cda3842ca3db7622cbd5a7ac178f54d43d69ab39f
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
1576f0a5c5e534f3d32c281d4954b7a2c28ae44819520c71dba8d94b4ff3a98f
17a72d2537dda12e0d4ae09cd36fe0c7f4e4a7707eb281643493777144c1c57f
1b110dc210ea649876c58ce28de71b7b43dc7bb9ac9e130c201fdb7798dfa50b
1c850687ac7b2c5db73e6ad306a860e507d7db83c237a3347d7f28cc0c2c384a
1d97729299024aa64b03739e244f254966f9b546045de88bd835701a473045d8
1e2ab64dbab6b8e9444ee0f501d26d274beb21c0572a880a38fae92ca55a2a0e
20501b59783bab50def451e80143d8d6424ea0ab68e53e33a0c81c277a832c3e
2533886bf42a4893e21f7c069f69f6a5a977984766509cfa8d80447707659337
2620859af9688adb239c06c7d01aec94150d91e62a76abd62faa6a5c8ade6c0f
28b11959f68db701b4218a36e9a8e8daf47fbfe4057f086595ebc2b0df44fbea
290542d4c678a71eaa90064b81fee4ae088d9d6f5215b7cc5c6c8641f3807f8d
2ac309c0e58ae47a5c344e827b28f16f76092bbb8a0c246096e418ab3e2f61f2
2b393bb3b10ebc669e26880f42307f502cc8a84ed0e0b873c4155de8b8639cbf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3770e5d86e165b98783763fa56cdc1644259ce75daa0561263b9613ca627108d
3b9ebfa1a15de4905402abad9c40fb5376813487602fb851bbe6b58ed590bfa8
3ce44c403aeb19251dc26669bdb037eaca39296fd09af5758b867225f8c5d7f6
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
433930e2ebceb8895d8d0d2c85318b78263944d95a0ae186beac40ed9fb68a2f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456291a6be47ddbcc80db509981bc398d20a6b2410e1a4575cb134fa63f9d389
499d742344f4b69df1c45273acccf5c6941269f48276e4d52cdabdfbb77a7904
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
515fdc5d8967f75ecc756f7bd0523f63be30b1ecf24a68037b768adbe77756f6
5178686db7707415c14bc775aaee217d0a2eb716f4719e75dfd34aa59abc35bd
51ffb44c70721fd6063bb69e87bf7849b8bcfeeab08fe1a76b253cbba5c29b81
5651bfc932e34dc7dc17e0aabad8a91da521bd4033ee4b82a31c20aab7e9806c
56cc974cdbc181ec3815a38c5bcdee5ca84d5dd905f3a3f9c54a27eca6ef4b97
5a42e0d38bf0d01d8bb80c522a60d774999221285de438d65c34ae0821ced852
5bef7b1f2d1aca14c4656464ea159f3d25810624521f3e12a17729d352167c0f
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
6174d123224241765b4f365df22e4840673a3a72797379134d53ed24c6d69d21
6274543538b2744ea1c112cc42704fde835a7e654f49d8ae903d35e72230b694
65ba4aa8b35a69ec097b33bc471e4fb8e044cc30225c088d714554a294782b09
66ea8edb8663be45322c040cb3e46e5b32252daee0394c20a8816fecc29fdf1f
6725607c4df85ca3e8e5abd96579968cc3d8a44bb1b64979bbd2abab0f41b747
69ad909f58d1be29084531f75776970945c448bb73ef9ff9ba3bd40f5b3d598a
69b1fa3acbdba08be1044c245a8a008fcfc0f7565dc42174bb3ebd3a21844f80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dadeb4436aae22cabbcbf6ef123236a9a266d1eb336ec2bdfe2527c636ad8fd
6dbbe82b101e40c13823192c3db34e051ce826a72814b10b2c98109f7d5d8369
70f26830f4e22375b0e522280ba2dbf6af0f2abe03c2de7ca4f96f54534cc1ff
71b00f7328f1f074db7eb9c6aad679fd218d38a68d1e2b089328a8b51b99c18a
740c91d53d19d6530c4fdfd1053776f65e428b06de45616b723a4673c90b68d5
7591e49413d4a95d6cd9dd81995956dabde6bede6de41e7cf064f0dc1aafac75
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c13919d444c4492f8dc05ad884bf0801711d95c2797e57ac8cdb25f508ecf61
7e707fd524d626ed588824bec3b96ec54d269639f5b26caee418599287723a9a
