ewn.co.za Open in urlscan Pro
151.101.2.207 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk.publicaster.com/click/gfaa-2ehv15-663vrx-gzuv32w1/
Effective URL:
https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campai...
Submission: On June 02 via api (June 2nd 2021, 5:53:34 am UTC) from IE

Summary HTTP 208 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 47 IPs in 10 countries across 32 domains to perform 208 HTTP transactions. The main IP is 151.101.2.207, located in United States and belongs to FASTLY, US. The main domain is ewn.co.za.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2020 on May 18th 2021. Valid for: a year.

This is the only time ewn.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	216.24.224.41 216.24.224.41	17358 (ETOLL1) (ETOLL1)
16	151.101.2.207 151.101.2.207	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.33.220.243 185.33.220.243	29990 (ASN-APPNEX) (ASN-APPNEX)
8	143.204.98.7 143.204.98.7	16509 (AMAZON-02) (AMAZON-02)
12	143.204.98.52 143.204.98.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.149.25 52.222.149.25	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
9	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
29	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	104.109.90.196 104.109.90.196	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
11	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 13	18.203.147.76 18.203.147.76	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:218e:fc00:1f:612c:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	54.88.250.198 54.88.250.198	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.44 143.204.98.44	16509 (AMAZON-02) (AMAZON-02)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.36.109.48 54.36.109.48	16276 (OVH) (OVH)
1 1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1	52.209.126.197 52.209.126.197	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3	184.30.21.51 184.30.21.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2 5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	184.30.25.51 184.30.25.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.222.158.71 52.222.158.71	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4006:813::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	66.102.1.154 66.102.1.154	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:5f::8	15169 (GOOGLE) (GOOGLE)
1	35.186.238.175 35.186.238.175	15169 (GOOGLE) (GOOGLE)
208	47

1 216.24.224.41 (Canada) 1 redirects

ASN17358 (ETOLL1, CA)
PTR: click.emailcampaigns.net

trk.publicaster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.2.207 (United States)

ASN54113 (FASTLY, US)

ewn.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.243 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-7.fra50.r.cloudfront.net

connect.primedia.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.98.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-52.fra50.r.cloudfront.net

cdn.primedia.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-25.cdg52.r.cloudfront.net

t.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.90.196 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-90-196.deploy.static.akamaitechnologies.com

cdn.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.203.147.76 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com

collector.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:218e:fc00:1f:612c:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

detect-survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.250.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-250-198.compute-1.amazonaws.com

survey.effectivemeasure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-44.fra50.r.cloudfront.net

origin.ewn.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.237 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.126.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-126-197.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.25.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.158.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-71.cdg52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:813::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:5f::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nsz.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.175 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 175.238.186.35.bc.googleusercontent.com

za-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	225 KB
29	fbcdn.net static.xx.fbcdn.net scontent-frx5-1.xx.fbcdn.net	669 KB
20	primedia.co.za connect.primedia.co.za cdn.primedia.co.za	425 KB
19	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net	197 KB
17	effectivemeasure.net 1 redirects t.effectivemeasure.net collector.effectivemeasure.net detect-survey.effectivemeasure.net survey.effectivemeasure.net	13 KB
17	ewn.co.za ewn.co.za origin.ewn.co.za	336 KB
12	gstatic.com fonts.gstatic.com csi.gstatic.com	168 KB
11	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	204 KB
7	google.com 2 redirects www.google.com adservice.google.com	1 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	161 KB
6	teads.tv a.teads.tv s8t.teads.tv t.teads.tv	134 KB
5	googletagservices.com www.googletagservices.com	159 KB
4	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r3---sn-4g5e6nsz.c.2mdn.net	885 KB
4	facebook.com www.facebook.com	41 KB
3	jsdelivr.net cdn.jsdelivr.net	3 KB
3	google-analytics.com www.google-analytics.com	38 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	883 B
2	adsrvr.org 2 redirects match.adsrvr.org	916 B
2	adform.net 2 redirects dmp.adform.net	933 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	965 B
2	google.de www.google.de adservice.google.de	906 B
2	mookie1.com cdn.mookie1.com za-gmtdmp.mookie1.com	4 KB
2	facebook.net connect.facebook.net	67 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
1	googleusercontent.com lh5.googleusercontent.com	14 KB
1	krxd.net beacon.krxd.net	338 B
1	turn.com 1 redirects d.turn.com	418 B
1	mathtag.com 1 redirects pixel.mathtag.com	587 B
1	id5-sync.com id5-sync.com	1 KB
1	googletagmanager.com www.googletagmanager.com	34 KB
1	publicaster.com 1 redirects trk.publicaster.com	565 B
0	chargeads.com Failed ads.chargeads.com Failed
208	32

	Domain	Requested by
27	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
23	tpc.googlesyndication.com	securepubads.g.doubleclick.net 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com ewn.co.za imasdk.googleapis.com tpc.googlesyndication.com
16	ewn.co.za	ewn.co.za
13	collector.effectivemeasure.net	1 redirects ewn.co.za t.effectivemeasure.net
12	cdn.primedia.co.za	ewn.co.za
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net ewn.co.za 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com
9	pagead2.googlesyndication.com	2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com tpc.googlesyndication.com ewn.co.za www.googletagservices.com securepubads.g.doubleclick.net
9	platform.twitter.com	ewn.co.za platform.twitter.com
8	connect.primedia.co.za	ewn.co.za connect.primedia.co.za
6	www.google.com	2 redirects ewn.co.za 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	ewn.co.za 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
5	www.googletagservices.com	ewn.co.za securepubads.g.doubleclick.net 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
4	2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.facebook.com	connect.facebook.net static.xx.fbcdn.net
4	fonts.googleapis.com	ewn.co.za connect.primedia.co.za 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com tpc.googlesyndication.com
3	t.teads.tv	ewn.co.za
3	cdn.jsdelivr.net	www.googletagmanager.com cdn.jsdelivr.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com connect.primedia.co.za
2	r3---sn-4g5e6nsz.c.2mdn.net	ewn.co.za
2	csi.gstatic.com	imasdk.googleapis.com
2	sb.scorecardresearch.com	1 redirects ewn.co.za
2	imasdk.googleapis.com	2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
2	a.teads.tv	securepubads.g.doubleclick.net s8t.teads.tv
2	match.adsrvr.org	2 redirects
2	dmp.adform.net	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	survey.effectivemeasure.net	t.effectivemeasure.net
2	connect.facebook.net	ewn.co.za connect.facebook.net
2	secure.adnxs.com	1 redirects ewn.co.za
1	za-gmtdmp.mookie1.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	s0.2mdn.net	2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
1	lh5.googleusercontent.com	2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
1	s8t.teads.tv	a.teads.tv
1	beacon.krxd.net	ewn.co.za
1	d.turn.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	id5-sync.com	ewn.co.za
1	origin.ewn.co.za	ewn.co.za origin.ewn.co.za
1	detect-survey.effectivemeasure.net	t.effectivemeasure.net
1	ajax.googleapis.com	connect.primedia.co.za
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	ewn.co.za
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.mookie1.com	ewn.co.za
1	www.googletagmanager.com	ewn.co.za
1	t.effectivemeasure.net	ewn.co.za
1	trk.publicaster.com	1 redirects
0	ads.chargeads.com Failed	ewn.co.za
208	55

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
twitter.com
www.facebook.com
instagram.com
primediabroadcasting.co.za
itunes.apple.com
bit.ly
sacoronavirus.co.za

Subject Issuer	Validity	Valid
*.albawaba.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.primedia.co.za Go Daddy Secure Certificate Authority - G2	`2021-03-21` - `2022-04-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.effectivemeasure.net Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
cdn.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-01` - `2022-04-01`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
ewn.co.za Amazon	`2021-05-21` - `2022-06-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
teads.tv R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-25` - `2021-08-03`	2 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Frame ID: 2B8E184448658E1A9B4D2AB7E4B59264
Requests: 92 HTTP requests in this frame

Frame: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Frame ID: B158E842302B588CFD653647660E2D33
Requests: 12 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fewn.co.za
Frame ID: C97E2C2DFDAB81851776F36B26F30339
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/share_button.php?app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c95f7bdec7a4c%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu&layout=button_count&locale=en_US&sdk=joey
Frame ID: 186C173F98446A7255D2BEB33345CF54
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Frame ID: 5E1A8CCEE119068E8D6C090FFC5F10AF
Requests: 29 HTTP requests in this frame

Frame: https://origin.ewn.co.za/collector/
Frame ID: 285BD48C61145083833FE5C1F2AAFB0C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumfkGN8jnR4xtUX9hyXlqFVRDDld_rSyUL3txMUnIRCl8m1kpVHPMwYX-VXbfTDyt8yDz6NuIBZeZPSoxDLBWXWMyLLQRp7rvRDkiWZgSxJlkZoPuIqqbkw1HFAW9CegpV-DG7BGOlQhhvp6GsVokdUk6uAgKFJenOEHtvazl0xnSLvrfzqT2NYnl6BIamEH02Rtx43JaLhEAGGYAbQ-4cQl7TxM8Yrbtf9pRcAWUhR9g_FKtsJ-gd4drfZ6sNfAQO8te1q-C_Hr14GRLZGmGyWckQlZADFwoU&sai=AMfl-YQkKKBN7v6c-faDvMRjDRmyrG7luOKSQXpGQQZA9hKOmIL4W7469J1haIbbfpHehEdVpUO0sNeqxa547GGg1m79PoMUXeRKg6H0y1FPCOailtQXdnE0EbXaRk3C1CqT&sig=Cg0ArKJSzI_mfR3opQxqEAE&urlfix=1&adurl=
Frame ID: 5DCBE27736CDE4305149B89C25C3B014
Requests: 6 HTTP requests in this frame

Frame: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CECA376459FAB2091430EFC9577FB8E1
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: FAC878B29B04F2F5D9C5F13C4223E33B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: A6F8E1D295D23B505F7A2652DC6CF2BD
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 916B592381F77E637034B5324B39ED5E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: 65386C460BF9C7E8C697030A0A73DF8B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: BF9644F837D48A1180C44777FD9CE091
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 21D12A9AD1A2A3BFE86860C72F7EE323
Requests: 2 HTTP requests in this frame

Frame: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 433F861BE4FE2DB5BB31CC998FCDAFEC
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 6ECD1B3F1E714FC55FBB635E740A8096
Requests: 1 HTTP requests in this frame

Frame: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 557545FD0212BCD5943BC596AD694E29
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html
Frame ID: 0DD6B5F4B5DC3EC700786739F1F18C29
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B7AB3DE803C1C449D7706ACD7C48C713
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 69CC6BAC4862973BAB34D581BF8CDC3D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B11AC11A27508CB4DCFC2ACA5967F162
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3D1BF768E86DF098A1C21CEF385DBAA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://trk.publicaster.com/click/gfaa-2ehv15-663vrx-gzuv32w1/ HTTP 302
https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

208
Requests

99 %
HTTPS

56 %
IPv6

32
Domains

55
Subdomains

47
IPs

10
Countries

3805 kB
Transfer

9191 kB
Size

17
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/za/app/eyewitness-news/id636459947
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.eyewitnessnews&hl=en
Title: Android

Search URL Search Domain Scan URL

URL: https://twitter.com/ewnupdates

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Eyewitness-News/168892509821961
Title: Find us on Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/ewnupdates/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: http://primediabroadcasting.co.za/page/privacy-notice/
Title: Privacy

Search URL Search Domain Scan URL

URL: http://primediabroadcasting.co.za/page/paia
Title: PAIA

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/za/app/eyewitness-news/id636459947?mt=8
Title: iOS

Search URL Search Domain Scan URL

URL: http://play.google.com/store/apps/details?id=com.eyewitnessnews&hl=en
Title: Android

Search URL Search Domain Scan URL

URL: http://bit.ly/EWNSubscribe
Title:

Search URL Search Domain Scan URL

URL: https://sacoronavirus.co.za/
Title: https://sacoronavirus.co.za

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk.publicaster.com/click/gfaa-2ehv15-663vrx-gzuv32w1/ HTTP 302
https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://secure.adnxs.com/seg?add=8671828&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8671828%26t%3D1

Request Chain 40

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1622613194408_1 HTTP 302
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1622613194408_1

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEPr6zriYipkoBvttwA4v5Bk&google_cver=1

Request Chain 113

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID] HTTP 302
https://collector.effectivemeasure.net/sync_webhook/mediamath/ded760b7-1ccb-4000-855f-bdc91b65f246

Request Chain 114

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id} HTTP 302
https://collector.effectivemeasure.net/sync_webhook/lotame/181f65303b670f7620153915296cfc8b

Request Chain 115

https://dmp.adform.net/serving/cookie/match?party=1181 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/adform/5175116989105047799

Request Chain 116

https://d.turn.com/r/dd/id/L21rdC8xMzg2L2NpZC8xNzQ4MjE2NzY5L3QvMg/url/https://collector.effectivemeasure.net/sync_webhook/amobee/$!%7BTURN_UUID%7D HTTP 302
https://collector.effectivemeasure.net/sync_webhook/amobee/8054466272108357914

Request Chain 118

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1 HTTP 302
https://collector.effectivemeasure.net/sync_webhook/ttd/89819ec2-d634-4a3b-baa1-3914a21b0c66

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 166

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1622613195663&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=52947560&cs_ucfr= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1622613195663&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=52947560&cs_ucfr=

Request Chain 175

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 185

https://gcdn.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8F3AE269BF06FD06A19BA177A6EECB226DB696E0.B74FEC7C3D00BCFEEFC4FCE1F274D6FF5ED94071/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7693663B34307C2DBE406ACCDF24493357A43B58.520A0169B290257988FE26563B46665E13AFCC1D/key/cms1/cms_redirect/yes/mh/U-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsz/ms/onc/mt/1622612903/mv/m/mvi/3/pl/50/file/file.mp4

Request Chain 200

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

208 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu Show response
ewn.co.za/2021/05/31/
Redirect Chain

http://trk.publicaster.com/click/gfaa-2ehv15-663vrx-gzuv32w1/
https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email

62 KB
15 KB

99ms
33ms

Document
text/html

151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: eead1ac59c670b80928b9df78c8eae8227bad220ab694d3a87fc015c57261445

Request headers

:method: GET
:authority: ewn.co.za
:scheme: https
:path: /2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx/1.19.1
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
access-control-allow-origin: *
content-encoding: gzip
x-amz-cf-pop: JNB50-C1
x-amz-cf-id: aDPUqTrbkitfuJAu6kxtLYEcSzNm8GdMgRFzrKnzukRbMJTe00VEyA==
x-b3-traceid-primal: e94253ae6d7e43b08050d55de9dc9d25
mrf-tech: CDN
accept-ranges: bytes
date: Wed, 02 Jun 2021 05:53:14 GMT
x-served-by: cache-jnb7024-JNB, cache-bma1671-BMA
x-cache: Hit from cloudfront, HIT, HIT
x-cache-hits: 1, 1
x-timer: S1622613194.088069,VS0,VE1
cache-control: public, max-age=81, stale-if-error=2592000
vary: Accept-Encoding, User-Agent
x-b3-traceid: 3cceb38a6f164f7fb9ee2a2047936a7a
mrf-cache-status: HS
content-type: text/html; charset=utf-8
content-length: 14646

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Server: TRK03
Refresh: 0; URL=https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Date: Wed, 02 Jun 2021 05:53:13 GMT
Content-Length: 321

GET
H2 200 b86984dae755899fc5a0.GTEIE9_min.css
ewn.co.za/static/ 174 KB
31 KB 35ms
34ms Stylesheet
text/css 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 96dffde1e825d75303cff1275902b3a6f1bc41bf2053a55568c0861c63086a2e

Request headers

:path: /static/b86984dae755899fc5a0.GTEIE9_min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-b3-traceid: 9d9b7b6515f048a58ee3ecb0bc4c5a5b
x-amz-cf-pop: CPT50
x-cache: Miss from cloudfront, HIT, HIT
mrf-cache-status: HH
x-b3-traceid-primal: c06ab87d58934578b0cfc88ee1dd81e4
content-length: 31499
x-served-by: cache-jnb7024-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.128006,VS0,VE0
etag: W/"1d676099d4d972a"
vary: Accept-Encoding, User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: EOlsOXezJVTi4V5LQiGGxHE6qOl8saFh2PRm96z00OqX8qlwH7QrwQ==
x-cache-hits: 37760, 2

GET
H2 200 07b009dd15a182973621.GTEIE9_min.js Show response
ewn.co.za/static/ 967 KB
229 KB 62ms
60ms Script
application/javascript 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/static/07b009dd15a182973621.GTEIE9_min.js
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: ab806b5b64211e1a60d4784f80e0ff31bc7a17f4295d064b60d946159a82b5d3

Request headers

:path: /static/07b009dd15a182973621.GTEIE9_min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-b3-traceid: b7b23deb97f947a0a01e825ab66151b2
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
mrf-cache-status: HH
x-b3-traceid-primal: efcecf391b8c4882a11788cd1397024c
content-length: 233781
x-served-by: cache-jnb7023-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.127954,VS0,VE1
etag: W/"1d6eb30cf2fcceb"
vary: Accept-Encoding, User-Agent
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: Lkp-wJT4EsneZ6vRUIMCFPmfb77DVhtrr4lIX43Mv9ZUGtwck6qrow==
x-cache-hits: 50, 1

GET
H2 200 b86984dae755899fc5a0.nyroModal_min.css
ewn.co.za/static/ 2 KB
874 B 35ms
35ms Stylesheet
text/css 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/static/b86984dae755899fc5a0.nyroModal_min.css
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: d93c09f90d79923b4ec215ed4312fe34e3b73ce8c36757ef1fd834c1899cf024

Request headers

:path: /static/b86984dae755899fc5a0.nyroModal_min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-b3-traceid: 56b240f12d0e4670ab4cc6d3f683521e
x-amz-cf-pop: CPT50
x-cache: Hit from cloudfront, HIT, HIT
mrf-cache-status: HH
x-b3-traceid-primal: b9ea89bc2d04491eb4e74df41fbc0cb0
content-length: 658
x-served-by: cache-jnb7026-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.127996,VS0,VE0
etag: W/"1d676099d4f26a1"
vary: Accept-Encoding, User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: IPraJmL7jxv2NQQAiHIT99ucWpCU7MIv0y3aIiZ75o9tui7CZZ_1kg==
x-cache-hits: 35507, 2

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57eee06ad873d05afa8fcffc6ea38aed97de3f75c6fba7ff7a33930e7ad0b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "890 / 866 of 1000 / last-modified: 1622585871"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21252
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:14 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=8671828&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8671828%26t%3D1

0
1 KB

64ms
64ms

Script
application/javascript

185.33.220.243
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8671828%26t%3D1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:14 GMT
X-Proxy-Origin: 86.106.103.103; 86.106.103.103; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: ec83ceae-19b4-4059-b51d-73c62da93e1e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:14 GMT
X-Proxy-Origin: 86.106.103.103; 86.106.103.103; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid: 710a4186-6f93-4f64-a89f-1ae893962d7e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D8671828%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ewn-logo.png
ewn.co.za/site/design/img/ 5 KB
5 KB 63ms
60ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/site/design/img/ewn-logo.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 37911c81a491e280bdeea6069ba62c11859bcc481f6f4d1b18e24397947d9bc0

Request headers

:path: /site/design/img/ewn-logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: 6a78eb92a7e3438ea5e1478269a4022a
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=9090 idim=198x86 ifmt=png ofsz=4950 odim=198x86 ofmt=webp
mrf-cache-status: HH
x-b3-traceid-primal: ecb6de7eb9cf40b190e5aaf18a6b246a
content-length: 4950
x-served-by: cache-jnb7025-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209239,VS0,VE0
etag: "lUSIt1x1UmmSYGHOvevAWX/5l1phpMh6Aap3OuoWXJk"
vary: Accept, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/webp
access-control-allow-origin: *
fastly-stats: io=1
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: jsaNpO2WS8dYSLWJ3SeWzQ9D-TEXtk-zYEsXkdjaG4SEzXmdeUL6-g==
x-cache-hits: 35067, 2

