ew.com Open in urlscan Pro
13.225.78.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flogisticstcompany.info%2Flivesrchdashboard%3Fu%3D58966f5b9e9c1eaf6f...
Effective URL:
https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3...
Submission: On October 24 via manual (October 24th 2022, 1:28:16 pm UTC) from US — Scanned from NL

Summary HTTP 125 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 26 domains to perform 125 HTTP transactions. The main IP is 13.225.78.93, located in United States and belongs to AMAZON-02, US. The main domain is ew.com. The Cisco Umbrella rank of the primary domain is 36435.
TLS certificate: Issued by Amazon on January 31st 2022. Valid for: a year.

This is the only time ew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:19f0:500... 2001:19f0:5001:32cc:5400:4ff:fe1b:542a	20473 (AS-CHOOPA) (AS-CHOOPA)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02)
2	18.118.94.142 18.118.94.142	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:3800:d:2820:3bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2250:3400:19:bcbe:a700:21	16509 (AMAZON-02) (AMAZON-02)
1	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:213... 2600:9000:2134:bc00:11:e0c9:84c0:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2962	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a03:2880:f22... 2a03:2880:f22d:c4:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
2 4	2a03:2880:f22... 2a03:2880:f22d:e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	13.224.189.42 13.224.189.42	16509 (AMAZON-02) (AMAZON-02)
1	34.202.126.101 34.202.126.101	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	44.241.21.8 44.241.21.8	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.17 13.224.189.17	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	93.184.220.120 93.184.220.120	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	136.144.49.190 136.144.49.190	54825 (PACKET) (PACKET)
125	36

1 2001:19f0:5001:32cc:5400:4ff:fe1b:542a (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)

637267.directfvtfwr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

logisticstcompany.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

ew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.118.94.142 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-118-94-142.us-east-2.compute.amazonaws.com

api-secure.solvemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:3800:d:2820:3bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

karma.mdpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3400:19:bcbe:a700:21 (United States)

ASN16509 (AMAZON-02, US)

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2134:bc00:11:e0c9:84c0:21 (United States)

ASN16509 (AMAZON-02, US)

d9jj3mjthpub.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2962 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:c4:face:b00c:0:43fe (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

platform.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f22d:e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-42.fra2.r.cloudfront.net

imagesvc.meredithcorp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.126.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-126-101.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.21.8 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-21-8.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-17.fra2.r.cloudfront.net

ddrvjrfwnij7n.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.120 (London, United Kingdom)

ASN15133 (EDGECAST, US)

g.3gl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.49.190 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: fra-eqx-gli-02

r.3gl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	ew.com ew.com — Cisco Umbrella Rank: 36435	964 KB
15	segment.com cdn.segment.com — Cisco Umbrella Rank: 1442	135 KB
14	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 413	270 KB
8	googlesyndication.com 020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	42 KB
6	instagram.com 4 redirects platform.instagram.com — Cisco Umbrella Rank: 7550 www.instagram.com — Cisco Umbrella Rank: 1283	10 KB
5	cloudfront.net d30qdagvt44524.cloudfront.net d9jj3mjthpub.cloudfront.net ddrvjrfwnij7n.cloudfront.net	13 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	156 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 78 ampcid.google.com — Cisco Umbrella Rank: 2113 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	40 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	174 KB
3	google.nl adservice.google.nl — Cisco Umbrella Rank: 14180 ampcid.google.nl — Cisco Umbrella Rank: 75141 www.google.nl — Cisco Umbrella Rank: 8898	2 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 313	47 KB
2	3gl.net g.3gl.net — Cisco Umbrella Rank: 6941 r.3gl.net — Cisco Umbrella Rank: 6148	10 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 1020	333 B
2	meredithcorp.io imagesvc.meredithcorp.io — Cisco Umbrella Rank: 11933	89 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 678	449 B
2	solvemedia.com api-secure.solvemedia.com — Cisco Umbrella Rank: 121848	23 KB
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1407	212 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	128 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	383 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 825	353 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 4214	160 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608	13 KB
1	mdpcdn.com karma.mdpcdn.com — Cisco Umbrella Rank: 20344	113 KB
1	logisticstcompany.info 1 redirects logisticstcompany.info	788 B
1	directfvtfwr.com 637267.directfvtfwr.com — Cisco Umbrella Rank: 653919	728 B
125	26

