Submitted URL: http://ew.com
Effective URL: https://ew.com/
Submission: On August 13 via api from US

Summary

This website contacted 19 IPs in 5 countries across 24 domains to perform 58 HTTP transactions.
The main IP is 54.230.95.225, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is ew.com.
TLS certificate: Issued by Amazon on May 7th 2019. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 19 54.230.95.225 16509 (AMAZON-02)
1 54.230.95.59 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.230.92.169 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 1 2a03:2880:f20... 32934 (FACEBOOK)
1 2 2a03:2880:f20... 32934 (FACEBOOK)
6 2a03:2880:f00... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.12.175 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 2600:1f14:600... 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
1 2 2.19.43.224 20940 (AKAMAI-ASN1)
3 2600:9000:200... 16509 (AMAZON-02)
1 1 35.186.236.204 15169 (GOOGLE)
1 93.184.220.12 15133 (EDGECAST)
1 1 63.32.253.244 16509 (AMAZON-02)
1 2a03:2880:f10... 32934 (FACEBOOK)
58 19
Domain
Subdomains
Transfer
19 ew.com
595 KB
7 gstatic.com
96 KB
5 facebook.net
158 KB
3 d9jj3mjthpub.cloudfront.net
1 KB
3 instagram.com
5 KB
2 vindicosuite.com
973 B
2 scorecardresearch.com
880 B
2 imrworldwide.com
9 KB
2 krxd.net
consumer.krxd.net Failed
114 KB
2 facebook.com
812 B
2 fonts.googleapis.com
2 KB
1 bizrate.com
273 B
1 aamapi.com
179 B
1 googletagmanager.com
86 KB
1 google-analytics.com
18 KB
1 segment.com
72 KB
1 ajax.googleapis.com
6 KB
1 sharethrough.com
113 KB
0 timecommerce.net Failed
session.timecommerce.net Failed
0 B
0 pippio.com Failed
.pippio.com Failed
0 B
0 p-n.io Failed
cdn.p-n.io Failed
0 B
0 globalwebindex.net Failed
gwiqcdn.globalwebindex.net Failed
0 B
0 bounceexchange.com Failed
tag.bounceexchange.com Failed
0 B
0 doubleclick.net Failed
6927309.fls.doubleclick.net Failed
0 B
58 24
Domain Requested by
19 ew.com 1 redirects ew.com
7 fonts.gstatic.com ew.com
ajax.googleapis.com
5 connect.facebook.net ew.com
connect.facebook.net
cdn.segment.com
3 d9jj3mjthpub.cloudfront.net ew.com
2 sb.scorecardresearch.com 1 redirects ew.com
2 cdn.krxd.net cdn.segment.com
cdn.krxd.net
2 www.instagram.com 1 redirects ew.com
2 fonts.googleapis.com ew.com
ajax.googleapis.com
1 www.facebook.com ew.com
1 secure-dcr.imrworldwide.com 1 redirects
1 cache.vindicosuite.com ew.com
1 mpp.vindicosuite.com 1 redirects
1 chirp.bizrate.com ew.com
1 aamapi.com www.googletagmanager.com
1 cdn-gl.imrworldwide.com ew.com
1 www.googletagmanager.com cdn.segment.com
1 www.google-analytics.com cdn.segment.com
1 staticxx.facebook.com connect.facebook.net
1 platform.instagram.com 1 redirects
1 cdn.segment.com ew.com
1 ajax.googleapis.com ew.com
1 native.sharethrough.com ew.com
0 consumer.krxd.net Failed ew.com
cdn.krxd.net
0 session.timecommerce.net Failed ew.com
0 pippio.com Failed ew.com
0 cdn.p-n.io Failed www.googletagmanager.com
0 gwiqcdn.globalwebindex.net Failed www.googletagmanager.com
0 tag.bounceexchange.com Failed ew.com
0 6927309.fls.doubleclick.net Failed www.googletagmanager.com
58 29
Subject / Issuer Validity Valid
*.ew.com
Amazon
2019-05-07 -
2020-06-07
a year
*.sharethrough.com
Go Daddy Secure Certificate Authority - G2
2018-09-18 -
2019-11-17
a year
*.googleapis.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
*.segment.com
DigiCert SHA2 Secure Server CA
2019-06-24 -
2020-07-01
a year
*.google.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2019-07-11 -
2019-10-09
3 months
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-06-06 -
2019-09-04
3 months
*.google-analytics.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
*.c.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-03-29 -
2019-09-27
6 months
*.imrworldwide.com
DigiCert SHA2 Secure Server CA
2019-02-25 -
2020-02-25
a year
aamapi.com
Amazon
2019-05-29 -
2020-06-29
a year
*.bizrate.com
Sectigo RSA Organization Validation Secure Server CA
2019-04-01 -
2021-03-31
2 years
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA
2018-11-28 -
2019-12-26
a year
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year
*.vindicosuite.com
DigiCert SHA2 Secure Server CA
2017-10-25 -
2020-05-21
3 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Web
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /googleapis\.com\/.+webfont/i

Web
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://ew.com/
  • https://ew.com/
32 KB
13 KB
Document
General
Full URL
https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
5b79bb1f3dea0151694a7444c82b9098379b8985f3c359dd82c7821ed6e67125

Request headers

:method
GET
:authority
ew.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2019 22:01:54 GMT
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Element
cache-control
max-age=5
etag
W/"817e-ST4ueLjMhOzFEDStemfUSt1Xj3k"
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 c14a347f6edf184d204306cb833d0732.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2
x-amz-cf-id
vdibveXYvXH_nwfQGTUgh5d0uQfumLn7aWmkr6gVF8-qtbNfxAnllQ==