GET
H2 200 ewn-logo-sticky.png
ewn.co.za/site/design/img/ 748 B
1 KB 64ms
61ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/site/design/img/ewn-logo-sticky.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: a0b8dab84814a59fc863b574ed5c706051df3093b82f517b1641c823a3fe9b10

Request headers

:path: /site/design/img/ewn-logo-sticky.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: bae512f50d884c4fa60ce51444528675
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=1990 idim=40x40 ifmt=png ofsz=748 odim=40x40 ofmt=webp
mrf-cache-status: HH
x-b3-traceid-primal: e49f78d1a0174e5db5d719aac0f5b4e4
content-length: 748
x-served-by: cache-jnb7024-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209321,VS0,VE0
etag: "MYAuPDnRJDqcvoP//pN8ywZBrpBsdMtv2oqCTphkQFo"
vary: Accept, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/webp
access-control-allow-origin: *
fastly-stats: io=1
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ViYrW6riqQ1BUSKmBfTz-chh3-1VK8-0PyAxQvTooaJTAwlcWLfriA==
x-cache-hits: 18918, 2

GET
H2 200 loading.gif
ewn.co.za/site/design/img/ 3 KB
3 KB 64ms
61ms Image
image/gif 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/site/design/img/loading.gif
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 7069ef227a3d5bd3ad9ee3d5b21dc61cab03571081a0000de82a544a2dc3f880

Request headers

:path: /site/design/img/loading.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: 6d010187d8984afd978905d4d6ccf3a9
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=2711 idim=35x35 ifmt=gif ofsz=2699 odim=35x35 ofmt=gif ofrm=24
mrf-cache-status: HH
x-b3-traceid-primal: 72771739cbf8420e89239648930a4e00
content-length: 2699
x-served-by: cache-jnb7022-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209369,VS0,VE0
etag: "ORxs2Wp64PN2GETYfBS/mldAmN2G2dUgAJGtbigyPdc"
vary: Accept, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/gif
access-control-allow-origin: *
fastly-stats: io=1
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: TIe1xmR9dIKY3VN4OO2ziHUfrDmNm1wV7QjaV-O5CQ5AaV5tfd7IsQ==
x-cache-hits: 20391, 2

GET
H2 200 embed.min.js Show response
connect.primedia.co.za/widgets/bna/assets/js/ 6 KB
2 KB 202ms
66ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/assets/js/embed.min.js
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dacf6b74c9776ccd8aa09034d09445bb82f58a5f256d5a26a7c97a32aba729b6

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 09:12:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"1e6da7410b7f127af792b422fe6e2458"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: 9U7-cnmwZLYyKUymNlEpb54oQbPeD48hX5XRdEYMGGga3zuJnW2aDA==

GET
H2 200 p9abkshh6chyh9dwxblv
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_289,w_463/ 31 KB
31 KB 225ms
73ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_289,w_463/p9abkshh6chyh9dwxblv
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 1dee906bb32f2ba61d9edea70fee45d8b406fa481a02ba1a9164559e7e6f90cb

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 14:12:22 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Thu, 13 Aug 2020 20:12:47 GMT
server: nginx/1.19.1
age: 1179652
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31381
x-amz-cf-id: XvtEb1zZJ6LLjo84ScljWnpRNdmmmsnQgC0EJKV8nv45dVmNkOZbeQ==

GET
H2 200 b86984dae755899fc5a0.print_min.css
ewn.co.za/static/ 575 B
642 B 64ms
62ms Stylesheet
text/css 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/static/b86984dae755899fc5a0.print_min.css
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: f3bfd516ff8e30639b3768fe476d1f11bc63104ca0ad379fcbb07093b31bff84

Request headers

:path: /static/b86984dae755899fc5a0.print_min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-b3-traceid: 313e915135fd4f77951bee7d22ccba1c
x-amz-cf-pop: CPT50
x-cache: Miss from cloudfront, HIT, HIT
mrf-cache-status: HH
x-b3-traceid-primal: 75218bc195e14ebb9ea5190d01af43a8
content-length: 363
x-served-by: cache-jnb7022-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209645,VS0,VE0
etag: W/"1d676099d4f223f"
vary: Accept-Encoding, User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: 9i2ZdWr5N7VWyGjATO6oMiBHx9er1gmzzW_iqU4STJdGee-4KBX-nQ==
x-cache-hits: 15713, 2

GET
H2 200 p9abkshh6chyh9dwxblv
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_129,q_70,w_205/ 5 KB
5 KB 251ms
100ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_129,q_70,w_205/p9abkshh6chyh9dwxblv
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 1ec269e3e39e4158db308a7a77f972f24b7a57d0e9ec35f0e1101bbf2844ee0e

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 12:42:13 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Thu, 13 Aug 2020 20:46:28 GMT
server: nginx/1.19.1
age: 148261
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4711
x-amz-cf-id: Wh5h8xZ_W7cPdpPsQXR7LaDWJ4N7TUFjVWkSGRNfYG33BRQFM_ErwA==

GET
H2 200 wgbgz9bgfvchcxcnkbw7
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_129,q_70,w_205/ 7 KB
8 KB 258ms
106ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_129,q_70,w_205/wgbgz9bgfvchcxcnkbw7
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 1127b73db10bd4d10a6b96920d8e8426ba871032d9d7459adf2423a72f39bcbd

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 04:46:36 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Thu, 27 May 2021 20:43:48 GMT
server: nginx/1.19.1
age: 435998
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 7565
x-amz-cf-id: 9HddBPDhDfpcXm6qWOZmkSxohUk6xP8NrCOqBaws_iKheBWTceDMxA==

GET
H2 200 k2ijiiul9qoulbemsdzm
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_129,q_70,w_205/ 5 KB
5 KB 268ms
116ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_129,q_70,w_205/k2ijiiul9qoulbemsdzm
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 8470e9a8a967094d599c678445a958f4c6f4eb3406df99243ccde8a604ec0d7a

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 10:00:15 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Mon, 17 May 2021 11:59:22 GMT
server: nginx/1.19.1
age: 1367579
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5145
x-amz-cf-id: PvNjByKzH7gT1Haom-cW9uJAX4W7cvKlIjOVool5Q6l2SrL_CTwm7A==

GET
H2 200 axsimenknt9xmktdhgld
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/ 9 KB
10 KB 271ms
120ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/axsimenknt9xmktdhgld
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 6cae13a2d3bb79e8f7877e61efa521f0eb0f255be1d0b35e701408e420a9cadb

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 17:38:41 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 18:48:13 GMT
server: nginx/1.19.1
age: 648873
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9554
x-amz-cf-id: EB7E3C4Y875RcoQfowo4ivNcc4as23en7JFgfuuftVPE8FpMhgM8-g==

GET
H2 200 nrnx1naqgzuptsfmazxy
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/ 11 KB
11 KB 258ms
107ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/nrnx1naqgzuptsfmazxy
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 5baa1a6991897dcb02fd8be98628fdab61d104707d68f8c8db2422e66713ea40

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 17:01:46 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Sat, 15 Aug 2020 10:27:49 GMT
server: nginx/1.19.1
age: 132688
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 11122
x-amz-cf-id: FKH7NaHZukDvQd66qw-pVPWfIEDV6sXvjhAOBqqM4zSKhOvcDpxHHw==

GET
H2 200 tdfvhlzwsdays133ekjl
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/ 11 KB
11 KB 101ms
100ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/tdfvhlzwsdays133ekjl
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 63f9a261d0920dd0172d4c78a563f6b39a872f61db713faa7389e1e7a06fa175

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 11:17:58 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jan 2021 20:41:42 GMT
server: nginx/1.19.1
age: 153316
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10996
x-amz-cf-id: Z9ntnm_hbzmJms0tP4Jdk-FaHUAv0NrX6324esNPffnUGSmQpFQv2Q==

GET
H2 200 v3cxf4v7etjrraaokbep
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/ 6 KB
6 KB 98ms
97ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/v3cxf4v7etjrraaokbep
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 5124beaf75bc76307a06179aab3f68ded68c6fcbdd0cc9507f025ebd6a29f9be

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 11:00:42 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Sat, 16 Jan 2021 16:55:56 GMT
server: nginx/1.19.1
age: 154352
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5703
x-amz-cf-id: 1B8DoDIw0zZVyAfc5YekRgtgrjI4og3lEiOeqanspHhQ5icISwYh-A==

GET
H2 200 snlaswzmh8phrkkogojv
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/ 5 KB
5 KB 146ms
145ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/snlaswzmh8phrkkogojv
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: 9069346e47edb5fd6ef9e47697d57c02fd9e299c521be15846133f4e8488353c

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 09:27:59 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Fri, 06 Nov 2020 20:32:00 GMT
server: nginx/1.19.1
age: 159915
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 4703
x-amz-cf-id: Kr63sZ6E9AS3VHmj0PenQzZFHBU0ddrY0s7WPzdR-XAA0nsHAE2MZg==

GET
H2 200 kyce590tiiiijj9d6ipa
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/ 8 KB
9 KB 145ms
144ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_141,q_70,w_225/kyce590tiiiijj9d6ipa
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: ed0b497cbbf61facaf9ba2d35d48cc01ee54c7d1897bc9ac87337768f2b7e8b6

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 05:29:18 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 05 May 2021 06:46:05 GMT
server: nginx/1.19.1
age: 174236
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8407
x-amz-cf-id: nDsVeOvR3gK7_Vw_jR5j9Pt9mzni6zG9HP3leP9fXnqsy2d73BvfmA==

GET
H2 200 tnenthitclclfsa7dyeu
cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_175,q_70,w_280/ 3 KB
4 KB 106ms
106ms Image
image/jpeg 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/c_fill,h_175,q_70,w_280/tnenthitclclfsa7dyeu
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: d8630263ceb323a2d28f2bd9924fae80562dfe7fffa8dd5e15aadd9adfb03735

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 10:19:11 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Wed, 26 May 2021 20:39:26 GMT
server: nginx/1.19.1
age: 156843
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3347
x-amz-cf-id: ZpI8cUPKGODqvlP0xZyAPrgQENDOgbnrwNduirVswssxOgGhFl8xOg==

GET
H2 200 apple.jpg
ewn.co.za/site/design/img/ 10 KB
11 KB 64ms
62ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/site/design/img/apple.jpg
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: b2389a0dd662bc526e762f8b657d6e73e0d0938fa0bd915ff819f794655317dd

Request headers

:path: /site/design/img/apple.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: e09f327435dd433cbf61622da94efd69
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=44427 idim=874x1024 ifmt=jpeg ofsz=10282 odim=874x1024 ofmt=webp
mrf-cache-status: HH
x-b3-traceid-primal: 12af34e7e9984ad8b4b41b473d5de702
content-length: 10282
x-served-by: cache-jnb7021-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209551,VS0,VE0
etag: "GsmAVFYTtz7Szej6kNMwbDgn1CJKIL+G6DDL0XF6RpI"
vary: Accept, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/webp
access-control-allow-origin: *
fastly-stats: io=1
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9DzthbYLyQ-jxMYSKO1CPNKpcScb_zyACUT6HUtXueQWtEOe5Rdm_A==
x-cache-hits: 52681, 2

GET
H2 200 android.jpg
ewn.co.za/site/design/img/ 1 KB
2 KB 65ms
63ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/site/design/img/android.jpg
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: dc92a360ba5738f0e9d589dc8f4b93ce9e8b5a12618b80f461c919a670e63ccd

Request headers

:path: /site/design/img/android.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: e3aad98a14fb4c49b309555788a5cab0
x-amz-cf-pop: JNB50-C1
x-cache: RefreshHit from cloudfront, HIT, HIT
fastly-io-info: ifsz=3057 idim=225x225 ifmt=jpeg ofsz=1294 odim=225x225 ofmt=webp
mrf-cache-status: HH
x-b3-traceid-primal: 4a184b53584643e3a256a7dcc9631c42
content-length: 1294
x-served-by: cache-jnb7023-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209538,VS0,VE0
etag: "29w/1v4ydnze5aYAXfJohwOpKQEIimK28vTyaC3eQVE"
vary: Accept, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/webp
access-control-allow-origin: *
fastly-stats: io=1
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Bbt4saY0JvFRL-RHKFSLp-DgUV4CGX4_rcXXUdgt9jvVCDpH9-9Dfg==
x-cache-hits: 22122, 2

GET
H2 200 rjmmxcnwfcznechkzz9p.png
cdn.primedia.co.za/primedia-broadcasting/image/upload/v1538138159/ 288 KB
289 KB 106ms
105ms Image
image/png 143.204.98.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.primedia.co.za/primedia-broadcasting/image/upload/v1538138159/rjmmxcnwfcznechkzz9p.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-52.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: f4a0934261461009ad98ba4acda6169d9dced381c3713d429c50870fc018ecda

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 10:08:53 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
last-modified: Fri, 28 Sep 2018 14:36:00 GMT
server: nginx/1.19.1
age: 9747861
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
content-length: 294809
x-amz-cf-id: svODBi7FnZTdj8Sy-TJ8f2b9I3MJ_sfONolhi2XjXDf2NmccfXIRbg==

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300|Open+Sans+Condensed:300,300italic,700|PT+Serif:400,400italic|PT+Sans+Narrow|PT+Sans:400,400italic

Requested by

Host: ewn.co.za
URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad236a66e80ab0eacb60eadac1bd49207dd1b6c6e43d6db420633c0c859bb372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 05:53:14 GMT
server: ESF
date: Wed, 02 Jun 2021 05:53:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Jun 2021 05:53:14 GMT

GET
H2 200 tag.js Show response
t.effectivemeasure.net/ 22 KB
7 KB 212ms
70ms Script
application/javascript 52.222.149.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.effectivemeasure.net/tag.js?1622
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-25.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: O3a7WZEATOQUEXh0NtsTxnF269jGh9BQ
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 01:00:17 GMT
server: AmazonS3
age: 222796
etag: W/"93cb9d1cb96864d82a396bd64bd41630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ffe6c29ca0993b4638edf6dcc08181b4.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
date: Sun, 30 May 2021 23:01:21 GMT
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: nptqu9FN1DRvkDDB4SqtbASjqcsW8dNYS4l6o5XqVuwnfaGlbpixyA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
34 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NHXCDK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f01d7ba86301c782289f8564062089a29df04dcac10c8b39335bccbdfbe75f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34644
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Jun 2021 05:53:14 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 27ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 05:53:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 737
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28779
x-tw-cdn: VZ
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6725)
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 whatsapp-button.js Show response
ewn.co.za/site/design/js/vendor/ 6 KB
3 KB 64ms
62ms Script
application/javascript 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/site/design/js/vendor/whatsapp-button.js
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: f175f46e6410c9dccda41530ca677dd34d9b8ae787874198f62591ee777f9b19

Request headers

:path: /site/design/js/vendor/whatsapp-button.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ewn.co.za
referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-b3-traceid: ded379363f0e4f8f8b7fd29e44fc6c38
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
mrf-cache-status: HH
x-b3-traceid-primal: ed5acc4431024c00a8b06d2901d1fc26
content-length: 2849
x-served-by: cache-jnb7024-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.209603,VS0,VE0
vary: Accept-Encoding, User-Agent
access-control-allow-methods: POST, GET, OPTIONS, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: IAqNDN3ws-xL5hYk41ojJkT0oXHigTmABb60ioM4EBN-mVgCMBzETg==
x-cache-hits: 16098, 2

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c761b097c52a9e2a0617dc1c128970c3c78d662a9537879ae38f0463ae5d04d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: olkI1mnUA7st1xVrHF0diQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 9oh/1lV99VuIznN6dvfpgodtj0LxxinhnEjWpBpOv9yjSBSHEOFyK+b3GAf5Ai4SFU21/B5u26bjE+rheC8Qxw==
x-fb-trip-id: 686109401
x-fb-content-md5: 966be239a0b19ac518ba45a686d32de3
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 02 Jun 2021 05:53:14 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d6103b2e4947ad40ac3237df65163541"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 02 Jun 2021 05:58:27 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NHXCDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2511
date: Wed, 02 Jun 2021 05:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 02 Jun 2021 07:11:23 GMT

GET
H/1.1 200
OK containr.js Show response
cdn.mookie1.com/ 9 KB
3 KB 244ms
117ms Script
application/x-javascript 104.109.90.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mookie1.com/containr.js
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.90.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-90-196.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 05:53:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 2941
Last-Modified: Tue, 08 Sep 2020 10:42:20 GMT
Server: AkamaiNetStorage
ETag: "6200df1a0ff97d44f843b0184fa20225:1599561740.987291"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 02 Jun 2021 05:54:14 GMT

GET
H2 200 covidbar-latest.min.js Show response
cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/ 3 KB
2 KB 21ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/covidbar-latest.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NHXCDK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5f2fc2c1a19af03784b7e3bdd9098f35c63bfbb52fd04ac6789d53cfeb70b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 35447
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1216
etag: W/"c2e-Cj/Cdx0ZES7zP9afGqW9dkgxxuw"
x-served-by: cache-fra19154-FRA, cache-hhn4068-HHN
date: Wed, 02 Jun 2021 05:53:14 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 193ms
67ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:14 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 218 KB
64 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=1a5e808762d6d656ac0b3d195f5534f1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e9f79bc257f549f6558eb1450a2cb10815f66594231f07c93780bb7514cd99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ewn.co.za
Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ST833qFyWzi+1pRms87rYg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65814
x-fb-rlafr: 0
x-fb-debug: l6xuEofVbEChRiSSXftu74LogsqstMgxeYsf2h+sgDQVHNpIuob9QTAIa516yYlXTblOzGeAAwNwteTYeYqCSA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7688e5a3e20738049eb19542c9fe8b47
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 02 Jun 2021 05:53:14 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b7a489be0326f78bae8b57f46f8614da"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 03:33:37 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1945548555&t=pageview&_s=1&dl=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=Israel%27s%20Lapid%20says%20%27obstacles%27%20remain%20in%20bid%20to%20oust%20Netanyahu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=612252164&gjid=1511826714&cid=796932783.1622613194&tid=UA-4633773-8&_gid=1505575138.1622613194&_r=1&gtm=2wg5q15NHXCDK&cd1=Article&cd2=418011&z=1527580492

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-4633773-8&cid=796932783.1622613194&jid=612252164&gjid=1511826714&_gid=1505575138.1622613194&_u=YEBAAEAAAAAAAC~&z=1908333343

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Jun 2021 05:53:14 GMT
content-type: text/plain
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4633773-8&cid=796932783.1622613194&jid=612252164&_u=YEBAAEAAAAAAAC~&z=951237158

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-4633773-8&cid=796932783.1622613194&jid=612252164&_u=YEBAAEAAAAAAAC~&z=951237158

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 37ms
36ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=259652954116494&input_token&origin=1&redirect_uri=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1a5e808762d6d656ac0b3d195f5534f1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Fdas4MxrDAd2jKq+84Jv26WJMJbgkLqcn9cRY6Gr4awo5u02gzMQ0L8ozh6jhk1B3sXFA+CT10nHgNhMVyAH0A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Jun 2021 05:53:14 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ewn.co.za
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

get Show response
collector.effectivemeasure.net/beacon/
Redirect Chain

https://collector.effectivemeasure.net/beacon/get?cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1622613194408_1
https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1622613194408_1