8015bbf8d2b3849008fbd15e7c4fcca8eda3eb05939a288b92a8bd49fdaf947d
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b
85751164fefb6fe81e7661c8841fee46500446f08f0440c7d67038a9d6a27935
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ae21647d1849fc6a0306a9539d049e912b9d59fab83dff959b5c08f637f0b69
8f03514c3c61cd0710db4657af3a9642f2d48373ea99589caa7a592958236537
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
943934fe0df6312d1b39c9ca901d582b3b9566b9efd69a07e6f6f3c7bc8194e6
97dde029fd4bcb2d54124814d94bcc8a3001f057e8002feb81cf506fd4265332
9ae5c20f00c460da157d5b2862736a5950db1ec5297c4dbe590483394e1a828b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3201307b8320fd57335c291ced23c705c9ba9f4929976304f5e5e4adbd34001
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5
a549e1791454ecbffa94dc2ccc3b6537ada87365e3261bf6751f0a0433efe82b
a72ee3b483fdcb212b243a4e684c497f598916becbe02e14b48fae84ff65504c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aabffd2ca6a86402bd288152ea63850eb33e662995a167212329a96f23febc19
aeaca5120938c6c25bc4df6e61ed2ee0b554574bba2b37e263f45fb6735d94b2
aeeee262bdd390e8a792ae7babf48f4b9d524eeaf388e5377b9f865166fb2c86
b0d1a24fd99a5fd3c0fee67302464e1f5b6aeab6e48e54026683e6d147e785ac
b291f3516bc21120a56c44b382646e4a820bc29f5163b3f4ef08e6ca8234dd6b
b2fd8b4f6092497299bee977d3603fa35957a12a408a8b2e815e27840d32b76f
b8125532866f0e619531f20bfb914a3eda2ae44bd3b2c258a68d9a019eb7a019
b8604270f373497ce07708cc73163913f3e204ad0c655a7efe1baff345675c1a
be103e7cd3fbcc3964b55a59a948464f6357f089b29389855941c0c004c3755f
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c8ae83b9cdb1225c5e8c939b27f2832231d7cfd6961826fa2dfad808a1393637
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d105b0a793af6426ddf8c1ef8b26ae81d889617ef5f248a72e06b8c71d91e1c5
d7639ef9732adaf582c2006a5de74d4e4fa148e000abb6dfd2e2a9f3455490db
d9298ad57b79ad1267dae11b3613ea779f763eebf484d84c21540b8ef4a99b6a
d98e3cc3bb3c63f05e3cf21aa2e94a7ac9336965139d954d2df250d125564d1b
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e00759002d503b39ec2fee29b381c01e78ad6dedf701c0a8537ee4347bec040b
e00caac038d69fd33d1e799dae6141d5faa7b0fd91063277ab4bc3e09e76607f
e0da565315a090d118f867bf7eccae0ecc9b7424b7434aee6e14ee5d4acd5bf5
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e20075cfb7ae72fc9a6ad53738afe082145da7586353c4a00b9bc73f3fdde166
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46dd3fc7af479e4504f24fde2c0f30a7702dd09ad22ad3a6dd84839796292eb
e6d30ac453d4a6814c1dc805b634d9d715547665ffcf2ee982ecde4677970b20
e98061a45f474ff7c33ea553ba4bd3dd246271311a35ebf3d2c7ef69083b4c91
eae2dc49506cf1c872723445b7469c383ab6f73b02017b41f648495d25cb0f46
eed1fc5ebe6ae7fe63f7d65cc4ffaf2c32c66fb1912b6e2654c86c40c0690f5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02f4faf2063a112ddfcb5abb7c4af9568a1800dcea25a7d50e6b873422f3082
f3b8471e99000f7892f92acaa64885882cf4d86870aacc6f5352df078f0f57f3
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f5929fb048956f115443f4d28a15a01e87b3caa2cabcf4f2c70f793ec53eb4f1
f5e065e454d999272c81abc2c8a21e7446d9d9b98e43fb4b64e5877d53870f56