	Domain	Requested by
40	ew.com	ew.com
15	cdn.segment.com	ew.com cdn.segment.com
14	cdn.cookielaw.org	ew.com cdn.cookielaw.org
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	cdn.segment.com www.google-analytics.com
4	connect.facebook.net	ew.com connect.facebook.net
4	www.instagram.com	2 redirects ew.com
4	securepubads.g.doubleclick.net	karma.mdpcdn.com securepubads.g.doubleclick.net
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	karma.mdpcdn.com c.amazon-adsystem.com
2	www.google.com	ew.com tpc.googlesyndication.com
2	ddrvjrfwnij7n.cloudfront.net	ew.com
2	api.segment.io	cdn.segment.com
2	imagesvc.meredithcorp.io	ew.com
2	platform.instagram.com	2 redirects
2	geolocation.onetrust.com	cdn.cookielaw.org
2	d9jj3mjthpub.cloudfront.net	ew.com
2	api-secure.solvemedia.com	ew.com api-secure.solvemedia.com
1	r.3gl.net	g.3gl.net
1	g.3gl.net	637267.directfvtfwr.com
1	www.google.nl	ew.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.nl	www.google-analytics.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	ampcid.google.com	www.google-analytics.com
1	020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	www.googletagmanager.com	cdn.segment.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	js-sec.indexww.com	karma.mdpcdn.com
1	d30qdagvt44524.cloudfront.net	karma.mdpcdn.com
1	karma.mdpcdn.com	ew.com
1	logisticstcompany.info	1 redirects
1	637267.directfvtfwr.com
125	37

This site contains links to these domains. Also see Links.

Domain
secure.ew.com
www.magazines.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com
www.snapchat.com
websupport.meredith.com
www.meredith.com
www.meredithcontentlicensing.com
meredithaccolades.com
www.onetrust.com

Subject Issuer	Validity	Valid
ew.com Amazon	`2022-01-31` - `2023-02-28`	a year	crt.sh
api-secure.solvemedia.com Amazon	`2022-10-08` - `2023-11-05`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
karma.mdpcdn.com Amazon	`2022-05-02` - `2023-05-31`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2022-10-31`	3 months	crt.sh
*.meredithcorp.io Amazon	`2022-10-08` - `2023-11-06`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
g.3gl.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-19` - `2023-08-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
r.3gl.net Go Daddy Secure Certificate Authority - G2	`2022-01-24` - `2023-02-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Frame ID: 87463AFCE504D8E36E1132B99BA849D6
Requests: 86 HTTP requests in this frame

Frame: https://020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1D5C869FC1DA804F6011C0032CC1823C
Requests: 1 HTTP requests in this frame

Frame: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
Frame ID: 387CA493BE474AD8EEF1DA5984EE54C5
Requests: 36 HTTP requests in this frame

Frame: https://g.3gl.net/jp/7820/v3.3.0/M
Frame ID: 5ED87B67D6F2868A4DAB6BCC249F7810
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9793BC37B96AB66832A620417E45B607
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EAEE07C13A3FBD4FD73977EA4B47340
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Splash into Cash $10,000 Sweepstakes | EW.comBack ButtonFilter Button

Page URL History Show full URLs

http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flogisticstcompany.info%2Flivesrchdashboard%3Fu%... Page URL
https://logisticstcompany.info/livesrchdashboard?u=58966f5b9e9c1eaf6f36c35da242b329&t=gmail,gmail,gmail%20a... HTTP 302
https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