143 B
742 B

73ms
73ms

Script
text/javascript

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1622613194408_1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-147-76.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

bbdd18d9d3d5aa7fe0a275dfea85e52d3a1383959eaa9dca340f51e9af0fd715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 136
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:14 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Vary: Accept
Content-Type: text/plain; charset=utf-8
Location: https://collector.effectivemeasure.net/beacon/get?final=1&cookies=vt%2Copt_out%2Cc3%2Cslr%2Cslc%2Cdmp%2Cgc%2Cmb&callback=cb1622613194408_1
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 160
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 btn-search.png
ewn.co.za/static/assets/ 880 B
1 KB 33ms
32ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/static/assets/btn-search.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 141e299c226d137244ed052eaa9a1b4369a963de7cab3b8f8f78703737b93446

Request headers

:path: /static/assets/btn-search.png
pragma: no-cache
cookie: _ga=GA1.3.796932783.1622613194; _gid=GA1.3.1505575138.1622613194; _gat_UA-4633773-8=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: 9b8e2afa00714300806756c3190b4588
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=2526 idim=31x62 ifmt=png ofsz=880 odim=31x62 ofmt=webp
mrf-cache-status: HH
fastly-stats: io=1
content-length: 880
x-served-by: cache-jnb7027-JNB, cache-bma1671-BMA
x-b3-traceid-primal: 2ef0829c771e4276a876917ca7755cbb
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613194.437613,VS0,VE0
etag: "9KTyX60kJs+w3nnASeTYlF6uGwNOVl9s4xD1lozQS04"
vary: Accept, User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: BO0z7T12Y9rSwM1GY_njuGumJ2BLYtTxbODTaQn-UkbZX5l4aFswtw==
x-cache-hits: 23341, 2

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,400,300|Open+Sans+Condensed:300,300italic,700|PT+Serif:400,400italic|PT+Sans+Narrow|PT+Sans:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ewn.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 23:49:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
age: 108239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16256
x-xss-protection: 0
expires: Tue, 31 May 2022 23:49:15 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ewn.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:32:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
age: 26441
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:32:33 GMT

GET
DATA 200
OK truncated
/ 97 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28ba5c163b60608dabede274b1be3d24652e38cd52a7a084ee32051e556c8d55

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 EJRTQgYoZZY2vCFuvAFT_r21cg.woff2
fonts.gstatic.com/s/ptserif/v12/ 34 KB
34 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRTQgYoZZY2vCFuvAFT_r21cg.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be5daba1b69c2dad0eed50cc17bea9659ab23d79d8d412dc8e5c6013b41f39c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ewn.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:24 GMT
server: sffe
age: 76801
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34732
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:13 GMT

GET
H2 200 foundation-icons.woff
ewn.co.za/static/assets/ 31 KB
32 KB 33ms
31ms Font
application/font-woff 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ewn.co.za/static/assets/foundation-icons.woff
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec

Request headers

sec-fetch-mode: cors
origin: https://ewn.co.za
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.3.796932783.1622613194; _gid=GA1.3.1505575138.1622613194; _gat_UA-4633773-8=1
:path: /static/assets/foundation-icons.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ewn.co.za
referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ewn.co.za
Referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: 42088da35ba246ef8b39699f5183124b
x-amz-cf-pop: JNB50
x-cache: Miss from cloudfront, HIT, HIT
mrf-cache-status: HH
x-b3-traceid-primal: cf8d7567ff5645f6bb07734a7d793108
content-length: 32020
x-served-by: cache-jnb7024-JNB, cache-bma1671-BMA
mrf-tech: CDN
server: Kestrel
x-timer: S1622613194.464303,VS0,VE0
etag: "1d60ff73edcc714"
vary: User-Agent
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: F1kFaoEdd6GlGQ9mqk2ISxTXz5tlrwdD8q_4LUE6TKFaOnGeic4j9w==
x-cache-hits: 29243, 2

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
13 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ewn.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 02:48:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
age: 11077
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
expires: Thu, 02 Jun 2022 02:48:37 GMT

GET
H3-29 200 z7NHdQDnbTkabZAIOl9il_O6KJj73e7Fd_-7suD8Rb2V.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NHdQDnbTkabZAIOl9il_O6KJj73e7Fd_-7suD8Rb2V.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

879b77fa913c6743a887c573c86be4c51ed98604e68da2e9cdb127afda9704bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ewn.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 04:35:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:50 GMT
server: sffe
age: 4657
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13412
x-xss-protection: 0
expires: Thu, 02 Jun 2022 04:35:37 GMT

GET
H2 200 widget.html Show response
connect.primedia.co.za/widgets/bna/ Frame B158 2 KB
1 KB 63ms
62ms Document
text/html 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/assets/js/embed.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf6a145371d7933f400e913ab97b41241105dda0119931fdd1c1dad14183e01

Request headers

:method: GET
:authority: connect.primedia.co.za
:scheme: https
:path: /widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

content-type: text/html
last-modified: Wed, 02 Jun 2021 05:47:06 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 02 Jun 2021 05:53:14 GMT
etag: W/"743b59cd9527a42564b2e86e768337e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: coz0X5NDcNLGa7ZZ13eZ9gF1dKAh6tmZGJdKAzGTBuAUBKKAWgni7w==

GET pixel
ads.chargeads.com/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ewn.co.za

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ewn.co.za

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
4 KB 564ms
500ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=612449239522763&correlator=4299140130460401&output=ldjh&impl=fif&eid=31060989%2C31061142%2C31061181&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=72803759%2CEWN_Web%2CWorld&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3DSkin%26ad_group%3Dad_opt%26ad_h%3D5&cust_params=articleID%3D418011%26tagID%3D2054%252C6737%252C130730&cookie_enabled=1&bc=31&abxe=1&lmt=1622613194&dt=1622613194605&dlt=1622613194107&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=1317971659&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200&msz=1600x0&ga_vid=796932783.1622613194&ga_sid=1622613195&ga_hid=1945548555&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ab584a3fac526223fbd934173667b5f3231c009d330e5b03a097f1c84ab3a0be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4023
x-xss-protection: 0
google-lineitem-id: 4719838213
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138312068844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
13ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 30ms
9ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
262 B 197ms
134ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=612449239522763&correlator=4299140130460401&output=ldjh&impl=fif&eid=31060989%2C31061142%2C31061181&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=72803759%2CEWN_Web%2CWorld&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=pos%3DOOP%26ad_group%3Dad_opt%26ad_h%3D5&cust_params=articleID%3D418011%26tagID%3D2054%252C6737%252C130730&cookie_enabled=1&bc=31&abxe=1&lmt=1622613194&dt=1622613194609&dlt=1622613194107&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=0&adks=1801273503&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1200&msz=1600x0&ga_vid=796932783.1622613194&ga_sid=1622613195&ga_hid=1945548555&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

71fc9777767a0a6c471075b013adcf7cffb619d1e85a1e3cb804d337a628a5b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 75 KB
27 KB 567ms
505ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=612449239522763&correlator=4299140130460401&output=ldjh&impl=fif&eid=31060989%2C31061142%2C31061181&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=72803759%2CEWN_Web%2CWorld&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=pos%3DLB1%26ad_group%3Dad_opt%26ad_h%3D5&cust_params=articleID%3D418011%26tagID%3D2054%252C6737%252C130730&cookie_enabled=1&bc=31&abxe=1&lmt=1622613194&dt=1622613194611&dlt=1622613194107&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=578&adys=20&adks=548037379&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x89&msz=728x0&ga_vid=796932783.1622613194&ga_sid=1622613195&ga_hid=1945548555&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef187e7d159f586873a744f32431d636408d2523f62d07ad986b62581ff08560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27583
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
27 KB 1270ms
1208ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=612449239522763&correlator=4299140130460401&output=ldjh&impl=fif&eid=31060989%2C31061142%2C31061181&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=72803759%2CEWN_Web%2CWorld&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3DMPU1%26ad_group%3Dad_opt%26ad_h%3D5&cust_params=articleID%3D418011%26tagID%3D2054%252C6737%252C130730&cookie_enabled=1&bc=31&abxe=1&lmt=1622613194&dt=1622613194613&dlt=1622613194107&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=1006&adys=481&adks=3919649435&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vis=1&dmc=8&scr_x=0&scr_y=0&psz=299x0&msz=299x0&ga_vid=796932783.1622613194&ga_sid=1622613195&ga_hid=1945548555&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9edca90ed95da5bd20c1db79fe21dc815eb1c9ac933dcdeacdc3b1db3e0de4bb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNDK_5ih-PACFTyK_QcdCe8JdA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6743790100231513062/300x600/index_300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNDK_5ih-PACFTyK_QcdCe8JdA&gqi=&layout=/sadbundle/%24csp%253Der3%24/6743790100231513062/300x600/index_300x600.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28040
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 02 Jun 2021 05:53:15 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
14 KB 903ms
840ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=612449239522763&correlator=4299140130460401&output=ldjh&impl=fif&eid=31060989%2C31061142%2C31061181&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210602&iu_parts=72803759%2CEWN_Web%2CWorld&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3DMPU2%26ad_group%3Dad_opt%26ad_h%3D5&cust_params=articleID%3D418011%26tagID%3D2054%252C6737%252C130730&cookie_enabled=1&bc=31&abxe=1&lmt=1622613194&dt=1622613194614&dlt=1622613194107&idt=468&frm=20&biw=1600&bih=1200&oid=3&adxs=1006&adys=1072&adks=3562038394&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vis=1&dmc=8&scr_x=0&scr_y=0&psz=299x0&msz=299x0&ga_vid=796932783.1622613194&ga_sid=1622613195&ga_hid=1945548555&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c9c61985fc676275915603df3af98992d4038cacb69ce94ce91b010d49cc81a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14621
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ewn.co.za
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
connect.primedia.co.za/widgets/bna/assets/css/ Frame B158 3 KB
2 KB 192ms
192ms Stylesheet
text/css 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/assets/css/style.css?t=1
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26ec4310be2780d0fc73eba1aa8a16fc0f2264c932b412820308ca5320eff2f1

Request headers

Referer: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 09:12:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"081365eb2ab5be7c55821080efe44fa3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: Gpqtq3Wi4mnH_K20MCv6WUpw7f0DtqTGfULe38CxkVJdKeNQTVz2Bw==

GET
H2 200 modernizr.js Show response
connect.primedia.co.za/widgets/bna/assets/js/vendor/ Frame B158 11 KB
5 KB 179ms
179ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/assets/js/vendor/modernizr.js
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1991b47b0dd898fb6b0affa24c03ee7bfed27796bd0959f54de929b89512afe6

Request headers

Referer: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 09:12:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"af71e73c084534b45bdd06224977b260"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: GIUAC6QUt5bkc_x2-PjSJR24ih06SA-8pY158qdx_fi0vXGadZ0AZw==

GET
H2 200 breaking-news.gif
connect.primedia.co.za/widgets/bna/assets/images/ Frame B158 4 KB
5 KB 180ms
179ms Image
image/gif 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.primedia.co.za/widgets/bna/assets/images/breaking-news.gif
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8beadec20d9b3735a0867fada1201542a44d09cdf90f21411ba9697ef0c5a842

Request headers

Referer: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 09:12:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "ccb0d4b8268b4e8461f8d2256fe11711"
x-cache: RefreshHit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 4357
x-amz-cf-id: 4G5ardMdGKlH5PlOEOEMVwsDLGdDFZP0NDrPbZqpIvtjNJ4YtGdKBQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame B158 91 KB
32 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://connect.primedia.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 15:55:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50239
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 15:55:55 GMT

GET
H2 200 pym.js Show response
connect.primedia.co.za/widgets/bna/assets/js/vendor/ Frame B158 16 KB
4 KB 182ms
181ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/assets/js/vendor/pym.js
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b24a5d7944e38ee2e44fbf6bc00514619f2f52542a68de47bd4a6ceee13d20d5

Request headers

Referer: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 09:12:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"697a90c70b2216dbb2ff64a22fdafe3a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: 1y47RKh1H2CSCtxFg1bD_7xCP_ze5SUbSrvUDDFMDDWBpvD6tW8D2w==

GET
H2 200 moment.min.js Show response
connect.primedia.co.za/widgets/bna/assets/js/vendor/ Frame B158 34 KB
12 KB 190ms
190ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/assets/js/vendor/moment.min.js
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca

Request headers

Referer: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 09:12:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"85e5d41eb9c451c16d4e784aec13d948"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-amz-cf-id: 6tdXtZDwx4S0Stseivrdxx_3bGZg-T77VomFLXsAOHn-CfvcwnU4DQ==

GET
H2 200 main.min.js Show response
connect.primedia.co.za/widgets/bna/assets/js/ Frame B158 411 B
740 B 182ms
181ms Script
application/javascript 143.204.98.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.primedia.co.za/widgets/bna/assets/js/main.min.js
Requested by: Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-7.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afcea3a8f0b63b194c186aeb062997c9d344f88053f87fdfd2f9a4103e63a15b

Request headers

Referer: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
last-modified: Fri, 31 Jan 2020 09:12:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "3c24b921bd5f3acbfe40ae65283528cf"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 411
x-amz-cf-id: 55qIBuwes2lvvBkxZ7or51mNjPa6R6dGlsQpmaFMtU6dL4n2uN6PQQ==

GET
H/1.1 200
OK detect Show response
detect-survey.effectivemeasure.net/ 19 B
461 B 81ms
23ms XHR
application/json 2600:9000:218e:fc00:1f:612c:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-survey.effectivemeasure.net/detect?
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1622
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:fc00:1f:612c:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 02:30:15 GMT
Via: 1.1 78a48d8d46b0e5cf69ec8a7f633776e1.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 530579
X-Powered-By: Express
X-Cache: Hit from cloudfront
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
X-Amz-Cf-Pop: CDG52-P1
Content-Length: 19
X-Amz-Cf-Id: Cu2OxH1qpMLsT2gavTZeX2VPqfhZdWaQMXUYK2OQx8vpDyL4FPptag==

GET
H/1.1 200
OK sync_pixels Show response
collector.effectivemeasure.net/ 866 B
801 B 318ms
98ms XHR
application/json 18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.effectivemeasure.net/sync_pixels?pageURL=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vt=304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1622
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: c7c178db779e83d8811dc7a6f73341fe25c12118ebcac82cc94f43719d67c70e

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Content-Encoding: gzip
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 469
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK pixel
collector.effectivemeasure.net/ 35 B
288 B 73ms
73ms Image
image/gif 18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/pixel?et=pageview&ed=&br=t&vn=b21b8ec&tz=2&pu=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&vt=304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96&vi=bf8b3fea-2600-4bfc-ae6a-fd0dde8ee188-179cb48781d-1d112787&du=0&dt=0&c1=1&c3=1&pc=1&db=0&pr=&tt=Israel%27s%20Lapid%20says%20%27obstacles%27%20remain%20in%20bid%20to%20oust%20Netanyahu&te=375&sh=1200&sw=1600
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:14 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B158 4 KB
630 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Requested by

Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/assets/css/style.css?t=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://connect.primedia.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 05:09:43 GMT
server: ESF
date: Wed, 02 Jun 2021 05:53:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Jun 2021 05:53:14 GMT

GET
H3-29 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ Frame B158 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://connect.primedia.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 00:47:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:50 GMT
server: sffe
age: 18374
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14872
x-xss-protection: 0
expires: Thu, 02 Jun 2022 00:47:00 GMT

GET
H3-29 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/ Frame B158 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://connect.primedia.co.za
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:59:41 GMT
x-content-type-options: nosniff
age: 24813
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16256
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:37 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 22:59:41 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 97 B
653 B 72ms
72ms Script
text/javascript 18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22gc%22%3A%22DE%22%2C%22mb%22%3A%220%22%7D&callback=cb1622613194408_2

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1622

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-147-76.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

22e79560e6b8619925a2f2ed603f7b5a0c8af2b4ff3bb3e9f50d627baed2750f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 97
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 launchConfigs Show response
survey.effectivemeasure.net/ 2 B
122 B 135ms
135ms XHR
application/json 54.88.250.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Requested by: Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1622
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.250.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-250-198.compute-1.amazonaws.com
Software: / Express
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 02 Jun 2021 05:53:15 GMT
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

OPTIONS
H2 204 launchConfigs
survey.effectivemeasure.net/ Frame 0
0 418ms
135ms Preflight 54.88.250.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.effectivemeasure.net/launchConfigs
Protocol: H2
Server: 54.88.250.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-250-198.compute-1.amazonaws.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ewn.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame C97E 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fewn.co.za
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ewn.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545527
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:14 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 custom-select.png
ewn.co.za/static/assets/ 96 B
472 B 32ms
32ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/static/assets/custom-select.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 39db16c6bc631a720753ebd76b8870e6aec2f7d486c1b932c728b9a995a7f838

Request headers

:path: /static/assets/custom-select.png
pragma: no-cache
cookie: _ga=GA1.3.796932783.1622613194; _gid=GA1.3.1505575138.1622613194; _gat_UA-4633773-8=1; _em_vt=304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96; _em_c3=1; _em_vi=bf8b3fea-2600-4bfc-ae6a-fd0dde8ee188-179cb48781d-1d112787; _em_lt=1622613194781; _em_ft=1622613194781; _em_pc=1; __gads=ID=17dc42bffa810b01-22e5e9a94ec80000:T=1622613194:S=ALNI_MbR8xdA9AUVvgzYPXmO85RG0Qq6Fw; _em_gc=DE; _em_mb=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: ce50fd3b09424164b634c8d9b0001058
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=1017 idim=24x26 ifmt=png ofsz=96 odim=24x26 ofmt=webp
mrf-cache-status: HH
fastly-stats: io=1
content-length: 96
x-served-by: cache-jnb7026-JNB, cache-bma1671-BMA
x-b3-traceid-primal: 2bd77407931245118276540eb928ef2e
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613195.923430,VS0,VE0
etag: "pHWA/HYifwyY04pmPPkOLDydimf/n4E/pigrvS6GmhM"
vary: Accept, User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: cn0xZy6fp3JsCgzEUooyI-iQE3w3poIZu-uWRPNeFRidT9113-TH9A==
x-cache-hits: 159, 2

GET
H2 200 audio-controls.png
ewn.co.za/static/assets/ 556 B
881 B 33ms
32ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/static/assets/audio-controls.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 4589ae030927cf63e1dcada86d25675a1e79fb8e8a846c13a70b807f3657d54e

Request headers

:path: /static/assets/audio-controls.png
pragma: no-cache
cookie: _ga=GA1.3.796932783.1622613194; _gid=GA1.3.1505575138.1622613194; _gat_UA-4633773-8=1; _em_vt=304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96; _em_c3=1; _em_vi=bf8b3fea-2600-4bfc-ae6a-fd0dde8ee188-179cb48781d-1d112787; _em_lt=1622613194781; _em_ft=1622613194781; _em_pc=1; __gads=ID=17dc42bffa810b01-22e5e9a94ec80000:T=1622613194:S=ALNI_MbR8xdA9AUVvgzYPXmO85RG0Qq6Fw; _em_gc=DE; _em_mb=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: 8275275219764f08b556387462d3f892
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=980 idim=50x50 ifmt=png ofsz=556 odim=50x50 ofmt=webp
mrf-cache-status: HH
fastly-stats: io=1
content-length: 556
x-served-by: cache-jnb7027-JNB, cache-bma1671-BMA
x-b3-traceid-primal: 2b733a497f8d4eafb0333c074adbed57
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613195.931334,VS0,VE0
etag: "iGiN/JjJKO1XCzl1NELwov1beWvPhw2Ydovr1o7qPvM"
vary: Accept, User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: goR865VHtmN3wQxM4bQrji3Y3QuezMmXaLDYrwm5gAeSYMwXJYE7OQ==
x-cache-hits: 21875, 2

GET
H2 200 slider_handle.png
ewn.co.za/static/assets/ 502 B
829 B 33ms
32ms Image
image/webp 151.101.2.207
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewn.co.za/static/assets/slider_handle.png
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: 46aedb337cc55eab6d6d76d4ddf083fb20af3b78c50ab4e3125ddc7825bacaea