Redirect headers

Server
CloudFront
Date
Tue, 13 Aug 2019 22:01:39 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://ew.com/
X-Cache
Redirect from cloudfront
Via
1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2
X-Amz-Cf-Id
6N6qTPYwFfE_LqG6QKNQu-SiNns1Fll2P2YZnIGVMhWmxclnD1yr4Q==
main.js
/dist
386 KB
123 KB
Script
General
Full URL
https://ew.com/dist/main.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
f99b4fa2c8663936bc8789d3851baa77f64a5e84c6e674029d209b3b93dd6548

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:44 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
10
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
iBWk7K24n8n2qQejXHM9z2QuT2R-VXo0FR1U9gsC-bkMxvMvyg90Fg==
via
1.1 c14a347f6edf184d204306cb833d0732.cloudfront.net (CloudFront)
Adblocked sfp.js
native.sharethrough.com/assets
392 KB
113 KB
Script
General
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.59 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c321a7f4af59d198c948b2e3ef49ca61378922adf99cfb2a8616095a7dc5abb
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 15:56:48 GMT
content-encoding
gzip
last-modified
Mon, 12 Aug 2019 18:08:46 GMT
server
AmazonS3
age
2715
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2
x-amz-cf-id
DGawrdC7z-VjdE9YZErPjmcyYCyKxZr4pMhsYDMB6uA3KmSPACc4Iw==
via
1.1 c14a347f6edf184d204306cb833d0732.cloudfront.net (CloudFront)
expires
Mon, 12 Aug 2019 19:08:44 GMT
style.css
/dist
959 KB
132 KB
Stylesheet
General
Full URL
https://ew.com/dist/style.css
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
404bc5fcda4fa2670df68e9be87fc5f8354a6ac165cc097eab0f2ca04fa7e024

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:44 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
10
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
FUk9Bv8tgfwSdF5bRgGAOTV5t3smuwDIP3nhhEbqXCA6feCRRTGywA==
via
1.1 c14a347f6edf184d204306cb833d0732.cloudfront.net (CloudFront)
loadCssFonts.js
/dist
6 KB
2 KB
Script
General
Full URL
https://ew.com/dist/loadCssFonts.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
c3f0315d0ed140231a609f3316006a9a8d50cf9036bc3b4088f15a56003bfbb3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:44 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
10
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
wtH5ks8MzaJHikqXXWrpBLL5Bk8d6b6W5lO80AXx9pZp0Igyz3WEQQ==
via
1.1 c14a347f6edf184d204306cb833d0732.cloudfront.net (CloudFront)
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26
13 KB
6 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 16:54:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104862
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
5437
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Aug 2020 16:54:12 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn
330 KB
72 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.92.169 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-92-169.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a07787647d8615e1d86f084816fd267df77ffd3eca69b9bb282c8461b1a244fa

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
XzYKQrWTSRpgiEXZHIT6tLjj.DVIMeCV
content-encoding
gzip
etag
"410b4d6b466a2f6d08db3e9c2d451eb0"
x-amz-cf-pop
FRA2
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
72710
access-control-allow-origin
*
last-modified
Tue, 13 Aug 2019 19:51:51 GMT
server
AmazonS3
date
Tue, 13 Aug 2019 22:01:56 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 7e6ac12144acebd1fc302708f2ecfad6.cloudfront.net (CloudFront)
cache-control
public, max-age=300
accept-ranges
bytes
x-amz-cf-id
29B4bZEIAWttYOHJQcA6EapjZeFVMSvUhZHZGoQmwqGBzAGk9k69Hw==
css?family=Roboto:400,700
fonts.googleapis.com
4 KB
891 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c410ec936d045177f84f0e8f3205d5b576bf74fff1297b0a3ac9221d0d9ac40a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 22:01:54 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Aug 2019 22:01:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Tue, 13 Aug 2019 22:01:54 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 01:25:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1802204
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11016
x-xss-protection
0
expires
Thu, 23 Jul 2020 01:25:10 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto:400,700
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 20:18:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
92620
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11020
x-xss-protection
0
expires
Tue, 11 Aug 2020 20:18:14 GMT
data:truncated
data:truncated
0
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://ew.com

Response headers

Content-Type
font/woff2
fontWoff2.css
/dist
381 KB
230 KB
Stylesheet
General
Full URL
https://ew.com/dist/fontWoff2.css
Requested by
Host: ew.com
URL: https://ew.com/dist/loadCssFonts.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
6b864a0cccce32f18c3bda4a085eacf836b7afedb1e956720a7e24c8d6a5baf6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:40 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
18
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
cHb09iaTcIGlU0xywydYdMSLI6Wnzp7P1CwdrzWUMcM2n5OFubWbbg==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
fonts.googleapis.com
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
36b6bf35e1a0db77269568d78a4e624cd7c2c8d0726d90d6691dfa67e45a4c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Aug 2019 22:01:54 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Aug 2019 22:01:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Tue, 13 Aug 2019 22:01:54 GMT
40-40.js
/dist
13 KB
5 KB
Script
General
Full URL
https://ew.com/dist/40-40.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
d1429eec67533eecafe8c3f77b47da6c526fc2fe4c3ee7fd06611fbe285aefd3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
mBt8JeEnU8l1ggcZGiw04DkitdtoQ2rvLOWjNwt4CuVGOiisExV_sQ==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
5-5.js
/dist
6 KB
2 KB
Script
General
Full URL
https://ew.com/dist/5-5.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
febc03415d6b4d54815c65939806df8b186a8e693d7ab71992f40f3e149ef834

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:54 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
4
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
MuXmHzdyra1rnoWC2YdNmqARZ5ITPHsXBbqKyUPBpr4gFmAyW3amiw==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
7-7.js
/dist
8 KB
3 KB
Script
General
Full URL
https://ew.com/dist/7-7.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
f147493c832ca17a4be990220f636dde47ba85b9577b8bb7fd470ab363923b5b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
CubUI5Le2IchISj5EwNeUNUjcCI1eoTzjUv_Pw13ADEDpFiFg54kKA==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
0-0.js
/dist
6 KB
3 KB
Script
General
Full URL
https://ew.com/dist/0-0.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
4da44b62cf0ed3f8fcf7d4e544589ab46449c2dd3f024434603cb2f1f584bb88