125
Requests

98 %
HTTPS

62 %
IPv6

26
Domains

37
Subdomains

36
IPs

6
Countries

2234 kB
Transfer

8272 kB
Size

33
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.ew.com/common/profile/member/optout/
Title: Email Preferences

Search URL Search Domain Scan URL

URL: https://www.magazines.com/magazine-transfer-customer-support?utm_source=ew.com&utm_medium=internal&utm_campaign=managesublink
Title: Manage Your Subscription this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.magazines.com/entertainment-weekly-magazine.html
Title: Give a Gift Subscription this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.magazines.com/entertainment-weekly-magazine.html?utm_source=ew.com&utm_medium=owned&utm_campaign=i111ewr1w2662
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.magazines.com/entertainment-weekly-magazine.html?utm_source=ew.com&utm_medium=owned&utm_campaign=i111ewr5w2662
Title: Subscribe this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://twitter.com/EW/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ewmagazine/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ew/

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/discover/Entertainment-Weekly/1015541732

Search URL Search Domain Scan URL

URL: https://websupport.meredith.com/hc/en-us/categories/360003876553-Sweepstakes
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.magazines.com/people-magazine.html?utm_source=ew.com&utm_medium=owned&utm_campaign=i204ewrfw2803
Title: <div class="inner-container"><img src="https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Few.com%2Fimg%2Fmisc%2F300x250_magazines_and_more.jpg" alt="Magazines & More" title="" /></div>

Search URL Search Domain Scan URL

URL: https://www.meredith.com/Entertainment-Weekly-Media-Kit.pdf
Title: Advertise this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredithcontentlicensing.com/
Title: Content Licensing this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://meredithaccolades.com/index.html
Title: Accolades this link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/nmg/privacy
Title: Privacy Policythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal-ti/ew/privacy_terms_service.html
Title: Terms of Servicethis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/adchoices
Title: Ad Choicesthis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.meredith.com/legal/web-accessibility
Title: Web Accessibilitythis link opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flogisticstcompany.info%2Flivesrchdashboard%3Fu%3D58966f5b9e9c1eaf6f36c35da242b329%26t%3Dgmail%252Cgmail%252Cgmail%2520app%252Cgmail%2520inbox%252Cgmail%2520login%252Cgmail%2520email%252Cgmail%2520google%252Cgmail%2520login%2520mail%26i%3D-%26s%3DUS Page URL
https://logisticstcompany.info/livesrchdashboard?u=58966f5b9e9c1eaf6f36c35da242b329&t=gmail,gmail,gmail%20app,gmail%20inbox,gmail%20login,gmail%20email,gmail%20google,gmail%20login%20mail&i=-&s=US HTTP 302
https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 95

https://platform.instagram.com/en_US/embeds.js HTTP 301
https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

125 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK bdvfrd.dbm Show response
637267.directfvtfwr.com/ 528 B
728 B 58ms
24ms Document
text/html 2001:19f0:5001:32cc:5400:4ff:fe1b:542a
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flogisticstcompany.info%2Flivesrchdashboard%3Fu%3D58966f5b9e9c1eaf6f36c35da242b329%26t%3Dgmail%252Cgmail%252Cgmail%2520app%252Cgmail%2520inbox%252Cgmail%2520login%252Cgmail%2520email%252Cgmail%2520google%252Cgmail%2520login%2520mail%26i%3D-%26s%3DUS
Protocol: HTTP/1.1
Server: 2001:19f0:5001:32cc:5400:4ff:fe1b:542a Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / PHP/8.0.0
Resource Hash: ef07dc65a90a8558761ee70479656ac99bad0f98db9dac7d75257ccdca544318

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Content-Length: 528
Content-Type: text/html; charset=UTF-8
Date: Mon, 24 Oct 2022 13:28:11 GMT
Referrer-Policy: no-referrer
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/8.0.0

GET
H2

200

Primary Request / Show response
ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/
Redirect Chain

https://logisticstcompany.info/livesrchdashboard?u=58966f5b9e9c1eaf6f36c35da242b329&t=gmail,gmail,gmail%20app,gmail%20inbox,gmail%20login,gmail%20email,gmail%20google,gmail%20login%20mail&i=-&s=US
https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-d...