Request headers

:path: /static/assets/slider_handle.png
pragma: no-cache
cookie: _ga=GA1.3.796932783.1622613194; _gid=GA1.3.1505575138.1622613194; _gat_UA-4633773-8=1; _em_vt=304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96; _em_c3=1; _em_vi=bf8b3fea-2600-4bfc-ae6a-fd0dde8ee188-179cb48781d-1d112787; _em_lt=1622613194781; _em_ft=1622613194781; _em_pc=1; __gads=ID=17dc42bffa810b01-22e5e9a94ec80000:T=1622613194:S=ALNI_MbR8xdA9AUVvgzYPXmO85RG0Qq6Fw; _em_gc=DE; _em_mb=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ewn.co.za
referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ewn.co.za/static/b86984dae755899fc5a0.GTEIE9_min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
x-b3-traceid: 6832d50528f34fb58d9c6a4caaa4aebe
x-amz-cf-pop: JNB50-C1
x-cache: Miss from cloudfront, HIT, HIT
fastly-io-info: ifsz=763 idim=16x32 ifmt=png ofsz=502 odim=16x32 ofmt=webp
mrf-cache-status: HH
fastly-stats: io=1
content-length: 502
x-served-by: cache-jnb7025-JNB, cache-bma1671-BMA
x-b3-traceid-primal: 41cd032726fc4dbe8d668e72988801d1
mrf-tech: CDN
server: nginx/1.19.1
x-timer: S1622613195.931533,VS0,VE0
etag: "gsh9+HYXG++HCsFyI/eiDguzefYe6sIztNhUVokQPtU"
vary: Accept, User-Agent
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, stale-if-error=2592000
accept-ranges: bytes
x-amz-cf-id: Kxvcudv7pQG61B76pFOjejXWpobEx8cBt41nq20f9ChS-65FJMVXaw==
x-cache-hits: 36635, 2

GET
H2 200 covidbar.min.css
cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/themes/ 4 KB
1 KB 7ms
7ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/themes/covidbar.min.css

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/covidbar-latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fa85ee55208325965746c48f9dd9ae8c310b6c9db5d333f917061dd8d92ca93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40610
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1158
etag: W/"1107-gtTcYY0+7byFGOp/xB0MfgcjbDo"
x-served-by: cache-fra19149-FRA, cache-hhn4068-HHN
date: Wed, 02 Jun 2021 05:53:14 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 en.html Show response
cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/lang/ 228 B
531 B 23ms
8ms XHR
text/plain 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/lang/en.html

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/primediabroadcasting/za-covid19-js/covidbar-latest.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

703a675e9f88f43dd9599e3e02da6f16bf4f69673cf4070675a20f2b4253112d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 33594
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 181
etag: W/"e4-HhpSENDuULfX6L5sKiLSpV6v0Sg"
x-served-by: cache-fra19134-FRA, cache-hhn4048-HHN
date: Wed, 02 Jun 2021 05:53:14 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 share_button.php Show response
www.facebook.com/plugins/ Frame 186C 43 KB
13 KB 73ms
72ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/share_button.php?app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c95f7bdec7a4c%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu&layout=button_count&locale=en_US&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1a5e808762d6d656ac0b3d195f5534f1&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4f38615b01f17c3f7c76504dca0c2c84358592d69701ec73a0ce1e995f8e1ff8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/share_button.php?app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c95f7bdec7a4c%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu&layout=button_count&locale=en_US&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: 2uhF1Cc9o9jMvNWbJWcMRYINVrzleqi+Sx9iowBS/34aacTseB/l5s8ZBRrvuzNk7hpWKefABws1f9EQT/ERCw==
date: Wed, 02 Jun 2021 05:53:14 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 page.php Show response
www.facebook.com/plugins/ Frame 5E1A 101 KB
27 KB 80ms
80ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=1a5e808762d6d656ac0b3d195f5534f1&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a5835528727a245b0eb76452be8692e803f76c18266d5ef63870ce0551c314f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
x-xss-protection: 0
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security: max-age=15552000; preload
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: litmQyjCpqv6Q46gyINanVrUWDZrmAVebHsuj85pUgG9ntQWFHJY6MQgdwKKFSrBBtNGpV/47hLJ7qXl3C3EpA==
date: Wed, 02 Jun 2021 05:53:15 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 / Show response
origin.ewn.co.za/collector/ Frame 285B 296 B
580 B 2222ms
2044ms Document
text/html 143.204.98.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://origin.ewn.co.za/collector/
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-44.fra50.r.cloudfront.net
Software: nginx/1.19.1 /
Resource Hash: b778c3160307bf5c69dd99c88f4f9b23f2bfe6b459484c83191d5311c220d6c5

Request headers

:method: GET
:authority: origin.ewn.co.za
:scheme: https
:path: /collector/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.3.796932783.1622613194; _gid=GA1.3.1505575138.1622613194; _gat_UA-4633773-8=1; _em_vt=304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96; _em_c3=1; _em_vi=bf8b3fea-2600-4bfc-ae6a-fd0dde8ee188-179cb48781d-1d112787; _em_lt=1622613194781; _em_ft=1622613194781; _em_pc=1; __gads=ID=17dc42bffa810b01-22e5e9a94ec80000:T=1622613194:S=ALNI_MbR8xdA9AUVvgzYPXmO85RG0Qq6Fw; _em_gc=DE; _em_mb=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

content-type: text/html
server: nginx/1.19.1
date: Wed, 02 Jun 2021 05:53:17 GMT
last-modified: Sat, 11 Apr 2020 11:49:24 GMT
access-control-allow-origin: *
content-encoding: gzip
etag: W/"1d60ff73edcbb28"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Q6nryA9ZnQ_QdPxC9NKz_e9o4nc05CU8D5umZZJm3yTFKR0GmVv8vA==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C97E 256 B
441 B 311ms
166ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=dfabbc7329429c366eebb4e21c83a3b9db64ed15

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fewn.co.za

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:14 GMT
content-encoding: gzip
last-modified: Wed, 02 Jun 2021 05:53:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: cbeeb2e9370e9d27c754b2c5ee1533ba5f9d98135e0c7bf081ba222be9a0bbf4
content-length: 176

GET
H2 200 zSKZHMh8mXU.png
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 186C 388 B
632 B 9ms
8ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/share_button.php?app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2c95f7bdec7a4c%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu&layout=button_count&locale=en_US&sdk=joey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: OXkfbyoQllrLprmdB7JWzH9cH4hUx6PJnfUdV/uA7rBoLfHAkbpwuC8l979GZOpznxtgSPQJXSd9haRpjA6mVQ==
x-fb-trip-id: 686109401
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Wed, 02 Jun 2021 05:53:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 388
x-fb-rlafr: 0
expires: Sun, 29 May 2022 04:00:26 GMT

GET
H2 200 MiaOIhYITfD.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/ Frame 186C 504 KB
132 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yp/l/en_US/MiaOIhYITfD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23a463bb0714d1125f2bbb8d55699cfcfda8c4d430c0ce8c53d45270ff5b9200

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KAgdD6btBaNzwyptbFIgcA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135141
x-fb-rlafr: 0
x-fb-debug: 5d0yE404VS/iJOw1aOnYKn2ZjPTdr8tBwLp356GRuwsFDQskzEeihV925Id4c7Lh31OMLgPgjK/LZ39P9cnYGQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 02:41:46 GMT

GET
H3-29 200 8Js0ibzSlq3.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame 5E1A 23 KB
5 KB 8ms
6ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/8Js0ibzSlq3.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89092832ac161c8ef641b21d3b53f21e5920b73a45ff7102f647e2323dba061a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5/s62q5hFeq7jWvwLo9xEw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5354
x-fb-rlafr: 0
x-fb-debug: gPQ8vcW0J0TJBdaMV9PZlfkheuYs6d+4DiMAMIBHx1Oa8ZHm8j7QFvqX6KXL9+4PV4YHg3zmj6s37smbQoWGUg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 31 May 2022 21:15:17 GMT

GET
H3-29 200 ggzcJLJkhSr.css
static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ Frame 5E1A 3 KB
1 KB 9ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1102
x-fb-rlafr: 0
x-fb-debug: nl9zIMcqcteQnWOm3cQ7sSvnzT4T1EQ/zh1xCxE2tQPuCP1E32IlNYiD3mVPuxJmOolNmtWLYkElguw+6F0D+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 21:31:49 GMT

GET
H3-29 200 UG5hFH3OnGZ.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/ Frame 5E1A 36 KB
7 KB 11ms
8ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EdrE11NR23Bfi5e1q30Fuw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7078
x-fb-rlafr: 0
x-fb-debug: xYzg1mDCXUBd9Xre3S/SyK3CciDUOmQ5Ldv+Rf1WkjbtVaxPeFhvhmfSPdzyxMRXVCJY1iLYcIK2gp4J0msntg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 19:19:48 GMT

GET
H3-29 200 ucvXoPeQ-Im.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y0/r/ Frame 5E1A 293 KB
80 KB 12ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ucvXoPeQ-Im.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6aff9e390a1598903d10a72d9928717842cb3b97e160473797afe0d668d8a6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: eGo/Zvh09CeEriHm2DbNtg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 81410
x-fb-rlafr: 0
x-fb-debug: pXJIJhld/6wB4IAMYr25UbS4Q23mufLj7J/pEIaXNJ3Je6pv6N/abgBAD73FlKL1rslQq71HSLiGNpA4q0o6VQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 00:00:13 GMT

GET
H3-29 200 84Gk3y_vk_e.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 5E1A 63 KB
19 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/84Gk3y_vk_e.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4628c198d4045b82f224a6e12cfb5c964f12bdb7627bd9cd1b9bb09db106c5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: N4c4N27XVa4cUKVvbumOhw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 19691
x-fb-rlafr: 0
x-fb-debug: Z8F2/QLDxd17OEO/cjOLTinM8V2/KviMOaopy9904B2+0qWX110jzSL4E0o5cZ+ySsSxiF5BERTOOiUYpwoHFw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 02:41:48 GMT

GET
H3-29 200 XKznDY4vyap.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yJ/l/en_US/ Frame 5E1A 126 KB
35 KB 14ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yJ/l/en_US/XKznDY4vyap.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ed44ecc1ef024b6e6db9305166f505940047282cf519e7845ad3b8928fd42b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JzO5jPXULJGoD4Of9vGRDA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 35923
x-fb-rlafr: 0
x-fb-debug: Ap1TVMKdsyeg3iFPzKDOkChZQVaCu3w728qD0+Ln3it8hgxz/tg5LVMDqpGV0BJSuANn2Xeob6qj1E+NFwsDaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 00:05:33 GMT

GET
H3-29 200 IEOQM8FL8ot.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 5E1A 5 KB
2 KB 63ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1630
x-fb-rlafr: 0
x-fb-debug: CMH21b+5ZA/+PdaaN50C9WAP7g0K7OUlN9SDpzQSOjLwUiPFD5dIt1guG++IYd3hkoNDfgNUdetRQN/7udo16g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 19:19:45 GMT

GET
H3-29 200 q3JF3hLjbAD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame 5E1A 2 KB
850 B 63ms
60ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/q3JF3hLjbAD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1ETliEs92UIU/fKzQa5sDA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 797
x-fb-rlafr: 0
x-fb-debug: JMyIGNNxj3/E1fJ/TAQw/xBsWpQ5UgnpiPcBGLi/XaaQ1bah+dkn5QS2UfvjTubCQTLiw2z6r11BEgGgWsr+8A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 19:19:33 GMT

GET
H3-29 200 Qz3JrrlIhso.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_US/ Frame 5E1A 15 KB
5 KB 64ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yw/l/en_US/Qz3JrrlIhso.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9d82f7fa499cfcf79fb47fc1577ae16b2eb24ce1ba683735d704b4f41d5a365

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QM9fImQ5E1No6fjoVe0epg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4970
x-fb-rlafr: 0
x-fb-debug: 1a3SSBf4/Db52CBectKhyNARy5BdvsND0bnuQlO+AYB51U54yR1H47zCTF76qo8GjJ3RJcfKQrgwpWOEfZ0HXw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 19:20:04 GMT

GET
H3-29 200 ykbSkxJ8VJE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 5E1A 9 KB
3 KB 64ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/ykbSkxJ8VJE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b64f5bc28886025d0249793131aab1cf4a02c6b799543e2a74bc8047ead1b41

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8u6hsl3sOAhh3qFnVy4qyw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 3219
x-fb-rlafr: 0
x-fb-debug: gHyKnJSxAX0WTedTUiis+1z8RbJkp0WWsRpoaL4rUxn8Au5kwNUKgrMeWs9aeC2tMn3/fE8sHY8NwPO7jbwzOg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 19:19:33 GMT

GET
H3-29 200 aQa7oCYA81c.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 5E1A 153 KB
45 KB 64ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/aQa7oCYA81c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9942792a98be68218dc45d066d8283940a0db66067a400108a8355afd7dcfc89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NLcoI94PxuwnfUizY2wMug==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 46184
x-fb-rlafr: 0
x-fb-debug: 7lhW2igCF/Uz+j6C/4FrBRcdmOmOSG1gD+3q4QRHC2518DJ+Ps37f59uucgrXEiEia/Cro8Z74Vf32CMSuhByQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 00:00:53 GMT

GET
H3-29 200 SohvyHf9bqU.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame 5E1A 7 KB
2 KB 65ms
62ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/SohvyHf9bqU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d175d400e6415cd2d5a76e744971ca96e79124b57fe873d184b93837d9dfe681

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: riaa4M39g865Cd4IB5wjSA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2093
x-fb-rlafr: 0
x-fb-debug: 1J1lDMj/XZlK2RvzerRJfRP37+2Ki3J8Twf0svLkfQzk9ZeO4oQpPPw5n97uErvhekIuMRn1x/r6KVWVxy7jBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 May 2022 12:53:09 GMT

GET
H3-29 200 8CgELotb6aF.js Show response
static.xx.fbcdn.net/rsrc.php/v3ig8t4/yo/l/en_US/ Frame 5E1A 421 KB
101 KB 65ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ig8t4/yo/l/en_US/8CgELotb6aF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfb84434ded081a8155ca12989f5b3d826c47ba6263c3a485e3a780d62f3c505

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vIBfW/8tEUOC2NuxkefcOQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 102906
x-fb-rlafr: 0
x-fb-debug: Ec3uRGB+DiT/h+iQ9jU+JAAABBDhwuSBR7Ndp2nis99bAidB90WT5MC6Uxb7cuPGqh824rNRZuRGWSHtHPzqUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 01 Jun 2022 20:07:27 GMT

GET
H3-29 200 SstzgicKir3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 5E1A 17 KB
6 KB 65ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/SstzgicKir3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e14d009d5c1e8953832df9e65fc55e5e91d7e7235f632b06cdd12113d334c3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7Y/l3TA92TNp7zo+ZewQsA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5685
x-fb-rlafr: 0
x-fb-debug: PdtkcVf6DYeIsKX8P3a5fSoJrQI0C3y3AIeL2O49EH0EX1ckdkLDmjKDCTrPcaVSs8sitQFZbr7elqS5rqBOmA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 19:32:02 GMT

GET
H3-29 200 t-GXSricKNb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 5E1A 100 KB
27 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/t-GXSricKNb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b084bccf56424e2c46798c98c4660855758741cbab22e992cc743d8f483e39b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1aCIs2YMdee1s9Ia/DWoVg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 27978
x-fb-rlafr: 0
x-fb-debug: dWMVYaXjo4WfPgPKMN+HvsiaKEsRA8u4z7FNG2yBZZgTxdHO8pgijzS+gGczG2ZDp7ldw/AO3Kcr9OoRWbTtBQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 May 2022 21:21:04 GMT

GET
H3-29 200 3eyUSO3GX0B.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame 5E1A 358 KB
80 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/3eyUSO3GX0B.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c75136baa67d2e8916bf059ad33f50b79b523a2fd205544e7f6e51dac69cf503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 45uTIpHkFIasJ3XrcQLnog==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 82119
x-fb-rlafr: 0
x-fb-debug: GKk3xpICX8wcrxtl1Hh94HUwVLgDP/+pKvjFOXcwLu8t8+s2+24lwtLXKCnYt7hU52tu77Q9Xw6m9j4hnPycgQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 00:00:53 GMT

GET
H3-29 200 1ouqjKb1uDH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 5E1A 6 KB
2 KB 67ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/1ouqjKb1uDH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9111759c48bc92483be73d61c6460b871d31cc265009b31a75c651fa374d1b84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FpB8/DnPW1+3Z7RAHtDLRw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2023
x-fb-rlafr: 0
x-fb-debug: gy07bfa9+zyPh/Qjq3uSRnEdT0zGE0mAgdXaev0IlGu3f0fsldqhjcrZsvE8a2fgNBWGqf4MnLBiEoFK0RcaEw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 02 Jun 2022 00:00:53 GMT

GET
H3-29 200 33hb9tZ1Ds8.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 5E1A 15 KB
6 KB 67ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/33hb9tZ1Ds8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

221b1459af8f41252a68775f825c9855f32d94f172c87194501ab5235c65503b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cS02ABWUm9JVWUkpc+wVnQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 5772
x-fb-rlafr: 0
x-fb-debug: Hbob7vOwGbLNQ17NnDg1hpk2PqmYNkXDl7ce1hJK2qPqPmlA1wCzIy/l1KkzRWYHduJZ2P8OKNOJJuMrMNEPaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 May 2022 15:52:59 GMT

GET
H3-29 200 6UyZrr4EPQv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 5E1A 865 B
550 B 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/6UyZrr4EPQv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a5046caaa8b5dc9c59adebf02b626f8fce84ed0b216ff73c33953fddf194d4bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1rVsqwXS0LrbSUrxCIwppQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 494
x-fb-rlafr: 0
x-fb-debug: bbbXRsDxgy/iFJR0JsfCAQ7JnLDM9WckEgg6qF5zX6LbDfIlsAH1iF+vKxeVtS4LZpUkqY6rpULspYFP5t3TAQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 19 May 2022 12:06:49 GMT

GET
H3-29 200 5KTWL492ptw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 5E1A 2 KB
900 B 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/5KTWL492ptw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29491d93022eb312a91d5a5c914e606b0fea45683e35d85d8f3758b307814520

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w3ft5y2t9ujFfqFlHCjGcw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 844
x-fb-rlafr: 0
x-fb-debug: //X547G0OaTojI2OOVPMVNjhEsMPnDJ3zzbnuDllJZuPWXAHHtriK8PMaOhX6SSF/hEz1uz062ZFW98daUBPlQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 May 2022 15:52:59 GMT

GET
H2 200 161840388_4169250756452763_8758740373729856413_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p130x130/ Frame 5E1A 33 KB
34 KB 20ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.6435-0/p130x130/161840388_4169250756452763_8758740373729856413_n.png?_nc_cat=100&ccb=1-3&_nc_sid=dd9801&_nc_ohc=e9v0fmIKVioAX8W9P7x&_nc_ht=scontent-frx5-1.xx&tp=30&oh=b7d743160f9c76a28514ae7ebd0fced1&oe=60DE8E22
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 25000377c9d49017e839be4d0f89b39f88992c065fa0a5978e6985d3fd667e25

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2658530076
date: Wed, 02 Jun 2021 05:53:15 GMT
x-fb-trip-id: 917726464
last-modified: Thu, 18 Mar 2021 10:53:14 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3105003192
x-fb-config-version-olb-prod: 1107
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34219

GET
H2 200 11037662_929441410433730_6115039529831555703_o.jpg
scontent-frx5-1.xx.fbcdn.net/v/t31.18172-1/cp0/c10.0.50.50a/p50x50/ Frame 5E1A 1 KB
1 KB 21ms
7ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t31.18172-1/cp0/c10.0.50.50a/p50x50/11037662_929441410433730_6115039529831555703_o.jpg?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=cBx8W48b52wAX86VoTC&_nc_ht=scontent-frx5-1.xx&tp=27&oh=f15b8b5479dd296b336d7068dad28847&oe=60DB2670
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7d76d85c982fe003bfa4cbd174a3519e26e1bf85da73441057f948050fdd4242