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
InLU8xHZ1jSpdn41ZZUzTDZBu0D1ncd_GMMlAOHCiubcHQYOG7wwiQ==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
9-9.js
/dist
8 KB
3 KB
Script
General
Full URL
https://ew.com/dist/9-9.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
a68d1d211e86e526c5b0517eedf00a22efa9278a561b62f5146c061a59914092

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:54 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
4
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
CL6bKaRHsbquE2PqldFjaVuNCjujTILCk7wRBWBBo8JE_RATRffLTg==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
37-37.js
/dist
4 KB
2 KB
Script
General
Full URL
https://ew.com/dist/37-37.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
4fb9695aade039fc06a9db367a6a0092db6abf67883d0237809870789d2df3fd

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
yhrT3336F6H6Cx-OAZ4B46VDfpJmSfgnZmVS9pKF63Txi23lOFqDIA==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
2-2.js
/dist
7 KB
3 KB
Script
General
Full URL
https://ew.com/dist/2-2.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
0d5804db12610200a41062d8e6372773785a7dbaf0b922b2fd6f5dad59eee0de

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
jubLk2W3mxDpml9UjLXBf7rjh-Ct5oD-S8pl-MSaPjuGvQdb6ngilQ==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
21-21.js
/dist
142 KB
45 KB
Script
General
Full URL
https://ew.com/dist/21-21.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
08a3c88372e5d0d8671a1d278519e5dc6aafb2fe3f71fecbd5f4a038d01c3420

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:54 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
4
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
ncyFFc-s10ozhj_3_c4pkczQ7h6ez3J1hdzpW6GQu6GCVizDQn7q5A==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
1-1.js
/dist
10 KB
4 KB
Script
General
Full URL
https://ew.com/dist/1-1.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
d62cb715e3e61c91397412ce6086bd3580d94cfdc6e98c4154a026d980d1dc51

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
BUP6kr8yPDfb6IISIQImwkf-0lWEioPduQHTBL7BklZ-evsUorZbcg==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
11-11.js
/dist
11 KB
4 KB
Script
General
Full URL
https://ew.com/dist/11-11.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
69a69ff04503d75a5d3a24b2ad821848981713035c361fe3f3ff3c30e3cb1ea8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:54 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
4
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
RHiTWH1lxnMK8ReHrnftsChayyClc8RU2XzT4oLkYGNpCovlpAmR9g==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
8-8.js
/dist
9 KB
3 KB
Script
General
Full URL
https://ew.com/dist/8-8.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
77922212ed28609378772d537ab4c81f59808c3bb44f0d1479b1b9cb679805cc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
obNFmUriwN6AezFv1VuU4evcMq642MuYyUt5BbIzjtjldRhZGjOrpA==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
24-24.js
/dist
60 KB
16 KB
Script
General
Full URL
https://ew.com/dist/24-24.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
84033543083c5449754f0732872957a08bdfa49c0e38ca04066345b203d9d5f5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:54 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
4
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
m9yqeOoZiMTDo2AdPYZG0pdnHHiMOoQ6coV5waaDUZ3YoQqlMHZrtw==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
34-34.js
/dist
15 KB
4 KB
Script
General
Full URL
https://ew.com/dist/34-34.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.225 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-225.fra2.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) / Element
Resource Hash
84a4d239c84ab669fd52bb007c259d51ed5444854dc06ce7552f81236c8f4bb3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:45 GMT
content-encoding
gzip
last-modified
Thu, 01 Aug 2019 17:19:55 GMT
server
nginx/1.10.3 (Ubuntu)
age
13
x-powered-by
Element
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=30
x-amz-cf-pop
FRA2
accept-ranges
bytes
x-amz-cf-id
HZYczjMEYv85rxJFu4bq4L-AMQSkT3fzvqmIAKvCA-QZhlL-eo5HVg==
via
1.1 f2cdeae9faa9c871a27c20811b04af58.cloudfront.net (CloudFront)
47c7ec92d91e.js
www.instagram.com/static/bundles/es6/EmbedSDK.js
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
15 KB
5 KB
Script
General
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f206:e5:face:b00c:0:4420 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 06 Aug 2019 12:39:35 GMT
x-fb-trip-id
1679558926
status
200
etag
"47c7ec92d91e"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-encoding
br
content-length
4822