143 KB
27 KB

277ms
204ms

Document
text/html

13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

a779828b280bc1f567aba8d7659bf391ea3762a169df747aea46ec972d493ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flogisticstcompany.info%2Flivesrchdashboard%3Fu%3D58966f5b9e9c1eaf6f36c35da242b329%26t%3Dgmail%252Cgmail%252Cgmail%2520app%252Cgmail%2520inbox%252Cgmail%2520login%252Cgmail%2520email%252Cgmail%2520google%252Cgmail%2520login%2520mail%26i%3D-%26s%3DUS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=30
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 13:28:12 GMT
etag: W/"23a99-YFmxnrlDJ39b6mTrK8CFn1Y7XtU"
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
server: nginx
strict-transport-security: max-age=86400; preload
vary: Accept-Encoding
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-id: wXJYIFnvmqzGj61LjCAeVnFr_fovrb8rCVmp7GrqAfUuAEdqmAuU0A==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-element-page-cache: MISS
x-powered-by: Element

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75f30de03ef81e7d-AMS
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 13:28:11 GMT
location: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhHF9OfzBwloOY%2BosayKMOFJ1yp%2F58WE%2BTQEIXoNTzj2xgKyH4nKM4N2i49BvOSbrVAtVof2sMbtbzl81ZPeBiSvzV03twr6kWeuth%2BAjtoPtA6rGtBKtUZJ50Q6WuOUzeDIwBjMi8Yu%2FTbrkpi1Kc2anOuM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000

GET
H2 200 style-bbc5513b2fb4e876c869-hash.css
ew.com/dist/ 1 MB
159 KB 35ms
34ms Stylesheet
text/css 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Requested by

Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

3ff8cb6382d944a439a78047f144e671c607f77da36a63837d028557df63848f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 07:34:01 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 2440451
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: epUIE8syzUMBqkDf1HWXDK7NYJ68XdbpTx48H-ssFIadjqBv5rG8YQ==

GET
H2 200 main-d80180da1df05d3951bb-hash.js Show response
ew.com/dist/ 345 KB
108 KB 80ms
80ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

692384c5caa953b20c55670f00cf72474607c3e6543b9e6d4a45a4428ed3dac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:31:20 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4604212
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: e4w2myrcfnpkt4T-N-Rz--7kyyv8zuKa-l9AN2Ft29VVcnm7w6kwog==

GET
H2 200 challenge.ajax Show response
api-secure.solvemedia.com/papi/ 1 KB
1 KB 347ms
113ms Script
text/javascript 18.118.94.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-secure.solvemedia.com/papi/challenge.ajax
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.118.94.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-118-94-142.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 9eda50baf50702acd269bd72781f9d7dc8d581ef218e4d4d8418b146f527766c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 16:50:06 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-ac-origin: aws-us-east-2-prod-213
cache-control: public,max-age=86400
expires: Tue, 25 Oct 2022 13:28:12 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 106ms
50ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 20 Oct 2022 18:24:26 GMT
server: cloudflare
etag: 0x8DAB2C851B5BAE7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14e3730f-b01e-0162-12bc-e4d96b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30de58858b903-AMS