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 883690438
date: Wed, 02 Jun 2021 05:53:15 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 02 Mar 2015 14:08:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 137662811
x-fb-config-version-olb-prod: b8b91be5952c4c26b0586141826eca72
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1311

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame B158 48 KB
19 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: connect.primedia.co.za
URL: https://connect.primedia.co.za/widgets/bna/widget.html?initialWidth=1011&childId=pmb-wg-bna

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.primedia.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2512
date: Wed, 02 Jun 2021 05:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 02 Jun 2021 07:11:23 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/520/ 43 B
1 KB 270ms
64ms Image
image/gif 54.36.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/520/9.gif?puid=304b89e4-d4e1-42b8-9a5b-1000960468b3&callback=https://collector.effectivemeasure.net/sync_webhook/mediarithmics/%7BID5UID%7D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.48 , France, ASN16276 (OVH, FR),

Reverse DNS

p03.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 05:53:10 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1

200
OK

google_gid
collector.effectivemeasure.net/sync_webhook/ddp/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=emi_ddp&google_cm
https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEPr6zriYipkoBvttwA4v5Bk&google_cver=1

35 B
288 B

74ms
74ms

Image
image/gif

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEPr6zriYipkoBvttwA4v5Bk&google_cver=1
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://collector.effectivemeasure.net/sync_webhook/ddp/google_gid?google_gid=CAESEPr6zriYipkoBvttwA4v5Bk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ded760b7-1ccb-4000-855f-bdc91b65f246
collector.effectivemeasure.net/sync_webhook/mediamath/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https://collector.effectivemeasure.net/sync_webhook/mediamath/[MM_UUID]
https://collector.effectivemeasure.net/sync_webhook/mediamath/ded760b7-1ccb-4000-855f-bdc91b65f246

35 B
288 B

73ms
72ms

Image
image/gif

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/mediamath/ded760b7-1ccb-4000-855f-bdc91b65f246
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: MT3 3736 915c305 master zrh-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://collector.effectivemeasure.net/sync_webhook/mediamath/ded760b7-1ccb-4000-855f-bdc91b65f246
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Wed, 02 Jun 2021 05:53:14 GMT

GET
H/1.1

200
OK

181f65303b670f7620153915296cfc8b
collector.effectivemeasure.net/sync_webhook/lotame/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://bcp.crwdcntrl.net/5/ct=y/c=10063?https://collector.effectivemeasure.net/sync_webhook/lotame/${profile_id}
https://collector.effectivemeasure.net/sync_webhook/lotame/181f65303b670f7620153915296cfc8b

35 B
288 B

74ms
73ms

Image
image/gif

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/lotame/181f65303b670f7620153915296cfc8b
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://collector.effectivemeasure.net/sync_webhook/lotame/181f65303b670f7620153915296cfc8b
cache-control: no-cache
x-server: 10.45.9.209
content-length: 0
expires: 0

GET
H/1.1

200
OK

5175116989105047799
collector.effectivemeasure.net/sync_webhook/adform/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1181
https://dmp.adform.net/serving/cookie/match?CC=1&party=1181
https://collector.effectivemeasure.net/sync_webhook/adform/5175116989105047799

35 B
288 B

91ms
72ms

Image
image/gif

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/adform/5175116989105047799
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
server: nginx
location: https://collector.effectivemeasure.net/sync_webhook/adform/5175116989105047799
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

8054466272108357914
collector.effectivemeasure.net/sync_webhook/amobee/
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMzg2L2NpZC8xNzQ4MjE2NzY5L3QvMg/url/https://collector.effectivemeasure.net/sync_webhook/amobee/$!%7BTURN_UUID%7D
https://collector.effectivemeasure.net/sync_webhook/amobee/8054466272108357914

35 B
288 B

78ms
75ms

Image
image/gif

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/amobee/8054466272108357914
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://collector.effectivemeasure.net/sync_webhook/amobee/8054466272108357914
pragma: no-cache
date: Wed, 02 Jun 2021 05:53:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 usermatch.gif
beacon.krxd.net/ 0
338 B 225ms
72ms Image
text/plain 52.209.126.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=narratiive&partner_uid=304b89e4-d4e1-42b8-9a5b-1000960468b3
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.126.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-126-197.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1622613195
x-served-by: beacon-n004-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

89819ec2-d634-4a3b-baa1-3914a21b0c66
collector.effectivemeasure.net/sync_webhook/ttd/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=effective-measure&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=effective-measure&ttd_tpi=1
https://collector.effectivemeasure.net/sync_webhook/ttd/89819ec2-d634-4a3b-baa1-3914a21b0c66

35 B
288 B

72ms
72ms

Image
image/gif

18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_webhook/ttd/89819ec2-d634-4a3b-baa1-3914a21b0c66
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://collector.effectivemeasure.net/sync_webhook/ttd/89819ec2-d634-4a3b-baa1-3914a21b0c66
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 215

GET
H/1.1 200
OK salesforce
collector.effectivemeasure.net/sync_cbpixel/ 35 B
288 B 76ms
73ms Image
image/gif 18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector.effectivemeasure.net/sync_cbpixel/salesforce
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-147-76.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 35
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK set Show response
collector.effectivemeasure.net/beacon/ 100 B
552 B 149ms
73ms Script
text/javascript 18.203.147.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://collector.effectivemeasure.net/beacon/set?cookies=%7B%22dmp%22%3A%221622613195124%22%7D&callback=cb1622613194408_3

Requested by

Host: t.effectivemeasure.net
URL: https://t.effectivemeasure.net/tag.js?1622

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.147.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-147-76.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.1 / Express

Resource Hash

61d67035b4379b2cb676632076cec3f970924a5725d5fbb0abf3d9381d568b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Jun 2021 05:53:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx/1.16.1
X-Powered-By: Express
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 96
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29 200 qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 5E1A 3 KB
3 KB 6ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/8Js0ibzSlq3.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/8Js0ibzSlq3.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: mYHthztMFpkKWJq8tUSpqHgHWUAgqAUca9QG5xybPWcdMCjrZ3qpJdef2fxSLmaTaUFJDTBbX9h7Wy2McB5NRA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: iN31dShDArRt9ZikrDb13w==
date: Wed, 02 Jun 2021 05:53:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2616
x-fb-rlafr: 0
expires: Mon, 30 May 2022 19:20:46 GMT

GET
H3-29 200 ApcBOUT5FoS.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 5E1A 573 B
624 B 7ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/8Js0ibzSlq3.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/8Js0ibzSlq3.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: w/fMw0DrZxMGtf9Rccu7AJFTGyVkaSrXrJYBtFb9Rae0RW9TqOQo46iFEoGQpGDqHpN1xqeFzUfMy6Ol1QGAYg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Wed, 02 Jun 2021 05:53:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 573
x-fb-rlafr: 0
expires: Sat, 28 May 2022 23:34:54 GMT

POST
H3-29 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 5E1A 1 KB
828 B 44ms
44ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=878865865491285&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yJ/l/en_US/XKznDY4vyap.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

187af53ed8ad42664e69f03dc9e561ad6140200ebcdc25220553fc9e10ba7647

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: qPp8Z4evijxdAP7v6Kcg1N
Referer: https://www.facebook.com/plugins/page.php?adapt_container_width=true&app_id=259652954116494&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb2fa7a68f2bc%26domain%3Dewn.co.za%26origin%3Dhttps%253A%252F%252Fewn.co.za%252Ff27a7f7434c65ac%26relation%3Dparent.parent&container_width=300&height=800&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FEyewitness-News-168892509821961%2F&locale=en_US&sdk=joey&show_facepile=true&small_header=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 8WauySelmGvJbLZq8i+FMZRY6sWZU+JnLDRoqzGb78EdN7BSfvnmyqNIWT3U7awKrDNUTQDYugTax7bbtW3PJQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Jun 2021 05:53:15 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H3-29 200 HvhuGt0aF7N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 5E1A 276 KB
58 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/HvhuGt0aF7N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ucvXoPeQ-Im.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

93c306ed29ae9dd329fc3098b57fb1e8f161a2b68aaeb517884daa549e663676

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BKZp+mgM/7v1nRhjfGPN+A==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 58952
x-fb-rlafr: 0
x-fb-debug: htZFW+ske6RF3Q6Cq49TUSqC3cLbyzGIdDS3FP5hvu/ZkuzlS96tkHTdYfdcxmHbRA8IepkygOKaOM7sxEaRgQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 30 May 2022 19:19:33 GMT

GET
H3-29 200 cAEvN19HjM2.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 5E1A 885 B
436 B 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/cAEvN19HjM2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ucvXoPeQ-Im.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lRXvpxxdUT7QUnYyGQ+l6g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 378
x-fb-rlafr: 0
x-fb-debug: z+iYA8T0FGr+EMsTKmVC4c0biaA1WK8cw0b027FuJ3+xpzVoKF1y1CHZXZLzwQM0+Xg3sGZnj/0621dWjwRydA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 29 May 2022 00:03:43 GMT

GET
H3-29 200 nuSZvOPs-lg.png
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 5E1A 12 KB
12 KB 6ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/nuSZvOPs-lg.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 0N+tWw+lv/jriTzVhie8wuKbqcz5g5coiMLXdJluOGSZOrZY9CLz0FbV03Fy2rffJ7RQ/Y18X6KZmEouzSNVrw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: +tH9SoPO1ugg3HR9LK4liQ==
date: Wed, 02 Jun 2021 05:53:15 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 11870
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Mon, 30 May 2022 19:20:14 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5DCB 0
0 91ms
91ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumfkGN8jnR4xtUX9hyXlqFVRDDld_rSyUL3txMUnIRCl8m1kpVHPMwYX-VXbfTDyt8yDz6NuIBZeZPSoxDLBWXWMyLLQRp7rvRDkiWZgSxJlkZoPuIqqbkw1HFAW9CegpV-DG7BGOlQhhvp6GsVokdUk6uAgKFJenOEHtvazl0xnSLvrfzqT2NYnl6BIamEH02Rtx43JaLhEAGGYAbQ-4cQl7TxM8Yrbtf9pRcAWUhR9g_FKtsJ-gd4drfZ6sNfAQO8te1q-C_Hr14GRLZGmGyWckQlZADFwoU&sai=AMfl-YQkKKBN7v6c-faDvMRjDRmyrG7luOKSQXpGQQZA9hKOmIL4W7469J1haIbbfpHehEdVpUO0sNeqxa547GGg1m79PoMUXeRKg6H0y1FPCOailtQXdnE0EbXaRk3C1CqT&sig=Cg0ArKJSzI_mfR3opQxqEAE&urlfix=1&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 05:53:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H2 200 tag Show response
a.teads.tv/page/86576/ Frame 5DCB 767 B
681 B 183ms
60ms Script
application/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/86576/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3101b0b3a196c7a44feaa63caffde49c418b512b748a3c1b0591929122a5d086

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 481
expires: Wed, 02 Jun 2021 06:53:15 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DCB 121 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H3-29 200 container.html Show response
2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CECA 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 02 Jun 2021 05:53:14 GMT
expires: Thu, 02 Jun 2022 05:53:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5DCB 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43e2fe909700e8ebac888bfb490d63d473f14eacf1e9e0aad195990a0b89d6e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK button.5573c974dc31bbdab5ea7923a0bd5cf3.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 05:53:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:56:41 GMT
Server: ECS (frb/6725)
Age: 545529
Etag: "382be2960021b88f6ce982d997cdbd01+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2294

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/spam_signals/ Frame CECA 6 KB
3 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 04:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 04:21:22 GMT

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame CECA 30 KB
12 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f0669ff255cd90c451c76619317e3052af49c218084470845d1e158f5e121e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12033
x-xss-protection: 0
server: cafe
etag: 11632432068174195920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:47:21 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CECA 22 KB
7 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 20:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32614
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 20:49:41 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame CECA 17 KB
7 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 13581262519725736155
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:37:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame CECA 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:38:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CECA 121 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame CECA 13 KB
6 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:15:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CECA 0
0 14ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTafEWjr1jn1FXJRG4LxJEWjWD90RdH2S-lo8suPpRs_rTgPsZMHMNH1vrfjdgItRiLtp7m
Requested by: Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame FAC8 36 KB
14 KB 14ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ewn.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545527
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:15 GMT
Etag: "2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6725)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame A6F8 36 KB
14 KB 21ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ewn.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545527
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:15 GMT
Etag: "2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6725)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 916B 36 KB
14 KB 28ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6725) /
Resource Hash: 2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ewn.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545527
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:15 GMT
Etag: "2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6725)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

GET
H/1.1 200
OK follow_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame 6538 36 KB
14 KB 24ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6713) /
Resource Hash: 2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ewn.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545523
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:15 GMT
Etag: "2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:42 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6713)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 13632

GET
H/1.1 200
OK tweet_button.06c6ee58c3810956b7509218508c7b56.en.html Show response
platform.twitter.com/widgets/ Frame BF96 32 KB
12 KB 27ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ewn.co.za/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545528
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:15 GMT
Etag: "a87932e0f094e1fb4cced05f7d97ab94+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12228

GET
H2 200 teads-format.min.js Show response
s8t.teads.tv/media/format/v3/ 606 KB
133 KB 64ms
61ms Script
text/javascript 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/86576/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44bf4e9bfe160c5d8bdbcfb310314641735eab4834a9229edd8150d264c1dff3

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-request-id: 4SH1QEGWMTE5WD1Y
content-length: 135106
x-amz-id-2: BkkBij/ZGmZAjlArIrvjrkDIjrFvp6yU7p9NMvEvCyCwfJfVEx+TvnkUSQgPMbKYa1aTfGyY03U=
last-modified: Mon, 31 May 2021 09:42:14 GMT
etag: "049f99da0a928b3596b3740321058f48"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=1800, no-transform
access-control-allow-credentials: false
x-bucket: f
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 02 Jun 2021 06:23:15 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5DCB 0
0 161ms
94ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss07TznEvBNDqgY8_zwthRLfhSBrfXlj_3VE6TvBoQGxoKfJAyMeMrUhooxg3dVzy-aUV22j3e0J71LFsb3e40nErgwaikLMOo6JWlq0cxdBQZuR9QIGkmgQGR6Bh3ECcOMFczWIJn8TJi9-ZYQJDwHFdDlYEQ-t-HIbyVXHh-E7hccjef5vk8vPmVJEYoNQHL2mHYWhG6mYsef78OMDL3EHRJQiSxsAtm5fjoIlm8uhsCSFgHNnMpynoU6jLi7E7uVET9ZwXxKmI8Fj2kqOwaO7eFXcBSzpCic1Kg&sai=AMfl-YTEtUgKvnb3zAq-5OjRYv4wlzxDtcXCKzQkNkQ7r2DDEdKgqAYGim__PlF4-auRZ1gdHSyo--G12mRAC_qEDgv1H047Fu4ivUYjU0DffsOocNyeSMKM0zeSbm8wnNav&sig=Cg0ArKJSzAdbf3O_4Kw4EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 05:53:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H2 200 bLEYuDltajEdMip2AF7ky2T7cPC13odKRhdDN2V77B34rMvJdWMpRNh4i-Wke0ec7yvwiuvCmkQg2JKfenG7aUwgo9J29jg=w195-h102-rj-pd-pc0x00e9e9e9
lh5.googleusercontent.com/proxy/ Frame CECA 13 KB
14 KB 32ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/bLEYuDltajEdMip2AF7ky2T7cPC13odKRhdDN2V77B34rMvJdWMpRNh4i-Wke0ec7yvwiuvCmkQg2JKfenG7aUwgo9J29jg=w195-h102-rj-pd-pc0x00e9e9e9

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ec212c70d83cbdfea7007fb33d784082d28a61e137e9c20a9e365fb645632452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:17:15 GMT
x-content-type-options: nosniff
server: fife
age: 2160
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
expires: Thu, 03 Jun 2021 05:17:15 GMT

GET
H2 200 12435013937925991450
s0.2mdn.net/simgad/ Frame CECA 14 KB
14 KB 31ms
6ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12435013937925991450