Redirect headers

status
302
date
Tue, 13 Aug 2019 22:01:55 GMT
x-fb-trip-id
1679558926
cache-control
max-age=21600
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
content-type
text/html; charset=utf-8
sdk.js
connect.facebook.net/en_US
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ew.com
URL: https://ew.com/dist/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
337d9299a36566147eee239db43648b34a8a8cf338eadae470e2d635010a9600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
IUX2GmkeT1PpunZ21FCWDw==
status
200
content-length
1779
etag
"bdad16f82c8d014e76f8677cd32aebaf"
x-fb-debug
5sjbrJlEepRc+FC93jDD9v1YBdkyIY/zgpPeim9NtFmfLecOOLw7u2UeVlnDtfgW57G4p0j8fkvN6YXPtl4rJg==
x-fb-trip-id
194532234
x-fb-content-md5
d9e9756aa118c54a9586d1369bcb450c
x-frame-options
DENY
date
Tue, 13 Aug 2019 22:01:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Aug 2019 22:02:44 GMT
nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v15
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v15/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 17:35:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:25:20 GMT
server
sffe
age
102365
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
18436
x-xss-protection
0
expires
Tue, 11 Aug 2020 17:35:50 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v15
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v15/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e0c0e70dfa0b6e6611d9b6b13f4f2c25acc3c4c346e0ded5405a5fa4a40eceb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 20:29:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:57 GMT
server
sffe
age
91975
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
16972
x-xss-protection
0
expires
Tue, 11 Aug 2020 20:29:00 GMT
nuFlD-vYSZviVYUb_rj3ij__anPXBb__lW4e5j5hNKc.woff2
fonts.gstatic.com/s/playfairdisplay/v15
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v15/nuFlD-vYSZviVYUb_rj3ij__anPXBb__lW4e5j5hNKc.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
97295613f33cd85437411347943c7b3a9cd15476b67dee34cc708c5323676e80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 22 Jul 2019 19:42:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:59 GMT
server
sffe
age
1909145
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17496
x-xss-protection
0
expires
Tue, 21 Jul 2020 19:42:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 24 Jul 2019 01:25:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
1802163
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11056
x-xss-protection
0
expires
Thu, 23 Jul 2020 01:25:52 GMT
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Playfair+Display:400,500,700,900%7CRoboto:400,500,700,900
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 12 Aug 2019 20:30:17 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:08 GMT
server
sffe
age
91898
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11012
x-xss-protection
0
expires
Tue, 11 Aug 2020 20:30:17 GMT
sdk.js?hash=ab1f504b7f7fa0ae41206e8a65155139&ua=modern_es6
connect.facebook.net/en_US
199 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ab1f504b7f7fa0ae41206e8a65155139&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
a814e4bf2248d28952262eb92e2ade6c7befd795ef9efa6ef95d46a1bab89de8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Sec-Fetch-Mode
cors
Referer
https://ew.com/
Origin
https://ew.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
qtwllw2wwnf5NBEk6NfCig==
status
200
content-length
60226
etag
"02f3674803d6bbd0485d6dee56513a62"
x-fb-debug
ZqZRB4Sxn41LTEkBNNlztezRoa1R1b5Fujcg6Mm8Y8Qazyw4DQPRlrBB35akakXWkFzHg5u5Pl6ZWTpX3Gba+w==
x-fb-trip-id
194532234
x-fb-content-md5
97068c6222bc1daee9533d5c8ee41d7b
x-frame-options
DENY
date
Tue, 13 Aug 2019 22:01:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 12 Aug 2020 19:50:28 GMT
xd_arbiter.php?version=44
staticxx.facebook.com/connect
0
0
Document
General
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ab1f504b7f7fa0ae41206e8a65155139&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://ew.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://ew.com/

Response headers

status
200
content-type
text/html; charset=utf-8
expires
Fri, 07 Aug 2020 17:19:36 GMT
strict-transport-security
max-age=15552000; preload
content-encoding
br
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cache-control
public,max-age=31536000,immutable
x-fb-debug
rISaU5OPcbs7LbUMsm+qnleI8tK6av07nmLNQsy2E1t61cb2U80ySU8yuibLj7tvdSbBekPkN3rRGGIdb1+ltA==
content-length
11515
x-fb-trip-id
194532234
date
Tue, 13 Aug 2019 22:01:55 GMT
Adblocked analytics.js
www.google-analytics.com
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
1525
date
Tue, 13 Aug 2019 21:36:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Tue, 13 Aug 2019 23:36:30 GMT
Adblocked fbevents.js
connect.facebook.net/en_US
85 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
22680
x-xss-protection
0
pragma
public
x-fb-debug
wS8pk/UT2kS7ESjuClH++zZjolkbYaTpiiWF6uNNx3Ny3+eP4ilPNZL8gz3CY3deIV567pQZU2jtyfuSJjkeBw==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Tue, 13 Aug 2019 22:01:55 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked stiufge0y.js
cdn.krxd.net/controltag
147 KB
34 KB
Script
General
Full URL
https://cdn.krxd.net/controltag/stiufge0y.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
4d2a594216ab17549f5c01add0b79988b8250081e26288fe68fa349d85b3af5f
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Config_Service_V3
Date
Tue, 13 Aug 2019 22:02:02 GMT
Content-Encoding
gzip
Age
644
X-Cache
MISS, HIT, HIT
X-App-Cache
HIT
Connection
keep-alive
X-Age
0
Content-Length
34229
X-Served-By
config-service-a005-ash.krxd.net, cache-iad2133-IAD, cache-fra19139-FRA
X-Response-Time
1
X-Do-Esi
esi
X-Timer
S1565733723.723921,VS0,VE1
ETag
"1c11ece0e5f7074179871dcf1f9dbc6d8df6a8de"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 varnish, 1.1 varnish
Cache-Control
public, max-age=1200
Accept-Ranges
bytes
X-Cache-Hits
0, 1, 1
Adblocked gtm.js?id=GTM-K8GZZJG&l=dataLayer
www.googletagmanager.com
422 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54613e5f0e0b7a23ce4ce67e28687587d6244a6e1e05616c86c7a33407038f32
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:55 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2019 21:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
87409
x-xss-protection
0
expires
Tue, 13 Aug 2019 22:01:55 GMT
Adblocked 1576393572602771?v=2.9.2&r=stable
connect.facebook.net/signals/config
301 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1576393572602771?v=2.9.2&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
92e1ba8c05a8b3121422f55514467ef72490f4919810df7144742268a0226756
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
73427
x-xss-protection
0
pragma
public
x-fb-debug
gF3LU+V2fSBSdJ/tSiYddsSAOgP1aikoS3xAsOFGPsnx8FWK0hc77nLwnsr+p5kZXI9CdtCLpTIT1PW0kXrBXQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Tue, 13 Aug 2019 22:01:55 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
activityi;src=6927309;type=ewmay0;cat=unive0;ord=1;num=4606294384119;gtm=2wg7v2;auiddc=162617766.1565733716;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F?
6927309.fls.doubleclick.net
0
0

i.js
tag.bounceexchange.com/1494
0
0

gwiq.js
gwiqcdn.globalwebindex.net/gwiq
0
0

Adblocked nlsDcrLite510.min.js
cdn-gl.imrworldwide.com/novms/js/2
22 KB
8 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsDcrLite510.min.js
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:4e00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77aada385806e67e30d42a7190b25d73b8d78b17a0d1e021ccb274907f273a6a
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
EkXp8ofOTvkuBaJ_5kW3ikeHZVZub15N
content-encoding
gzip
last-modified
Fri, 17 May 2019 15:00:33 GMT
server
AmazonS3
age
22154
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=86400
date
Tue, 13 Aug 2019 19:28:39 GMT
x-amz-cf-pop
FRA2
x-amz-cf-id
OU7sLrhm6aOQGxzU82AV6OeH0vyjOdveRZTpssbHFNmRyNSCOzxG-w==
via
1.1 28edd995979e84232ebdb595b33d9deb.cloudfront.net (CloudFront)
init-182h1kagypftheeqt3p.js
aamapi.com/api
1 B
179 B
Script
General
Full URL
https://aamapi.com/api/init-182h1kagypftheeqt3p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8GZZJG&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:600:6e00:9db1:9d1c:2db9:715f Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2019 22:01:56 GMT
content-encoding
gzip
server
openresty
content-type
text/javascript
status
200
cache-control
no-cache, no-store, must-revalidate
expires
-1
pushly-sdk.min.js?domain_key=KNVNu51sin9U6UQInIknHRoH5k3YPF7RrEcs
cdn.p-n.io
0
0

sync?pid=8242&it=1&iv=1af95c79-c95a-427e-a8c9-f0b6d46b96a1
pippio.com/api
0
0

sync.js?tc=1af95c79-c95a-427e-a8c9-f0b6d46b96a1&u=https%3A%2F%2Few.com%2F&r=
chirp.bizrate.com
0
273 B
Script
General
Full URL
https://chirp.bizrate.com/sync.js?tc=1af95c79-c95a-427e-a8c9-f0b6d46b96a1&u=https%3A%2F%2Few.com%2F&r=
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e200:6:f5a3:efc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:56 GMT
via
1.1 53e3dfdf8efd0c06e5d27cfdbfbe5876.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
FRA2
x-cache
Error from cloudfront
content-type
text/plain;charset=UTF-8
status
200
content-length
0
x-amz-cf-id
djEKeCnvDHvnDguE0t14wxC1pKmgpv3j6-0j5foUVw7lMjdxtXqr9g==
x-application-context
application:prod:8080
s?c=ajs_user_id%3Dnull%3B%20ajs_group_id%3Dnull%3B%20ajs_anonymous_id%3D%2522c3835241-219e-4706-baab-2922b676567c%2522%3B%20_ga%3DGA1.2.1025756371.1565733716%3B%20_gid%3DGA1.2.210458961.1565733716%...
session.timecommerce.net/v1
0
0

1b008fc9-b074-4b2e-8e4a-c1e1f07d344b?idt=bk&dt=other&bk=cookie_globalti_sid&idv=1af95c79-c95a-427e-a8c9-f0b6d46b96a1&dc=1&al=1&tg=1&cd=1&sh=1&re=1
consumer.krxd.net/consent/set
0
0