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

064d1fccc6b0fea2bff603675caf892cd275ed4f583330557b9cae27cac29395

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 31 May 2021 22:20:08 GMT
x-content-type-options: nosniff
age: 113587
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13854
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 20:56:53 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 May 2022 22:20:08 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CECA 42 B
118 B 28ms
27ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B-MOS0OKgPb0l0gjUrc3_Z6dxKRU4irrs8e5tOY0Ck9GVgyfvrpLbPPjjFU-LMa7c6D0TnRTgU3qrfVUi7lPFIPBriVwQ3YQhmBvkxUYG2S96kQJoichKxuCqE7_QRXR7J4Bq7aI2XOk4Hzs1_1a27rfPKug&dbm_d=AKAmf-AOvalsV1krXaHycGYRMVBFIYJ-kKRzkxVwCGhG2PWZa9DcpvcjmvGnYZ_McxQ6rI3eRF5e9f_TV68T_yfqHR_rd5vayhnmy6mPiOu9_ajbW684e9dqUoItTOjXoK_GWnhmSQhk4PLiDvjz-KHGvcWHjD39eBQUBE7azj-e2CxifzTEj1PQAUtC2fv6RUiK6cmK-4oeKC9ct5g0KulA00KcD_4bFeGaT5LvCqKj-3YI1h30X2bIU-Im0kpTJi652cYMYZ6itmBoRWM7eHssR3_V6-zE8z6jEhaRlMPdLUQd9IEIDoFfpKFZlAiGgmInf0E7_0vcRNqvLRokEOADCaR72-G7HF5DnHQx0VahUhC0CndF40dhkJE5QdDq4EZoXGZeC8J7Rr-Wmzd3q_slsie-Gq_sCqWv5-5LThXu0Pq82kVkwbQn3ayxD1hnW-KtXvWvkHzuWS0PPKOg6h3j5CVtXsGp1UMHgiUq8IuMH0R8DQJcjBjyH8rdlbdehfZVuesDM1TqmXLlCYuOs3uU_bQL8mSLOUXadLwpZDhtS5baN0DulDvtVhfpZzYDxKY5dM9oyraKxhRzKAyOkoXhny-L5QL07GXj1-TnnmnWQ9wT7Xop8Jk3ZkHiYXGxLKiJW7BRU-1ctSP9FsfZMZkbA9zvqWpGxttfhCIs9zMVKfeEz5Y4CJWkRTDVL5cG3vVv8_RWiyWHFCf2nx086X679H_sMEao5RkRES2YAxkZOzWUz7c5S9qbj3uqPt8HPKr6Jwfn0FOa2X6Y0vjuxtNps5SA19z6gJdYVD_EetUM6EOngNb6Bz7C5OWbVSHUiRcYI3dUFQ4--Cyd0l0klyrZnId33dvfSzZIu2eILdjrSTdfm5MUeQNfATIgPBAuoAn_pk3XMLmM-7D2vSwvsFuvV3fnHXHjZ10JvurRD5aBE7HvYENaN4hEM8EivQLqe5xfActVd_GUtQHqDKJa9bfvTO50j8lOpl9gr2zJ7DzcuZ95_6blBwA0jVrXf-CgAE76-Q04anmRArQTSPNzYS8u4oc9jg4flnLrGYRHWI-LgsjVmwIk9OnrPlOoWFK7j82uiMfNr4hrM3fWWNeUuh-eNWKbscYXhAXJczoULAzi6795H26twYbFyh1hHJuNg62l2bIJ_o5rDfFJRFNT1bDqtLLw2NfMumThKK4WLu-XIClKHQ0njtddyJcICPfQCRN55At5-pLqV2Mw0ep7zUr-EKHcPRNp7vNS4URcDuhzcEajLElvz4uEnJNNGZvulg_tD01nMF5mbDZMi9OWta_wIoOYgwh5NS32GDXmEJceds0kHgklk7DXGaB1W1CoP6hu8-x76tEbWV3z7_GFambLuFbGvCuLEegJ8c6a8uJYSG7MyzsFrJSIP0PHdjMtIaCvf54ez9bscDF8wS1yR56CNc_BKLFO4LPRQVPuj7KnR7nwMWG_OsnJ_EttVtCRJj8jEmNTWMYcAci6hznnlttuY8oFAyjhUPDU2eSe2FgR0FpMr3p7bRS9sqBT-KZ6_gndqFK6f_e-DuozARW1UItspW9EtdTg9-OcTG-eAGg2d_3kxMlLiYLdoXVn6oWd5MmIzzAfN781gNdfOHSdxg-w0GBxC3t7FzfNgr6zbb2n0l2v3ue5m-2q3fDkRteBiNFCo7sVi2H8rbjjmQ2aZwH_wXKC1eTAZRR5AT_kye5PSxa8D4i3OHrpofaJeFAcyRYGD3w72DsstvhO4wmS1bpPhU74AsDGyn4pjmnCvjE2lU2Ic3-DnVZnQtW0rHyy8L3d4JT1bjrwb5TRjGudDNawLO1E5VVMLysLDKqV1YgVGq5pYLMM_C7yBjxlVC_GQ13HW_j8sx4WGMqzLlupbxb3i0nZNbQWrokJGyK044PEMtdMS_um9zIPDydJeZg5FZoxRJZ5yK35kmP4A5gzL9I7x9SpjFAWMP0I7-Xge1nw0HK2O9WfRWS1-qfQ7agq_5U_gGAa9xkHJDJ2IAOuFHn-HIfB_knRy-VZcwB66bzJGfvd52M1B3S5z9-F8qfkmfx_24JlXK8Qx20JWcsFnC1JKxRPmV0DYO9h3jpNf28tQhKjNEnKK1ddInAMdnrgUsFQxFi58LVCUM9e_NYgmDBqtrnpa9sQrQ9oMV9b_9x8A9f0QztEKnAukaqhHQ_aRFz5ctTAn_H9bm1IVPHgHlKxb_AtbeJL50k7hesoYc9YiJJ06-VcR9LGLw2lNIyadclCsP2fz49OeRoeiSbtffuukKFUPHRk93eRtfXEv6B53pRkMqufTIYvF10cBI9m2FYBn2DhjvTvj_m8LMuV_M_ZhC7kGVaYwz4QjY0fLVHyh8StaI6JdyE0JQZ9McS4QWDAv15dc--ths9ep4BofDqfGs5vb14cnzH2me_IqTsG3nDETvl-S5XiHt0-YDwOeVi22OQqHSTEtrvDSF5TamgdCQpj_mMZ-ChBFCDCQF_M_TrkewHjLbSAJU-IoM_acTn6T22cUUKv-sl0dNcElkfpfNNZ65OO3qzF4HRw-cujC20R92JDQkGKeCg2ARYYMU-nlF8VwyEaYtWjF14_-owBiH_9Pn8jK4MwMM6mpuxPtYDaGdcljFny5OC8hVPVtRmSYaS2UKhCMkoCsQ6fIOZ5-ks1aqdLkg8PyltavBmZpBog4EDdELfzeHYXKX3xlJxM0IqoMtPh7bBEUc5wFB7hUYKHe_TybhVkWx7W4vPBIwbKtmntx9KaCdF2ccVSoUKty6EBnAHOq0noaYM4X0GMiJBJWZDRswt0BZEl_SgDWi0npdgIFDZfCTRviLvMTOQsRMTgSoFCtS__zyMEmxU4JT1BalT3hJ4vI5DKxisE4gmt1fDx5xujkEQ4LU3p9dFMdP7oKb4fEE0AVXQhlC5Ym9AdSzy3Q8EfbNtz6Qq1_eAjDYoWiVORey2-cr4qzPyduccbl7PSzbF4L2-6arytaDiypxMh71LRsc_HxFsk5QaglmcXyJII3LptvRv1duLkNKZ4dv5FORYnj9MS_dg6z2zxLt3hc6aXEfJ-TNE8UoVDAhr-Wovb2ESOgURWFFaPLHWQvd5TaLx3wzq114hhDwu_mbwl6akJdHMe7KgljonQHmXW3AI3Nq_gj77sjpqPrnO04KmLXI_R475Xeb_Tv9xw-15BaPw5bwJNaSLfkuKRx-SLh56tpR1MYMiSbM7pPVKvsCXTs6zdz-zT8jLwC1xTd3bRh_WzuGmvsc-MHSwEiloY6tTRQYxzgL6AuovLh9kE9HBeTPCixh1Gx2Tq4JMMyxd_U0uOdfPphPIpucxhqDFOJpDbrWkabHp8r-zrJtVZAosY55s-jhKiKow8w2mENUxkpPWOcrEFcgD-JF9CA5J3o3A&cid=CAASPeRodNxwc2WXozhF1VLotETONoTbufuUvnAp50iMqsu05R6TAMWwjVtGgRCy00MWyqyP2Ksy1CRGQtNGvY4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CECA 0
0 69ms
68ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COT5cyhy3YOn7L6C07_UPi8SViA6f-N-MYvbp3vS4DYTOyKukIxABIPLM-Exg8a38haQfoAHs4KrBAcgBBqgDAcgDmwSqBOMBT9DQcWTd-RULG2RNPNFKi8KJ9Hd5CWb8ZVR0FzrWp8xxF6N59vlr3qVnXMFx1QNmwluPQVpbbbWxKlQ9SK17BWg7okAz0clPWn--i15ZkG-7OxPjlot3MBWXKjWz0KQIksanpYdR7aV0DDuCd957eRTuLr5jfEMnRBSEL5nLFTI5YPdSm6S5f2VyryelBQgqyKywbbD9-1zMlqqeH7P3DL_gkQGhruLGAI38_jhLXv6B9OVhuW9cyva6B6qOefEbg7v0vBUh64HV6Osal2R2BbTgAKue9-eqTG7VUR0q4zwAXGbABIKl0bzJA-AEA4gF2o2U-S6SBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB_ye1b4CqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwHyBwoQuNkqGN2kyKAB0ggJCIDhgHAQARgdgAoDyAsBsBPG5NULyBPb_9YJ0BMA2BMKiBQB2BQB0BUBgBcBshcaChgIABIUcHViLTQwNDkzMDI0NDk2MDEyNjk&sigh=D6Ok0dY6bec&cid=CAQSPwCNIrLM7-h9uKb0ZsMi6vdI90rFte6oEyew4PoG_m2UGXRslENjv1Py0m5Utqjy2Bd1dGweMiFi0ozZFFGulg&template_id=509&vt=10
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21D1 143 B
245 B 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkUn-24AWRBsxSzF_tQKcSkHUmeMmkgkSt97vYkD7ocksm_Uyg8oTkuPvgr7mk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 02 Jun 2021 05:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 977
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CECA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 999cdca203e2acaa4a5a336d9e2cdfac2402610d8691118d349b351db8edbfc2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 433F 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 02 Jun 2021 05:53:14 GMT
expires: Thu, 02 Jun 2022 05:53:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BF96 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 433F 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 13581262519725736155
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:37:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 433F 8 KB
713 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 05:32:50 GMT
server: ESF
date: Wed, 02 Jun 2021 05:53:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/ Frame 433F 14 KB
3 KB 27ms
6ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.css

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 20:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33074
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 26 May 2021 15:26:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 20:42:01 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/ Frame 433F 352 KB
123 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c1928faa8d6d02957353b3d37ef93f1807b952d66f209b3ca5a7da823cd487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 02:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125173
x-xss-protection: 0
last-modified: Wed, 26 May 2021 15:26:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 02:04:20 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 433F 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:15:11 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21D1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

28ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkUn-24AWRBsxSzF_tQKcSkHUmeMmkgkSt97vYkD7ocksm_Uyg8oTkuPvgr7mk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Jun 2021 05:53:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 02-Jun-2021 06:53:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Jun 2021 05:53:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Jun 2021 05:53:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 track
t.teads.tv/ 23 B
143 B 216ms
94ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=debug-bts&fv=763&ts=1622613195645&env=js-web&pageId=86576&pid=93770&auctid=7d749ace-148e-42c2-b2ef-fbfa4f1880c8&f=1&debug_metadata=wb&referer=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
113 B 222ms
99ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=7d749ace-148e-42c2-b2ef-fbfa4f1880c8&pageId=86576&pid=93770&debug_metadata=6IbSiqlRo5&fv=763&ts=1622613195649&f=1&referer=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 215ms
93ms Image
image/gif 184.30.25.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=7d749ace-148e-42c2-b2ef-fbfa4f1880c8&pageId=86576&pid=93770&slot=native&fv=763&ts=1622613195658&f=1&referer=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1622613195663&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_s...
https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1622613195663&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_...

64 B
332 B

84ms
84ms

Image
image/gif

52.222.158.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1622613195663&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=52947560&cs_ucfr=
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-71.cdg52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
via: 1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: YPJXBhqYummYMuelaJH_uRmkx86IjETlrxpzKf4vNTkSnTFW7GNPPQ==

Redirect headers

date: Wed, 02 Jun 2021 05:53:15 GMT
via: 1.1 10150f1f3768fd868d31d5faec2b61f8.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=17198971&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=1622613195663&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=52947560&cs_ucfr=
content-length: 302
x-amz-cf-id: oZEWbvWwdTJPA5vrPLYMY-Jg5inCOKLbJR8N1wKRDaLB8VTgo6QRYQ==

GET
H2 200 ad Show response
a.teads.tv/page/86576/ 519 B
560 B 91ms
91ms XHR
application/json 184.30.21.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/86576/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fewn.co.za%2F2021%2F05%2F31%2Fisrael-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu%3Futm_term%3DOZY%26utm_campaign%3Dpdb%26utm_content%3DTuesday_06.01.21%26utm_source%3DCampaigner%26utm_medium%3Demail&page=%7B%22id%22%3A86576%2C%22placements%22%3A%5B%7B%22id%22%3A93770%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A463%2C%22height%22%3A260%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%7D&auctid=7d749ace-148e-42c2-b2ef-fbfa4f1880c8&formatVersion=763&env=js-web&netBw=9.3&ttfb=33
Requested by: Host: s8t.teads.tv
URL: https://s8t.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09988ad87852ffd76fa95bf960531a7dad23214720b681e9c25d51c4f958c54c

Request headers

Accept: application/json; charset=UTF-8
Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ewn.co.za
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 357
expires: Wed, 02 Jun 2021 05:53:15 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 433F 0
331 B 1056ms
383ms Ping
image/gif 2404:6800:4006:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kpf202pc&c=454289024134&slotId=227144512067&qqid=CISP65ih-PACFaLnuwgdBacIhA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C75259405%2C75259407%2C75259408%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:813::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:16 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 433F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:49:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 25408
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Wed, 01 Jun 2022 22:49:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 433F 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 76781
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:34 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 433F 0
446 B 59ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CON44yxy3YMT9CKLP7_UPhc6ioAjf_Y_VYvbp-cfHDfAuEAEg8sz4TGDxrfyFpB-gAc68qowDyAEFqQKjaxwsOjyAPqgDAcgDmwSqBOkBT9D7oT1iZBezwyBfzj1oGfQKn4kLosXFowKaa7PrZbpxXRzTIzxoDZkrDxnm0M91QTSWZKwucZTBhDsj8YshlqQixr8VRTs2VHd-LftWp80P2M-GmlwdRn8kEzSv2UGNm1qXoaBJE4ceOdf94YtIKelJPiKdMSFEfqX3hme266DPr0aMMLsm9XUlBB3Ogu3Pk4lKdMVwk3npHIf4wP4m6qt6eKIkGWmeHfaUfWBOQVT4OK5NXJtmJFbT-MY9V3LrP7oBeLhbRrSScnvCI-QqdlYRscHWIprFpzaZFZYfihTL_Ol9juZtjobABPX805fCA-AEA5AGAaAGToAHmsPVc6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATrr-hC8gTqIzkCdATANgTCogUBdgUAdAVAYAXAQ&eventType=clickstring&clientTime=1622613195703&ai=CON44yxy3YMT9CKLP7_UPhc6ioAjf_Y_VYvbp-cfHDfAuEAEg8sz4TGDxrfyFpB-gAc68qowDyAEFqQKjaxwsOjyAPqgDAcgDmwSqBOkBT9D7oT1iZBezwyBfzj1oGfQKn4kLosXFowKaa7PrZbpxXRzTIzxoDZkrDxnm0M91QTSWZKwucZTBhDsj8YshlqQixr8VRTs2VHd-LftWp80P2M-GmlwdRn8kEzSv2UGNm1qXoaBJE4ceOdf94YtIKelJPiKdMSFEfqX3hme266DPr0aMMLsm9XUlBB3Ogu3Pk4lKdMVwk3npHIf4wP4m6qt6eKIkGWmeHfaUfWBOQVT4OK5NXJtmJFbT-MY9V3LrP7oBeLhbRrSScnvCI-QqdlYRscHWIprFpzaZFZYfihTL_Ol9juZtjobABPX805fCA-AEA5AGAaAGToAHmsPVc6gHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YBwEAEYHYAKA5gLAcgLAYAMAbATrr-hC8gTqIzkCdATANgTCogUBdgUAdAVAYAXAQ

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 433F 28 KB
13 KB 210ms
83ms XHR
text/xml 66.102.1.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AcwC6dlPl58oRcUxh5nnNLNhDbOGrTmGHujj4kw7E-y54kaYGbUvWGKf5CW0uMpaSQ0dlA4wKDBnT4zXehfMxg_kgX0A&dbm_d=AKAmf-A_O9LI-1-lL3biWTkMco_RrLgDjkkdzt9dZ57_YM7gHjz-IKulsboIYYsh2Ma9Np-dQRh0B2_dvOOal8CBCy6Rs00tyqgpAY7reOSBu8e-b-R62wCwDW1fwmHEMkGDa_VOtXENV7qcVOm2QsCKZkn40dz5lz01_xPiwnmqVGdQWlWa1Hn2BvrVEfnVFpSQfe5nC5K4vRoH6RAQ-LM4KPDyoyP_03wqDaTjfEabvtnoTCbZpjLc1W7fLWBgMQXT2qBsDvwQLeMMapg6ekhGK7yU3bOmfMWNRzrV59lO5O-zr8DM61fcoSN9m490v_TvFUzn-rfZ5dkZpALmSo78e8kuTzOI_K3gP0_E7lglOGXUco2QH1WmmIjb16-oPRk-X00wyQjcBk0AbRH-VLbORr_lf4J6PjQjCEXucITSYaQQsT8KLZ1BahHgpT7Rl5FWQ48HL3rHAOfusBx5ZXskQFCyEpxmV3ulxXXOZA6FcGwOEcxZV0lHHEoHCrtzV7Qlj8EJC4lDsfzOp7oTrPwi3JnprK2N6z_JtXHDma12zYQNeXnEY73OpIC6bYoieUvYOfbb9Is5OBke5yXQ-iAAfDRokvR0zrmuIKE1HlcqSKZartd-5pHipvsC2w85S5_cs6gx14keKPe-po-LRbojjWxLKaQt9_1Ok_Fs4KdZx_6URaNjxPFAJt6TPhUxN0Qjc6iW4_5X3eZIGIPyEk4bBYOEXcKa3sC1cnXtRNuUsf9Bje5lIj_UDTFz3P6owicBwZzpIYnQzSSJrclU_s3ukk9q1bmkl6I7vysgjCt4xRZUai-Z3_q0vLyqByzl_rWtNLaa556AGrWLcnsHwtNhZRctlRlygQRS_Q25boi2rlCQYPBa3zj4UJhvDFcKpGe0z6XUTluqjcDNnL0V7bHSn9MNYEMZ3-le3Mcv4kH2Mn9Kjg9fj0NHcYoqLCQhJqZa8HwOzsuQlLz-nHrftL5coFD_Y7t0wnCaTCdfwjWS3tXZAlJfWlTVbzE_m--RzfUa-XLfmfKW--wzJjKz1RUtx0P8LhN7mRl_GFY55rabx4P0fWYv0qQvKSiZR1su6qAgWc7OaV3NYP0t-1oEW86gExrpw8brupAOS5wJ18s2s6VHDszYrMYgp9XRYBse3J9787_6AJR3OFqMfN0RkMGiKUsjd4cd7v15lNLRYe8QD2AE-l8NrrkLhHWnk1uE5uB-ESoKFGx3A50920QEBG5Fvn8d20YDp-wZwf5lDnC5H6gfXyMfP03MSCAcXcGK06-x5hFPPYzd3bbEsOH25ftWIrsl6gjTe5opZHogTJuRk7UO-nzojLbBcSDKBgnYUpla5cQh0ERHDG2nkIZYMs5bLwAY7umIkGDff9hc02M8hG2VnYSYVG28A5GTDrB7wnUUDIgA5699-lgfKy09lC7fqbjQiIM60PVmQmP0bBJjRbU_mHGzhxNXwM1XM1znKfsQDrxJBk4SKsgPKoikFCyqfSqn-ZWyNvrLRFKJeNRLMrG9yb9N4UpLJEkA_21zVXLOnxNNNio7sExQ3IWZWPJEefZYmBiKZSHnid9s1UW7QMhBBuLQrn8xso-WwH0PhQCdNyVn84m7Gk3xVXocFSEcr0oyDx_HG0TjmA0Q9GQbaNFcc31_Bebdzg6-EZ1iQG-cImJTnSyq7VGScmfPnLVX70T9mQfB0J6w74oPZSqib94gMa7nF94Ugjurqp1K7_4UG9g0DVE05vOEcRvQWqlNpdf_xj5LuJXo-IZIsVLsHIsezMOzpulVdsFYZlyDNfyjG9l3Q1df-a9WKqV0_2cJUmVH-KzdYrMJVimXtUdKVvXojOukuvsF0Y18VeRXqmtSsXvx2yCl81l4LnE8eM5sdmhXMDFHQ5ENm6HiaQbALrdra4SfAgdJa0hPEC48GgmGltD9nzG8b-yiRDl-ntatbnqDuTTXbBCGBQgqhCHnVRsMylL1brTRU-Sf42iVZV1eucuG0cXEOXj2ryqTDuOlunNNb3qrDkZiSw_o-Tmusu1nPJSNJ1t4C5RVYsa5xJzN_ztxKZyHZT-yW0Z7oelFN1xiARsUkVL4P7Ymd4ENaqiHCKJzkWZro5CzWh46DfO4cUkPSHqB4WES_IpmLjRJUxjgtLIpg8qJl0TxbsmwNpcxUqh9n7rCsjNzdftrLb1H-KnbswluK_IZT7AehjKPfP5QzvdSG8K6P-jtH6zSGGbybxWAJSstYfnoZ2LunhMj9dXvLl526gDp14bx4opJU0YHCmZHLaVjJSV9PfVIZo-XFNgLwFuFDDgDaOQMSXBWJHtIR7LUVrRDEcZbKAyGmZaUnmAcRfLGBJMcqDqGTICM_XPdvJQbOdikjm7gixTLljXoedUBlmI7SftNDzIigN1eIl9AI1plFaOhssz77xYdsvVjLbwK6nHKtZcfT3fg9PKTzkPbwG_XRRXVFAozC_OIEsZu9vHgf1gATJdoR0_CXJjOPx3HyO9cIySSBbnOVWppr68KXt2XhLFp9QH-NW1AQ7VuO_tmtbyHxRnRZN8aN9i7oyNrov2RJnWSvP1UkkfigofXTQXHWQOW0fo7pGul4LYGv5_7mzheB1oNZFl3eCs-0PudnoaIHq5OC5e9GbZCz01u71v0srRy00xxjED9TbQp5DlYqPF1CaulFTCVXr5BlWCPU98vgrTTM5oGmQffrQZ-Q6S2e1ODiYBoh3cMJfEhad4YTYUlJmHn-Uqp1baXlFenFfipjgEIqZhghsTI011QofBd_TS6mQcRCjNjqZxvbhGM-3TMXx1R3B-IIx6cxCWPRjY3-IlnkJPkSo_pDCVzqw7b_EqphI9Z36dyEwo2wDa_nzt6xkM7QMqAQ79fjGTf0m2jpbwHnwfFPIAgM4PBpn8EJ0BqvISwrSa3fJNFcvrbzLW_5RaF57mNnCsjuze2cYG2oHH6AnlnQ75ghUGgwVZ6gvDSy5PHjPbBytGo_ONa80BYmcBvie_Smp8FzLHlkOQxeWJW588p37S8TdBRSDh_6if6mIMIg_0ZBjDBbPPTanZfSY7JojSJ5WN6LupMiVrAfiWcDQyMtvk68j9lmr8F9hsKpfgv4qVVs8QlvIUEf96jGq-uh2ccm_JPV60430P95o55sBq_DrWLSu8qFYeWOnwRObq55Q4CEAs_kGG8REebHAe3LuChXsJQ6gyg6Otjk91EZYQsHEBP5zV_OrFKibVjRSc3tJJ6F4H6hMWtXefsf3LAJL1KTNIWvE8ps3NtXKjSizXJurOjmXDdJ2JSa6oFEfia39c95jS7NWo5sfL9Tzz8F2UpN-T3wRtIJ0iQLkqKMlaPj7EYlz498lFZXq00IgBy79zJ8-Hky8XgK4o1DVEwzsRsVs-ES5E-ViJwav7NwfiTThSdSQSbBTaUGiFdMRAUIHzgDBHvxWQq8kjTSkTBKLwg96MUkJ8&cid=CAASPeRoX66FYIQ2C6q7RK61VtNRcwfEDJhB07y1t52qhdzFicMN3M6KmPXgHtCH9oNQvvyYfYzYUmmsXJR1Hx4&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f154.1e100.net