Adblocked b2?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
sb.scorecardresearch.com
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
0
248 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-43-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Aug 2019 22:02:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
Pragma
no-cache
Date
Tue, 13 Aug 2019 22:02:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
x.gif?pulse=0&url=https%3A%2F%2Few.com%2F&vs=0&vs_pct=0&vs_max=1200&browser=bot&w=1600&h=1200&dom_delay=-1565733698048&js_delay=1565733715686&domain=ew.com&os=mac&tld=ew.com&tz=europe%2Fberlin&tz_o...
d9jj3mjthpub.cloudfront.net
35 B
358 B
Image
General
Full URL
https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=0&url=https%3A%2F%2Few.com%2F&vs=0&vs_pct=0&vs_max=1200&browser=bot&w=1600&h=1200&dom_delay=-1565733698048&js_delay=1565733715686&domain=ew.com&os=mac&tld=ew.com&tz=europe%2Fberlin&tz_offset=2&category=homepage&request_id=456b07c2-17a9-4379-90b1-c8277c33d524&type=view&utime=1565733715689&new=1&channel=direct&ua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&seg_cnt=0&v=1.0&globalTI_SID=1af95c79-c95a-427e-a8c9-f0b6d46b96a1&muuid_cnt=1&muuid_date=1565733715689&_gid=GA1.2.210458961.1565733716&_ga=GA1.2.1025756371.1565733716&ajs_anonymous_id=c3835241-219e-4706-baab-2922b676567c&meta_brand=EW.com&meta_valid=0&meta_type=gdpr&meta_tags=%5B%22entertainment%20news%22%2C%22entertainment%20weekly%22%2C%22ew%22%2C%22entertainment%22%5D
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 01:19:22 GMT
via
1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
last-modified
Sun, 24 Feb 2019 04:40:26 GMT
server
AmazonS3
age
63141
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-length
35
x-amz-cf-id
4DGJ5ke8XExaDvUz4E564n9F903WjgfHRW6zYeHAhq4wqGpyJuvCFQ==
537.36&url=https%3A%2F%2Few.com%2F&context=pixel&type=Unexpected%20token%20u%20in%20JSON%20at%20position%200
d9jj3mjthpub.cloudfront.net/x.gif?type=error&ua=mozilla/5.0%20(macintosh;%20intel%20mac%20os%20x%2010_14_5)%20applewebkit/537.36%20(khtml,%20like%20gecko)%20chrome/74.0.3729.169%20safari
35 B
358 B
Image
General
Full URL
https://d9jj3mjthpub.cloudfront.net/x.gif?type=error&ua=mozilla/5.0%20(macintosh;%20intel%20mac%20os%20x%2010_14_5)%20applewebkit/537.36%20(khtml,%20like%20gecko)%20chrome/74.0.3729.169%20safari/537.36&url=https%3A%2F%2Few.com%2F&context=pixel&type=Unexpected%20token%20u%20in%20JSON%20at%20position%200
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 01:19:22 GMT
via
1.1 e621b964f8c348548e0b42950cc55248.cloudfront.net (CloudFront)
last-modified
Sun, 24 Feb 2019 04:40:26 GMT
server
AmazonS3
age
63141
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-length
35
x-amz-cf-id
jZ3N1BTD6j1iZtIpl-drthnSGfz5lSa9WmKrFZV2HVW-lwZSWG5V4w==
Verified Adblocked blank.gif
cache.vindicosuite.com/creative
Redirect Chain
  • https://mpp.vindicosuite.com/conv/m=1;t=27093;mid=;grp=1049;itms=;muid=1af95c79-c95a-427e-a8c9-f0b6d46b96a1;ts=1565733715692
  • https://cache.vindicosuite.com/creative/blank.gif
49 B
213 B
Image
General
Full URL
https://cache.vindicosuite.com/creative/blank.gif
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.12 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (ams/49BC) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Verified resource
extjs/6.2.0/welcome/css/blank.gif at cdnjs.com, project extjs
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 22:01:59 GMT
last-modified
Mon, 15 May 2017 18:51:23 GMT
server
ECS (ams/49BC)
etag
"2426206463"
x-cache
HIT
content-type
image/gif
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
49
expires
Tue, 20 Aug 2019 22:01:59 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2019 22:01:57 GMT
via
1.1 google
server
f48cad8730e652463801cdb3a37a616690ee7c80aa5c32b7dd85642e6c71515d
access-control-allow-headers
Content-Type
status
302
location
https://cache.vindicosuite.com/creative/blank.gif
access-control-allow-methods
GET, HEAD, POST, TRACE, OPTIONS
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
*
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
content-type
text/html;charset=ISO-8859-1
alt-svc
clear
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
Adblocked inferredEvents.js?v=2.9.2
connect.facebook.net/signals/plugins
1 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
772
x-xss-protection
0
pragma
public
x-fb-debug
XtTJK8IcY82qB4HGdYABnOreY8Vk098siNlzegwINWw5FgpZhJ4dGpHUoP3EyX0ZofwC1Q5UlnprHli17XD1cQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Tue, 13 Aug 2019 22:01:56 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access_method=0&segment_a=d4cd0...
www.facebook.com
Redirect Chain
  • https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&st=dcr&rt=text&forward=0&sup=0&ad=0&asn=homepage&ci=us-100120&c6=vc,c32&c9=devid,&c11=agg,1&c12=apv,&c13=asid,PC1601761-BBBF-4503-8F00-80834F1...
  • https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access...
67 B
812 B
Image
General
Full URL
https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access_method=0&segment_a=d4cd0dabcf4caa22ad92fab40844c786&segment_b=d4cd0dabcf4caa22ad92fab40844c786&segment_c=d4cd0dabcf4caa22ad92fab40844c786&content_type=text&segment1=ZZ&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&appid=PC1601761-BBBF-4503-8F00-80834F197676&length=0&ad_duration=0&ad_count=0&impressions=1&advertiser_id=DSK&app_launch=0&ver=1&placement_id=d4cd0dabcf4caa22ad92fab40844c786&data_date=20190813&day_id=tue&hour_id=12&ad_supp=2&h=eff17ad3f3&rnd=1565733720
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
x-fb-debug
y4ybAm/dPV1ZqfXZOHP6uHZQm/3D76xBFV/aeNfUgHUAetRQFF18mgbYqB5yCpA7CJG0WWVqFO0s30Pytrx8mg==
content-encoding
br
x-content-type-options
nosniff
date
Tue, 13 Aug 2019 22:02:00 GMT
strict-transport-security
max-age=15552000; preload
content-type
image/png
status
200
cache-control
private, no-store, no-cache, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2019 22:02:00 GMT
server
nginx
status
302
location
https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access_method=0&segment_a=d4cd0dabcf4caa22ad92fab40844c786&segment_b=d4cd0dabcf4caa22ad92fab40844c786&segment_c=d4cd0dabcf4caa22ad92fab40844c786&content_type=text&segment1=ZZ&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&appid=PC1601761-BBBF-4503-8F00-80834F197676&length=0&ad_duration=0&ad_count=0&impressions=1&advertiser_id=DSK&app_launch=0&ver=1&placement_id=d4cd0dabcf4caa22ad92fab40844c786&data_date=20190813&day_id=tue&hour_id=12&ad_supp=2&h=eff17ad3f3&rnd=1565733720
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://www.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
x.gif?pulse=5000&url=https%3A%2F%2Few.com%2F&vs=0&vs_pct=0&vs_max=1200&browser=bot&w=1600&h=1200&dom_delay=-1565733698048&js_delay=1565733715686&domain=ew.com&os=mac&tld=ew.com&tz=europe%2Fberlin&t...
d9jj3mjthpub.cloudfront.net
35 B
357 B
Image
General
Full URL
https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=5000&url=https%3A%2F%2Few.com%2F&vs=0&vs_pct=0&vs_max=1200&browser=bot&w=1600&h=1200&dom_delay=-1565733698048&js_delay=1565733715686&domain=ew.com&os=mac&tld=ew.com&tz=europe%2Fberlin&tz_offset=2&category=homepage&request_id=456b07c2-17a9-4379-90b1-c8277c33d524&type=view&utime=1565733720692&new=1&channel=direct&ua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F74.0.3729.169%20safari%2F537.36&seg_cnt=0&v=1.0&meta_brand=EW.com&meta_valid=0&meta_type=gdpr&meta_tags=%5B%22entertainment%20news%22%2C%22entertainment%20weekly%22%2C%22ew%22%2C%22entertainment%22%5D
Requested by
Host: ew.com
URL: https://ew.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:9e00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 04:43:27 GMT
via
1.1 a907498188cf5fbb13fb98b2dcde84cd.cloudfront.net (CloudFront)
last-modified
Sun, 24 Feb 2019 04:40:26 GMT
server
AmazonS3
age
106667
etag
"28d6814f309ea289f847c69cf91194c6"
x-cache
Hit from cloudfront
content-type
image/gif
status
200
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-length
35
x-amz-cf-id
cFisLCk9s-WWFc8PBMjey-hEb34Pgt69atC78vakPZK3Cwno75QP3w==
Adblocked controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
cdn.krxd.net/ctjs
248 KB
80 KB
Script
General
Full URL
https://cdn.krxd.net/ctjs/controltag.js.05f9d0dad02f8a1b0b028b868bc3a3e2
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/stiufge0y.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://ew.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-CDN-Backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date
Tue, 13 Aug 2019 22:02:02 GMT
Content-Encoding
gzip
Age
2363815
X-Cache
HIT
X-Cache-Hits
594952
Connection
keep-alive
Content-Length
81058
X-Served-By
cache-fra19139-FRA
Last-Modified
Tue, 16 Jul 2019 17:45:11 GMT
X-Timer
S1565733723.802323,VS0,VE0
ETag
"05f9d0dad02f8a1b0b028b868bc3a3e2"
Content-Type
application/javascript
Via
1.1 varnish
Cache-Control
public, max-age=315360000
Accept-Ranges
bytes
Expires
Fri, 13 Jul 2029 17:45:10 GMT
1b008fc9-b074-4b2e-8e4a-c1e1f07d344b?idt=device&dt=kxcookie&callback=Krux.ns.meredith.kxjsonp_consent_get_0
consumer.krxd.net/consent/get
0
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://ew.com/
  • https://ew.com/
Request 26
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/47c7ec92d91e.js
Request 50
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035728&ns__t=1565733715675&ns_c=UTF-8&c8=%7C%20EW.com&c7=https%3A%2F%2Few.com%2F&c9=
Request 53
  • https://mpp.vindicosuite.com/conv/m=1;t=27093;mid=;grp=1049;itms=;muid=1af95c79-c95a-427e-a8c9-f0b6d46b96a1;ts=1565733715692
  • https://cache.vindicosuite.com/creative/blank.gif
Request 55
  • https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&st=dcr&rt=text&forward=0&sup=0&ad=0&asn=homepage&ci=us-100120&c6=vc,c32&c9=devid,&c11=agg,1&c12=apv,&c13=asid,PC1601761-BBBF-4503-8F00-80834F1...
  • https://www.facebook.com/brandlift.php?content_id=d4cd0dabcf4caa22ad92fab40844c786&channel_asset=c5582767a3042e8cec421e20f3e2b755&segment_code=5206560a306a2e085a437fd258eb57ce&media_type=dcr&access...