Software

cafe /

Resource Hash

a4eb45b4104689082ab92ddca656d230dc29c5b6625d085a729f34c71bde70a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12889
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 433F 0
0 91ms
91ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2u5gyxy3YMT9CKLP7_UPhc6ioAjf_Y_VYvbp-cfHDfAuEAEg8sz4TGDxrfyFpB-gAc68qowDyAEFqQKjaxwsOjyAPqgDAcgDmwSqBOYBT9D7oT1iZBezwyBfzj1oGfQKn4kLosXFowKaa7PrZbpxXRzTIzxoDZkrDxnm0M91QTSWZKwucZTBhDsj8YshlqQixr8VRTs2VHd-LftWp80P2M-GmlwdRn8kEzSv2UGNm1qXoaBJE4ceOdf94YtIKelJPiKdMSFEfqX3hme266DPr0aMMLsm9XUlBB3Ogu3Pk4lKdMVwk3npHIf4wP4m6qt6eKIkGWmeHfaUfWBOQVT4OK5NXJtmJFbT-MY9V3LrP7oBeLhbRrSSciPD0Uq5jG2DQnkmCiU13Y5aPCbcnsAGyD2Yh_7ABPX805fCA-AEA4gF_LPEuy-SBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB5rD1XOoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAPIHChCAuFoYkJTjpQHSCAkIiOGAcBABGB2ACgPICwGwE66_oQvIE6iM5AnQEwDYEwqIFAXYFAHQFQGAFwGyFxoKGAgAEhRwdWItNDA0OTMwMjQ0OTYwMTI2OQ&sigh=lDGgq7GV0Mo&cid=CAQSPwCNIrLMHe-ue0zIIsYaLF7r1agl94nCXUA7AvSxH0g18ox_WmFCZxGD2RlWBM9KWrlqhXSINyM8hCMQfmfxgg&vt=10
Requested by: Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 433F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 695a501a114604d1b2ce883aaa0da03935f36e7f7f79db45d949a4454985c587

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 6ECD
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
571 B

7ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://ewn.co.za
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 545529
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Jun 2021 05:53:15 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/675D)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Wed, 02 Jun 2021 05:53:15 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Wed, 02 Jun 2021 05:53:15 GMT
x-transaction: 3460734015c26f9f
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-connection-hash: cbeeb2e9370e9d27c754b2c5ee1533ba5f9d98135e0c7bf081ba222be9a0bbf4

GET
H3-29 200 container.html Show response
2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5575 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 02 Jun 2021 05:53:14 GMT
expires: Thu, 02 Jun 2022 05:53:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index_300x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/ Frame 0DD6 164 KB
54 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8764c408352d6663938ddda0e8f3b535e7fab9ffc600f2be64a70eb4ad0d6a7e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Tue, 01 Jun 2021 22:00:42 GMT
expires: Wed, 01 Jun 2022 22:00:42 GMT
last-modified: Mon, 31 May 2021 13:11:38 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 54964
age: 28353
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5575 0
0 91ms
91ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CV3d0yxy3YJC5HbyU9u8Pid6noAfx8rCZYsjP6-yfDt7ZHhABIPLM-Exg8a38haQfoAGFqfXMAsgBCeACAKgDAcgDCKoEtwJP0P6UBh4rFCrg_OEeBRg6lhVxvTKZ2T8pIOw52w9qv-T3R0cZjs9V92D5BkBi2vMk4ZppW6Gjg3I2W5Sogws6a-7p5BRkc5bG0C5nMFNqwpH337ghdqgxEbn6KpqmGCgmuSSwyvdRdWQkVVBJdV4XcTDKxsvOLn2t4eHnB1_l-O-H__cq5YPLrtlPQtQ0quPliKUneA3Qd2-tmgKSMXP-ie6z3DgZej-QRQY-vE5pFRX1v6edNXwYaLFpa-VCICISENKRz9DAbtNMjgCqQ2CQbdxXatVY1NXzKGJxtCSl2QWFwaLQr06kewvzLn5UM5WqK5jZAYXkk84_95u9X5lwTL1JgeBHfSfLVfWg75k_yCPunqt88OyOMoaHZRmfX4Yrhb9u0pu2P6HQr1rcDFlLhx_s6pwU3sAEh6CDzssD4AQBkgUECAQYAZIFBAgFGASgBi6AB-PWirMBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEOndDdIICQiA4YBwEAEYHYAKA8gLAdgTDdAVAYAXAbIXGgoYCAASFHB1Yi00MDQ5MzAyNDQ5NjAxMjY5&sigh=qHrj1aPf3d4&template_id=419
Requested by: Host: ewn.co.za
URL: https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/ Frame 5575 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/abg_lite_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:37:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7025
x-xss-protection: 0
server: cafe
etag: 13581262519725736155
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:37:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 5575 2 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:38:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:38:23 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5575 121 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/ Frame 5575 13 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210525/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:15:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Jun 2021 05:15:11 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 5575 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfQ-yhABFvu3QuOuV5eqRS2fOGkh2ZlEPP0Ie-mKYXQjN978TpemExMiIElLfRmZSVtbOi
Requested by: Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 433F 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:32:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1249
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 05:32:26 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 433F
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

26ms
6ms

Fetch
video/mp4

2a00:1450:4001:5f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7693663B34307C2DBE406ACCDF24493357A43B58.520A0169B290257988FE26563B46665E13AFCC1D/key/cms1/cms_redirect/yes/mh/U-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsz/ms/onc/mt/1622612903/mv/m/mvi/3/pl/50/file/file.mp4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:5f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 02 Jun 2021 05:53:16 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 891162
Last-Modified: Fri, 23 Apr 2021 11:26:23 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 02 Jun 2021 05:53:16 GMT

Redirect headers

date: Wed, 02 Jun 2021 05:53:15 GMT
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7693663B34307C2DBE406ACCDF24493357A43B58.520A0169B290257988FE26563B46665E13AFCC1D/key/cms1/cms_redirect/yes/mh/U-/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nsz/ms/onc/mt/1622612903/mv/m/mvi/3/pl/50/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0DD6 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 04:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 03 Jun 2021 04:11:51 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0DD6 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 20:37:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 02 Jun 2021 20:37:24 GMT

GET
H3-29 200 image-1.jpeg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/ Frame 0DD6 9 KB
9 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/image-1.jpeg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c414655d127bbabaad5887460fe6f7fc54c54d5aeca07b2c31fb3c00c2db57

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 64322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8753
x-xss-protection: 0
last-modified: Mon, 31 May 2021 13:11:38 GMT
server: sffe
date: Tue, 01 Jun 2021 12:01:14 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 12:01:14 GMT

GET
H3-29 200 image-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/ Frame 0DD6 10 KB
10 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/image-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a745159402301275c821b80bfe6d1a1d3e438e833de21f4475cac35daaacb637

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9976
x-xss-protection: 0
last-modified: Mon, 31 May 2021 13:11:38 GMT
server: sffe
date: Tue, 01 Jun 2021 09:20:40 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 09:20:40 GMT

GET
H3-29 200 image-3.jpeg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/ Frame 0DD6 6 KB
6 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/image-3.jpeg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff88c77b7254c4a9af49255c516be39f8fae0a1eb127875230ec123289e0d412

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 73956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5716
x-xss-protection: 0
last-modified: Mon, 31 May 2021 13:11:38 GMT
server: sffe
date: Tue, 01 Jun 2021 09:20:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 09:20:40 GMT

GET
H3-29 200 image-4.jpeg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/ Frame 0DD6 9 KB
9 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/image-4.jpeg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ad1863fa737fb975309cf5534336966a413cd2b2ccacf4601e16e1c170c086

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 15840
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8938
x-xss-protection: 0
last-modified: Mon, 31 May 2021 13:11:38 GMT
server: sffe
date: Wed, 02 Jun 2021 01:29:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:29:16 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B7AB 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkUn-24AWRBsxSzF_tQKcSkHUmeMmkgkSt97vYkD7ocksm_Uyg8oTkuPvgr7mk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 02 Jun 2021 05:36:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 977
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 69CC 23 KB
9 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 01 Jun 2021 08:33:34 GMT
expires: Wed, 01 Jun 2022 08:33:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 76781
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5575 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9ed90947cceafb9aa2cb4e3153fdfb7b247f9cbbeec1db782e957eca11c3f2c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0DD6 2 KB
536 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6743790100231513062/300x600/index_300x600.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 05:48:08 GMT
server: ESF
date: Wed, 02 Jun 2021 05:53:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Jun 2021 05:53:16 GMT

GET
DATA 200
OK truncated
/ Frame 0DD6 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f451845a33b6518fb307714fabf90f791252b0fc23395857f52593b36c9310a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0DD6 25 KB
25 KB Font
application/font-opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc17e9fffa7d9103924b1196491673dc298e7e9ebb4c697ba22b291458f16bdd

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-opentype;charset=utf-8

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 0DD6 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 08:33:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 76782
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Wed, 01 Jun 2022 08:33:34 GMT

GET
H3-29 206 file.mp4
r3---sn-4g5e6nsz.c.2mdn.net/videoplayback/id/4327b21cea094483/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3763625185/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 433F 870 KB
870 KB 13ms
6ms Media
video/mp4 2a00:1450:4001:5f::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:5f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

afe24da299f2b06371d3d06d9f4710e2d857bdc040719f5f392c34862d4f857d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 02 Jun 2021 05:53:16 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-891161/891162
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 891162
expires: Wed, 02 Jun 2021 05:53:16 GMT
last-modified: Fri, 23 Apr 2021 11:26:23 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
client-protocol: quic

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B7AB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
13ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
URL: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkUn-24AWRBsxSzF_tQKcSkHUmeMmkgkSt97vYkD7ocksm_Uyg8oTkuPvgr7mk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Jun 2021 05:53:16 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 02-Jun-2021 06:53:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Jun 2021 05:53:16 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 02 Jun 2021 05:53:16 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js Show response
pagead2.googlesyndication.com/bg/ Frame 69CC 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6vmH6gRf2UqLiW2PAyrCu1HDtbEhJxjO0f7Ukk3E6CA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 23:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 21639
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5787
x-xss-protection: 0
expires: Wed, 01 Jun 2022 23:52:37 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 69CC 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BW-viyxy3YM_iNZa1nsEPmZmlyAoAAAAAOAHgBAI&bg=!SUqlSg7NAAaMan2LjGo7ACkAdvg8WqcPV-eqdVXjFk9Ce9SVYKtJfVCJm1Qzbi8ogwaJrLQlK6y3xQIAAAByUgAAAA1oAQcKANI3qVnQYz3WEDkJPhhjb3dWoYI5tiw9JH2y3syjKG6bcdWDwppV89aDvcqBp_utEmoFr6XhUg3P0n7bZ9IV5bsozG5-L8Eu78xijAEAOhTOo1KsJf3xD1cHmwAQ5mNpcOOga8xm5GOIG4gYMMbFHDUdT0WVFxEMbOGECdecFH9ZzKre0PP6iIicaRSjjniplHfqEatqrEILoA5ssMT6mLrPqIvzzYe25Etwia3EqvkBszYBxyiHfwdJNbmWR_2MUPYCVowZIi9Ieba1EztNaHlmYleZAovCoxmM2hbyg5nEBCBPoRvJ3XC463kN0pReh2vHXIxbz-xTf82VoR4RbIh-q8sYSOfOkPUcyjMkoBb9SWq_Txa1WL7wB4xJvlEJ8z6OFTtscVWiODWsodMcJTB4TBuezlO1pXKDwAMdYOzkf4-ilSxN8Px8KzmDg10wPuOeZDDxzw9edhYElICQRahKYn5scpk0oHfOdRzmquWjqNSZ1pD3pes6LieP-ypZBI6sR7pnSlVHtNo_ObCEGhPBVZOzAkqalXCaKBcpAiv0rI4OvINKWpXVEQiakRy4TfnwGpKuqaZ2g2oRzUNUHrYQ-AtPg8s-YgXAVvGtD3o08NX49AGZgNFoGCHAxqZ-9k_dYJRPTa67cpBWxiuHhCv1utQxoJZJJ9PGeJE9F1njE2RZs-m-EpWHOPwgBtFxhDluztLQX9FubbwZel5D7Hokh7V4a3TVY6Ay-dZRK_Z8T0_2BdeSV7h5g6-ofGwg1K9sdXVQfH3sx6IUMvlBvXKopgeSiGXZryzRj2XWCeSsXdpCcwUL-zuw7seb38ku98SgIvbBdTgBZUVr3CcaUOGn3nb2QqS8G6hpQI4eLcFnVOtYJo1vrvyS17XKq-B8VH8YioxHETGg9X6Lw9xXTpZt-6mla6u1UJ_2KNtpZSjI_sTSeBmI5ZF8qRnco8d_vo7xUIt18pBxg3iWJCnHY2G9s7TJCVoPYAsjxVClod1gqmihsUKazeOujSbF84TSd1XU5C2yWw3DQzDH7vfWM8LgTjDrsxevU8GRzPNqk50udzREtj8Eg4okR0ttFmKSUPy8MsXmQ7_zByhCbvJDliq4akQO4egD6-QzxxSdvz_zUUQxNf4VN1AAd-JRba8_wWI

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DCB 42 B
64 B 29ms
15ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSDEFcCacLCRHg8I-zbavfzbSV7LCDeEeq66JgszR_6Zs1uUPdDLy7RB2oXvDiI8S1IlMO7CXCczy8Odx4CY_oe3Ov42_6xv6ykQVE70E&sig=Cg0ArKJSzCyD1KlDZfRREAE&id=lidar2&mcvt=1001&p=13,0,14,1&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210526&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1317971659&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622613195246&dlt=0&rpt=277&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CECA 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss47briidbJSZLeGxTueumQxGmB-XgRQNarofM3QvVL8ecv3r82AmVYnCx6TXbUQSS_UTDRyObR8Pw6xC9BCLH6dT9h1PL1vvqGTDOlGbWLDBNlWnd2xwbgo3Y46w&sai=AMfl-YQADgmUNoYw0BKlB32BT06d0l12FgzcdxcmuJnRwneBkEHoCdlDc_qwG2Yp9dUsx8eKMq92A7vX3OJxOrj_yu5xVZc2ys3eg4i4BzjiGcBD0Ad1I4UqzzW3PThuwg8r&sig=Cg0ArKJSzAo1xUZ9I2VtEAE&cid=CAASPeRodNxwc2WXozhF1VLotETONoTbufuUvnAp50iMqsu05R6TAMWwjVtGgRCy00MWyqyP2Ksy1CRGQtNGvY4&id=lidar2&mcvt=1001&p=35,579,80,1307&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=548037379&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622613195289&dlt=84&rpt=230&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 433F 0
54 B 682ms
381ms Ping
image/gif 2404:6800:4006:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kpf202pl&c=454289024134&slotId=227144512067&qqid=CISP65ih-PACFaLnuwgdBacIhA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=984&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20210526_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:813::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:17 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5575 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssw2ODesMU4hRB2NTngQwpsiA4ZIX87KzKQaVOMSMWQ5OfFZOYte8gsUc1JyJ7IJDn3Y3dh55UPEGJrigBRDbGg1ZFPFh3prBJ8XwqKcRu8Wp0_e8pLk0aNtlm00A&sai=AMfl-YT6qDFAdZ6GVIp5jVRlDHmUzDQjs68XnNkrMA3pztbvEaUtALtDvAIz4rOZg-7gFOQYJscxxlMfc96-c4vr9YQXwrfcdTMdqFNqzHOSJPDwI-5WJVL6niaVRxlaR_k&sig=Cg0ArKJSzFBUksRZwt2nEAE&cid=CAASPeRoyD-IFFcBuS4tqGPBbtCBALVM3K6ko9QOjzhbSfMkwIjHFCjRt2NKkU-RAJ1EZXC5IRntkcq9LNFnEOU&id=lidar2&mcvt=1001&p=495,1006,1095,1306&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3919649435&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622613195923&dlt=10&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET visit
origin.ewn.co.za/api/v2/ Frame 285B 0
0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
7 KB 23ms
23ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5480ca8dc399138f987114fb67abcfd022633614edd129951bbe29794082c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Jun 2021 05:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7647
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 05:53:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 02 Jun 2021 05:53:17 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B11A 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 02 Jun 2021 04:52:47 GMT
expires: Thu, 02 Jun 2022 04:52:47 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3630
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3D1B 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fdfd643cfc2e489d98f2b86e4a2481abe6e7456a336e39d93d1b519765e06b4e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NzaMVgLA+rWPqCI4WAP9fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ewn.co.za/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ewn.co.za/