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6927309.fls.doubleclick.net
URL
https://6927309.fls.doubleclick.net/activityi;src=6927309;type=ewmay0;cat=unive0;ord=1;num=4606294384119;gtm=2wg7v2;auiddc=162617766.1565733716;u1=https%3A%2F%2Few.com%2F;~oref=https%3A%2F%2Few.com%2F?
Domain
tag.bounceexchange.com
URL
https://tag.bounceexchange.com/1494/i.js
Domain
gwiqcdn.globalwebindex.net
URL
https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Domain
cdn.p-n.io
URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=KNVNu51sin9U6UQInIknHRoH5k3YPF7RrEcs
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=8242&it=1&iv=1af95c79-c95a-427e-a8c9-f0b6d46b96a1
Domain
session.timecommerce.net
URL
https://session.timecommerce.net/v1/s?c=ajs_user_id%3Dnull%3B%20ajs_group_id%3Dnull%3B%20ajs_anonymous_id%3D%2522c3835241-219e-4706-baab-2922b676567c%2522%3B%20_ga%3DGA1.2.1025756371.1565733716%3B%20_gid%3DGA1.2.210458961.1565733716%3B%20_gcl_au%3D1.1.162617766.1565733716%3B%20muuid_date%3D1565733715689%3B%20muuid_cnt%3D1%3B%20globalTI_SID%3D1af95c79-c95a-427e-a8c9-f0b6d46b96a1&url=https%3A%2F%2Few.com%2F&pixel=1af95c79-c95a-427e-a8c9-f0b6d46b96a1&vs_pct=0&tz=europe%2Fberlin&tz_offset=2&brand=EW.com&valid=0
Domain
consumer.krxd.net
URL
https://consumer.krxd.net/consent/set/1b008fc9-b074-4b2e-8e4a-c1e1f07d344b?idt=bk&dt=other&bk=cookie_globalti_sid&idv=1af95c79-c95a-427e-a8c9-f0b6d46b96a1&dc=1&al=1&tg=1&cd=1&sh=1&re=1
Domain
consumer.krxd.net
URL
https://consumer.krxd.net/consent/get/1b008fc9-b074-4b2e-8e4a-c1e1f07d344b?idt=device&dt=kxcookie&callback=Krux.ns.meredith.kxjsonp_consent_get_0

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| WebFontConfig object| analytics object| ELEMENT_CLIENT_CONFIG object| NREUM object| newrelic function| __nr_require object| linkElement function| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ function| $ function| jQuery object| TimeInc object| WebFont object| FB object| __s object| instgrm string| GoogleAnalyticsObject function| ga function| normalize function| _fbq function| fbq function| Krux object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| google_tag_manager function| postscribe object| nielsenMetadata object| globalTI function| ruskajs_init object| ruskajs string| sfdmpConsentLogged string| uuid string| bridgeKey string| uid string| euConsent string| krux_base_url string| krux_api_url string| encodedUrl function| kruxApiCall function| setCookie function| getCookie object| PushlySDK function| pushly object| pushly_profile object| NOLLite function| UUIDv1 function| clamp object| STR undefined| UUID object| Audit object| karma

0 Cookies

1 Console Messages

Source Level URL
Text
console-api error URL: https://ew.com/dist/main.js, Line 1, Column1341
Message:
TypeError: e.default is not a function

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

6927309.fls.doubleclick.net
aamapi.com
ajax.googleapis.com
cache.vindicosuite.com
cdn-gl.imrworldwide.com
cdn.krxd.net
cdn.p-n.io
cdn.segment.com
chirp.bizrate.com
connect.facebook.net
consumer.krxd.net
d9jj3mjthpub.cloudfront.net
ew.com
fonts.googleapis.com
fonts.gstatic.com
gwiqcdn.globalwebindex.net
mpp.vindicosuite.com
native.sharethrough.com
pippio.com
platform.instagram.com
sb.scorecardresearch.com
secure-dcr.imrworldwide.com
session.timecommerce.net
staticxx.facebook.com
tag.bounceexchange.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.instagram.com

6927309.fls.doubleclick.net
cdn.p-n.io
consumer.krxd.net
gwiqcdn.globalwebindex.net
pippio.com
session.timecommerce.net
tag.bounceexchange.com

151.101.12.175
2.19.43.224
2600:1f14:600:6e00:9db1:9d1c:2db9:715f
2600:9000:200c:4e00:2:42d9:3100:93a1
2600:9000:200c:9e00:11:e0c9:84c0:21
2600:9000:200c:e200:6:f5a3:efc0:93a1
2a00:1450:4001:806::2008
2a00:1450:4001:815::200e
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::200a
2a00:1450:4001:81f::200a
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a03:2880:f206:c4:face:b00c:0:43fe
2a03:2880:f206:e5:face:b00c:0:4420
35.186.236.204
54.230.92.169
54.230.95.225
54.230.95.59
63.32.253.244
93.184.220.12

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
08a3c88372e5d0d8671a1d278519e5dc6aafb2fe3f71fecbd5f4a038d01c3420
0d5804db12610200a41062d8e6372773785a7dbaf0b922b2fd6f5dad59eee0de
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
337d9299a36566147eee239db43648b34a8a8cf338eadae470e2d635010a9600
36b6bf35e1a0db77269568d78a4e624cd7c2c8d0726d90d6691dfa67e45a4c8f
404bc5fcda4fa2670df68e9be87fc5f8354a6ac165cc097eab0f2ca04fa7e024
4d2a594216ab17549f5c01add0b79988b8250081e26288fe68fa349d85b3af5f
4da44b62cf0ed3f8fcf7d4e544589ab46449c2dd3f024434603cb2f1f584bb88
4fb9695aade039fc06a9db367a6a0092db6abf67883d0237809870789d2df3fd
54613e5f0e0b7a23ce4ce67e28687587d6244a6e1e05616c86c7a33407038f32
5b79bb1f3dea0151694a7444c82b9098379b8985f3c359dd82c7821ed6e67125
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
69a69ff04503d75a5d3a24b2ad821848981713035c361fe3f3ff3c30e3cb1ea8
6b864a0cccce32f18c3bda4a085eacf836b7afedb1e956720a7e24c8d6a5baf6
77922212ed28609378772d537ab4c81f59808c3bb44f0d1479b1b9cb679805cc
77aada385806e67e30d42a7190b25d73b8d78b17a0d1e021ccb274907f273a6a
7daa8dfc1349542ca90836b9becde99fa9bdf0b0599db5513c55ecbe556009a4
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84033543083c5449754f0732872957a08bdfa49c0e38ca04066345b203d9d5f5
84a4d239c84ab669fd52bb007c259d51ed5444854dc06ce7552f81236c8f4bb3
8c321a7f4af59d198c948b2e3ef49ca61378922adf99cfb2a8616095a7dc5abb
8f2e37cf4e314907e37bf11c3205be713c048968afb0af99f791b1f336308a33
92e1ba8c05a8b3121422f55514467ef72490f4919810df7144742268a0226756
97295613f33cd85437411347943c7b3a9cd15476b67dee34cc708c5323676e80
a07787647d8615e1d86f084816fd267df77ffd3eca69b9bb282c8461b1a244fa
a68d1d211e86e526c5b0517eedf00a22efa9278a561b62f5146c061a59914092
a814e4bf2248d28952262eb92e2ade6c7befd795ef9efa6ef95d46a1bab89de8
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
c3f0315d0ed140231a609f3316006a9a8d50cf9036bc3b4088f15a56003bfbb3
c410ec936d045177f84f0e8f3205d5b576bf74fff1297b0a3ac9221d0d9ac40a
c7ffb5c7a2fcc93bf5553df1f27de7c5b2dbd4affcb74fd0bef82371e4e22caa
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d1429eec67533eecafe8c3f77b47da6c526fc2fe4c3ee7fd06611fbe285aefd3
d62cb715e3e61c91397412ce6086bd3580d94cfdc6e98c4154a026d980d1dc51
e0c0e70dfa0b6e6611d9b6b13f4f2c25acc3c4c346e0ded5405a5fa4a40eceb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f147493c832ca17a4be990220f636dde47ba85b9577b8bb7fd470ab363923b5b
f99b4fa2c8663936bc8789d3851baa77f64a5e84c6e674029d209b3b93dd6548
febc03415d6b4d54815c65939806df8b186a8e693d7ab71992f40f3e149ef834