Response headers

expires: Wed, 02 Jun 2021 05:53:17 GMT
date: Wed, 02 Jun 2021 05:53:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NzaMVgLA+rWPqCI4WAP9fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame B11A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 11:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 67179
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
expires: Wed, 01 Jun 2022 11:13:38 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=612449239522763&bg=!qaqlqu7NAAaMan2LjGo7ACkAdvg8Wq_3R80oGtn-MX8FPCK50gem91auAr3e54ES5gi51CMimbdApwIAAABzUgAAAAtoAQcKASiALevFjte5L3icAlEe6LmbQceP0dNEwtEEdqFZT-1S-TSwheDu9Svikm7t6tcRS5MHWtHBklNgkynlGha-kjJXjouZya-WIoiPp66GwszwvJozjogMyEkPDSMPeJIkqsCra2TdQc2JKJBbFLI3A-V8JG1DgjtaAyY4CiVmp_fRJ29IpjnjcZ-sgfayC1EGqVJZO0oeeLdmrwCX4DVRqkzPBJbiCa4NjwUhBDzON9JfDkOqndlZQlfda-pY28dXN1LtvkDyE3_uvo2GjXAP0Y706lAnrsuvGij8ne9L322OBE8yxyuB61IAVG9fK_rHpNDUwbPSjR70lloNBZeQJlwHc9G8XbXsd0A5StaMrQNqfe_UXXgVem3WbJGDa2PNbhnCk5fu6t0kmZkCM6g7nxXV1aI8Tbwqe2SDKiGPx_iiaxk1F5IuSJSyfg4joGArmJjPBbGnAkGH0YkvdY3A0S3NQAFWqLMuL7qAgSouJYDVoCar-5uj-1oRk9LI-Vl0A-Y636sLRg_jwGWJ3yDlDb88XGx6THFH18Mz9TF47fpOTvRBXbLY99Tcs7Pa0UBMyyAOF8O66frzt8fVmmIjqBg0zjtRci86fgDGs2ce25p9iidI_1AFPEAuTt4Gbcy22GMkfDsShV7kJpJPynipw5KkHlO0-3RM_SLvc0AlcpnoGu0KDiFCWh0AP4e6iC6qS8EhG_OEnpB0qOGp117HrqXK9xT5P8NmK_HBgffV8ikqUDLfqkZCYwKC5St91k_Y_991e-Uvy5fcCeaCP7XKXCbJB3C2m_yHxj0dXsipOnTu8GmhJmiFwrsoYHkzuEbhIrlCtQ-aNJL0J82vXbHh4C3N5HXUsE9porYvA3FjLtjmB4zyjL0PV89h283kCDQaqy7KVplLJj8_jjqCedL6fI1_bJZeVWTbUj8Lbv2QWq8l1ZEZyXPybuSoQuWixV622RTrMfgGUFoKyQE__EXcf54SpN0iP2o3OM2qyZNChHZZ86sUdnUnYMGAK-I8bcLKkMPvcc05bxi7XbuRz4Ys_F9YKkEBWpHc4jOoNW2sQJ7iGSZxOh_2J74c63m8VS7uhpf3BRQuO692CJDe--Xdws4ZKI-O8ndoxn4SNdHtEnUThloz1iWfd-oUMykEFfoD

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 learn
za-gmtdmp.mookie1.com/t/v2/ 43 B
324 B 155ms
73ms Image
image/gif 35.186.238.175
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://za-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_107208&src.rand=1622613194227&src.id=ewn.co.za&gdpr_err=NO_CMP&gdpr_consent=-1&depp=7.0.1-4-eu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.238.175 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 175.238.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ewn.co.za/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Jun 2021 05:53:18 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ads.chargeads.com
URL: https://ads.chargeads.com/pixel?id=1292731681&t=js&data=url|https://ewn.co.za/2021/05/31/israel-s-lapid-says-obstacles-remain-in-bid-to-oust-netanyahu?utm_term=OZY&utm_campaign=pdb&utm_content=Tuesday_06.01.21&utm_source=Campaigner&utm_medium=email

Domain: origin.ewn.co.za
URL: https://origin.ewn.co.za/api/v2/visit?path=https%3A%2F%2Fewn.co.za%2F

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 18:43:36	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:05:09	Name: IDE Value: AHWqTUkUn-24AWRBsxSzF_tQKcSkHUmeMmkgkSt97vYkD7ocksm_Uyg8oTkuPvgr7mk
.ewn.co.za/	1970-01-19 18:43:34	Name: _em_scf Value: []
.ewn.co.za/	1970-01-20 04:05:09	Name: __gads Value: ID=2b4487e6c38e0033-223fa1b14ec80016:T=1622613194:S=ALNI_MZBs1Luk6C-LlhYzK3xgt9yI-QvMQ
.ewn.co.za/	1970-01-20 03:21:57	Name: _em_dmp Value: 1622613195124
.ewn.co.za/	1970-01-20 03:21:57	Name: _em_gc Value: DE
.ewn.co.za/	1970-01-19 18:43:34	Name: _em_ft Value: 1622613194781
.ewn.co.za/	1970-01-19 18:43:34	Name: _em_lt Value: 1622613194781
.ewn.co.za/	1970-01-19 18:43:34	Name: _em_pc Value: 1
.doubleclick.net/	1970-01-19 18:43:34	Name: test_cookie Value: CheckForPermission
.ewn.co.za/	1970-01-19 18:43:34	Name: _em_vi Value: bf8b3fea-2600-4bfc-ae6a-fd0dde8ee188-179cb48781d-1d112787
.ewn.co.za/	1970-01-20 03:21:57	Name: _em_vt Value: 304b89e4-d4e1-42b8-9a5b-1000960468b3-179cb4877f5-9c2e2a96
.ewn.co.za/	1970-01-20 12:14:45	Name: _ga Value: GA1.3.796932783.1622613194
.ewn.co.za/	1970-01-20 03:21:57	Name: _em_mb Value: 0
.ewn.co.za/	1970-01-19 18:44:59	Name: _gid Value: GA1.3.1505575138.1622613194
.ewn.co.za/	1970-01-19 18:43:33	Name: _gat_UA-4633773-8 Value: 1
.ewn.co.za/	1970-01-19 18:43:34	Name: _em_c3 Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://connect.primedia.co.za/widgets/bna/assets/js/embed.min.js(Line 1) Message: null
console-api	error	URL: https://static.xx.fbcdn.net/rsrc.php/v3/y0/r/ucvXoPeQ-Im.js?_nc_x=Ij3Wp8lg5Kz(Line 56) Message: ErrorUtils caught an error: Minified invariant #11797; Params: 113 [Caught in: Module "VisibilityListener"] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2e82e908dd9f195aa5370eef62870c3a.safeframe.googlesyndication.com
a.teads.tv
ads.chargeads.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bcp.crwdcntrl.net
beacon.krxd.net
bid.g.doubleclick.net
cdn.jsdelivr.net
cdn.mookie1.com
cdn.primedia.co.za
cm.g.doubleclick.net
collector.effectivemeasure.net
connect.facebook.net
connect.primedia.co.za
csi.gstatic.com
d.turn.com
detect-survey.effectivemeasure.net
dmp.adform.net
ewn.co.za
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
id5-sync.com
imasdk.googleapis.com
lh5.googleusercontent.com
match.adsrvr.org
origin.ewn.co.za
pagead2.googlesyndication.com
pixel.mathtag.com
platform.twitter.com
r3---sn-4g5e6nsz.c.2mdn.net
s0.2mdn.net
s8t.teads.tv
sb.scorecardresearch.com
scontent-frx5-1.xx.fbcdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.xx.fbcdn.net
stats.g.doubleclick.net
survey.effectivemeasure.net
syndication.twitter.com
t.effectivemeasure.net
t.teads.tv
tpc.googlesyndication.com
trk.publicaster.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
za-gmtdmp.mookie1.com
ads.chargeads.com
origin.ewn.co.za
104.109.90.196
104.244.42.200
13.248.242.197
142.250.181.226
142.250.184.226
143.204.98.44
143.204.98.52
143.204.98.7
151.101.2.207
18.203.147.76
184.30.20.207
184.30.21.51
184.30.25.51
185.33.220.243
2001:678:cb4:bbbb::13
216.24.224.41
2404:6800:4006:813::2003
2600:9000:218e:fc00:1f:612c:5a80:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:5f::8
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c0a::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
35.186.238.175
37.157.2.237
52.209.126.197
52.222.149.25
52.222.158.71
54.171.173.220
54.36.109.48
54.88.250.198
66.102.1.154
064d1fccc6b0fea2bff603675caf892cd275ed4f583330557b9cae27cac29395
09988ad87852ffd76fa95bf960531a7dad23214720b681e9c25d51c4f958c54c
0a3bb1e382060c6999c26faac38aed7e3d6cc03f7376a9a36b881a7e5ba923ca
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1127b73db10bd4d10a6b96920d8e8426ba871032d9d7459adf2423a72f39bcbd
11c414655d127bbabaad5887460fe6f7fc54c54d5aeca07b2c31fb3c00c2db57
141e299c226d137244ed052eaa9a1b4369a963de7cab3b8f8f78703737b93446
14ad1863fa737fb975309cf5534336966a413cd2b2ccacf4601e16e1c170c086
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187af53ed8ad42664e69f03dc9e561ad6140200ebcdc25220553fc9e10ba7647
1991b47b0dd898fb6b0affa24c03ee7bfed27796bd0959f54de929b89512afe6
1c2607a9bfc7164c68a6cc33e1a07e12b4c25886bf0ce92896f27ca8d531b81f
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1dee906bb32f2ba61d9edea70fee45d8b406fa481a02ba1a9164559e7e6f90cb
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1ec269e3e39e4158db308a7a77f972f24b7a57d0e9ec35f0e1101bbf2844ee0e
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
221b1459af8f41252a68775f825c9855f32d94f172c87194501ab5235c65503b
22e79560e6b8619925a2f2ed603f7b5a0c8af2b4ff3bb3e9f50d627baed2750f
23a463bb0714d1125f2bbb8d55699cfcfda8c4d430c0ce8c53d45270ff5b9200
24f0669ff255cd90c451c76619317e3052af49c218084470845d1e158f5e121e
25000377c9d49017e839be4d0f89b39f88992c065fa0a5978e6985d3fd667e25
26ec4310be2780d0fc73eba1aa8a16fc0f2264c932b412820308ca5320eff2f1
28ba5c163b60608dabede274b1be3d24652e38cd52a7a084ee32051e556c8d55
29491d93022eb312a91d5a5c914e606b0fea45683e35d85d8f3758b307814520
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cf6a145371d7933f400e913ab97b41241105dda0119931fdd1c1dad14183e01
3101b0b3a196c7a44feaa63caffde49c418b512b748a3c1b0591929122a5d086
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37911c81a491e280bdeea6069ba62c11859bcc481f6f4d1b18e24397947d9bc0
398b4849b670aa5659a8fe1d8a925591d3c581176db6313a9ef7208d77310ede
39db16c6bc631a720753ebd76b8870e6aec2f7d486c1b932c728b9a995a7f838
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
438da1276d1d3eda0a0ad7c3a798065015b616021e05b332c0a12c73b0d1de34
43e2fe909700e8ebac888bfb490d63d473f14eacf1e9e0aad195990a0b89d6e5
44bf4e9bfe160c5d8bdbcfb310314641735eab4834a9229edd8150d264c1dff3
4589ae030927cf63e1dcada86d25675a1e79fb8e8a846c13a70b807f3657d54e
4628c198d4045b82f224a6e12cfb5c964f12bdb7627bd9cd1b9bb09db106c5a9
46aedb337cc55eab6d6d76d4ddf083fb20af3b78c50ab4e3125ddc7825bacaea
483cc9a5ece5c92d5a2f1ea6e92e7f8bc29844a6c06bf36c0349d70334685dc7
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4f38615b01f17c3f7c76504dca0c2c84358592d69701ec73a0ce1e995f8e1ff8
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5124beaf75bc76307a06179aab3f68ded68c6fcbdd0cc9507f025ebd6a29f9be
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d
57a32821aa342bff22571bea1158676b4665fc8de5cb468a043be716e40edee6
5baa1a6991897dcb02fd8be98628fdab61d104707d68f8c8db2422e66713ea40
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
61d67035b4379b2cb676632076cec3f970924a5725d5fbb0abf3d9381d568b8a
63f9a261d0920dd0172d4c78a563f6b39a872f61db713faa7389e1e7a06fa175
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
65c1928faa8d6d02957353b3d37ef93f1807b952d66f209b3ca5a7da823cd487
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
695a501a114604d1b2ce883aaa0da03935f36e7f7f79db45d949a4454985c587
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6aff9e390a1598903d10a72d9928717842cb3b97e160473797afe0d668d8a6a3
6b64f5bc28886025d0249793131aab1cf4a02c6b799543e2a74bc8047ead1b41
6cae13a2d3bb79e8f7877e61efa521f0eb0f255be1d0b35e701408e420a9cadb
6e9f79bc257f549f6558eb1450a2cb10815f66594231f07c93780bb7514cd99a
6ed44ecc1ef024b6e6db9305166f505940047282cf519e7845ad3b8928fd42b5
703a675e9f88f43dd9599e3e02da6f16bf4f69673cf4070675a20f2b4253112d
7069ef227a3d5bd3ad9ee3d5b21dc61cab03571081a0000de82a544a2dc3f880
71fc9777767a0a6c471075b013adcf7cffb619d1e85a1e3cb804d337a628a5b4
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7d76d85c982fe003bfa4cbd174a3519e26e1bf85da73441057f948050fdd4242
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
8470e9a8a967094d599c678445a958f4c6f4eb3406df99243ccde8a604ec0d7a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8764c408352d6663938ddda0e8f3b535e7fab9ffc600f2be64a70eb4ad0d6a7e
879b77fa913c6743a887c573c86be4c51ed98604e68da2e9cdb127afda9704bb
89092832ac161c8ef641b21d3b53f21e5920b73a45ff7102f647e2323dba061a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8beadec20d9b3735a0867fada1201542a44d09cdf90f21411ba9697ef0c5a842
8c44c3feedae5331a281278ea3ba91d2255928a2f3010d316d6fbb9052e0c2ec
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
8fa85ee55208325965746c48f9dd9ae8c310b6c9db5d333f917061dd8d92ca93
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
9069346e47edb5fd6ef9e47697d57c02fd9e299c521be15846133f4e8488353c
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
9111759c48bc92483be73d61c6460b871d31cc265009b31a75c651fa374d1b84
93c306ed29ae9dd329fc3098b57fb1e8f161a2b68aaeb517884daa549e663676
96dffde1e825d75303cff1275902b3a6f1bc41bf2053a55568c0861c63086a2e
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9942792a98be68218dc45d066d8283940a0db66067a400108a8355afd7dcfc89
999cdca203e2acaa4a5a336d9e2cdfac2402610d8691118d349b351db8edbfc2
9a5835528727a245b0eb76452be8692e803f76c18266d5ef63870ce0551c314f
9e51e7c1f2f3bd86cc3e9dcd1ad5403db927f32533f0a8b29bc15f11b40c6376
9edca90ed95da5bd20c1db79fe21dc815eb1c9ac933dcdeacdc3b1db3e0de4bb
9f01d7ba86301c782289f8564062089a29df04dcac10c8b39335bccbdfbe75f3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b8dab84814a59fc863b574ed5c706051df3093b82f517b1641c823a3fe9b10
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4eb45b4104689082ab92ddca656d230dc29c5b6625d085a729f34c71bde70a6
a5046caaa8b5dc9c59adebf02b626f8fce84ed0b216ff73c33953fddf194d4bc
a5f2fc2c1a19af03784b7e3bdd9098f35c63bfbb52fd04ac6789d53cfeb70b73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a745159402301275c821b80bfe6d1a1d3e438e833de21f4475cac35daaacb637
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
ab584a3fac526223fbd934173667b5f3231c009d330e5b03a097f1c84ab3a0be
ab806b5b64211e1a60d4784f80e0ff31bc7a17f4295d064b60d946159a82b5d3
ad236a66e80ab0eacb60eadac1bd49207dd1b6c6e43d6db420633c0c859bb372
afcea3a8f0b63b194c186aeb062997c9d344f88053f87fdfd2f9a4103e63a15b
afe24da299f2b06371d3d06d9f4710e2d857bdc040719f5f392c34862d4f857d
b084bccf56424e2c46798c98c4660855758741cbab22e992cc743d8f483e39b5
b2389a0dd662bc526e762f8b657d6e73e0d0938fa0bd915ff819f794655317dd
b24a5d7944e38ee2e44fbf6bc00514619f2f52542a68de47bd4a6ceee13d20d5
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b778c3160307bf5c69dd99c88f4f9b23f2bfe6b459484c83191d5311c220d6c5
bbdd18d9d3d5aa7fe0a275dfea85e52d3a1383959eaa9dca340f51e9af0fd715
be1c4031c965bdf06827008cc018d79cbed689468cd9be0e6810a56a5f6617d7
be5daba1b69c2dad0eed50cc17bea9659ab23d79d8d412dc8e5c6013b41f39c3
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c5480ca8dc399138f987114fb67abcfd022633614edd129951bbe29794082c95
c57eee06ad873d05afa8fcffc6ea38aed97de3f75c6fba7ff7a33930e7ad0b5d
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c75136baa67d2e8916bf059ad33f50b79b523a2fd205544e7f6e51dac69cf503
c761b097c52a9e2a0617dc1c128970c3c78d662a9537879ae38f0463ae5d04d4
c7c178db779e83d8811dc7a6f73341fe25c12118ebcac82cc94f43719d67c70e
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
c9c61985fc676275915603df3af98992d4038cacb69ce94ce91b010d49cc81a4
c9d82f7fa499cfcf79fb47fc1577ae16b2eb24ce1ba683735d704b4f41d5a365
cc17e9fffa7d9103924b1196491673dc298e7e9ebb4c697ba22b291458f16bdd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d175d400e6415cd2d5a76e744971ca96e79124b57fe873d184b93837d9dfe681
d39403de1ec71ed2f8605a302c8255f0a13f426e05c7cfa4ecaf40aadb27c665
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8630263ceb323a2d28f2bd9924fae80562dfe7fffa8dd5e15aadd9adfb03735
d93c09f90d79923b4ec215ed4312fe34e3b73ce8c36757ef1fd834c1899cf024
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
dacf6b74c9776ccd8aa09034d09445bb82f58a5f256d5a26a7c97a32aba729b6
dc92a360ba5738f0e9d589dc8f4b93ce9e8b5a12618b80f461c919a670e63ccd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfb84434ded081a8155ca12989f5b3d826c47ba6263c3a485e3a780d62f3c505
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e14d009d5c1e8953832df9e65fc55e5e91d7e7235f632b06cdd12113d334c3f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e
e9ed90947cceafb9aa2cb4e3153fdfb7b247f9cbbeec1db782e957eca11c3f2c
eaf987ea045fd94a8b896d8f032ac2bb51c3b5b1212718ced1fed4924dc4e820
ec05ca405d0d682ad632a5e8fb5a05f817734fa108f07bdbff4afaaf6c8f11b3
ec212c70d83cbdfea7007fb33d784082d28a61e137e9c20a9e365fb645632452
ed0b497cbbf61facaf9ba2d35d48cc01ee54c7d1897bc9ac87337768f2b7e8b6
eead1ac59c670b80928b9df78c8eae8227bad220ab694d3a87fc015c57261445
ef187e7d159f586873a744f32431d636408d2523f62d07ad986b62581ff08560
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f175f46e6410c9dccda41530ca677dd34d9b8ae787874198f62591ee777f9b19
f3bfd516ff8e30639b3768fe476d1f11bc63104ca0ad379fcbb07093b31bff84
f451845a33b6518fb307714fabf90f791252b0fc23395857f52593b36c9310a0
f4a0934261461009ad98ba4acda6169d9dced381c3713d429c50870fc018ecda
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
fdfd643cfc2e489d98f2b86e4a2481abe6e7456a336e39d93d1b519765e06b4e
ff88c77b7254c4a9af49255c516be39f8fae0a1eb127875230ec123289e0d412

ewn.co.za Open in urlscan Pro 151.101.2.207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

208 Requests

99 %HTTPS

56 %IPv6

32 Domains

55 Subdomains

47 IPs

10 Countries

3805 kBTransfer

9191 kBSize

17 Cookies

11 Outgoing links

Page URL History

Redirected requests

208 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ewn.co.za Open in urlscan Pro
151.101.2.207 Public Scan

Screenshot
Live screenshot

Full Image

208
Requests

99 %
HTTPS

56 %
IPv6

32
Domains

55
Subdomains

47
IPs

10
Countries

3805 kB
Transfer

9191 kB
Size

17
Cookies

208 HTTP transactions
8 data transactions