GET
H2 200 karma_ddm.ew.com.js Show response
karma.mdpcdn.com/service/js-min/ 364 KB
113 KB 135ms
31ms Script
application/javascript 2600:9000:21f3:3800:d:2820:3bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:3800:d:2820:3bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f643f4801d0360ee16a3cd307fc0c88c8f4eae62e54fa84d942094990344723d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: M9sBJv4QT.VXD4uHNFxPf1C46p3VJt.Q
content-encoding: gzip
via: 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 13:27:28 GMT
last-modified: Mon, 01 Aug 2022 19:56:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 47
etag: W/"277d3501eab66191ebe3781c70f2a2cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: yxyS5Eez5TLrIB__eK3tXm2B3CCvNoa3sfS25iYtiFY7lvmVlzMq1w==

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/ 96 KB
26 KB 123ms
40ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 853e3e3165665581b0eaad91625d68bcc1dfa6211679931488cc958ed6f95845

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: gtUcc.11Uglwgyjs2zSKhOkAa0a3oJGT
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 13:27:59 GMT
x-amz-cf-pop: FRA56-P5
age: 39
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 16:19:44 GMT
server: AmazonS3
etag: W/"810268d8816043ece02c2344fec078ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: jMkOseJ4r1whJMSEGBFLhS5KLFuk5cmYs-67z-R2QQH6zcTL0B3rkA==

GET
H2 200 OriginalSans-Three.woff2
ew.com/font/ 41 KB
42 KB 34ms
34ms Font
font/woff2 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/OriginalSans-Three.woff2?397-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

d5238399eec84b85c1eec58f82de8e989eed128839d4ada23bd908eb554c2bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 22:24:11 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 5756641
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 41968
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: rbaK7dxcNijGV9OlqqifHFaCL4OqKMln7CTEv0H-3zqrBipRFpUz_g==

GET
H2 200 CaslonDoric-Semibold.woff2
ew.com/font/ 34 KB
34 KB 37ms
36ms Font
font/woff2 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/CaslonDoric-Semibold.woff2?397-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

4f90198e0054450e2f21f7ad14ee10874ef81a3bdb3685426ea131d2cd5244a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 22:24:11 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 5756641
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 34708
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: 7Yhjtk1Qd1nzoZqoNPqcE0G2uqhq0-2vHv3jqQvfLPTp5PErQcQuzQ==

GET
H2 200 CaslonDoric-Regular.woff2
ew.com/font/ 48 KB
48 KB 39ms
39ms Font
font/woff2 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/CaslonDoric-Regular.woff2?397-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

5db23c1f4bb294496df9184dffd00fe2921b4e01934dbe523f771b56d1a1ec03

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 23:26:08 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 3938523
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 49028
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: cMhbmaCf5M2ksdhOfHOVPjjMqdD2CkLNhS_OhkNLNmULGbQSTXas-A==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/ 4 KB
2 KB 104ms
55ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8797fae4fe40837339673d3b4ebd78433d1e7e2fda741d645fe6193e3737eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /7aDFH2gMekXrtURasWeUA==
age: 1108
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1580
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jun 2022 12:31:18 GMT
server: cloudflare
etag: 0x8DA43CAA0AA5BD0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 26eb9873-e01e-0135-1fb3-7530e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30de63cecb8e4-AMS
expires: Mon, 24 Oct 2022 17:28:12 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/BON3FBilt68aKr0pgANaJJW6i49R33qn/ 11 KB
3 KB 95ms
31ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/BON3FBilt68aKr0pgANaJJW6i49R33qn/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63223cca51e225179d3ee1c0baa03fdbfa8b4d0c936adf08d2a46bf3121ea2b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: MNRmlDCErxCItpy_CNSP4FGzNkzzH_Oc
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 12:58:19 GMT
x-amz-cf-pop: FRA56-P5
age: 10072
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Jun 2022 07:40:05 GMT
server: AmazonS3
etag: W/"1594be347427d11f6c425292a7aae610"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: U2BgED0oFVmNJsaOjge4KTyDspl0uYFrx0tdTJf7TMsVCLGUnQHhKw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 133ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dec7f0e8d1ed8dfa109b43fddbba69bfcc2a4bb15d084e399b47a6309daf2c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27340
x-xss-protection: 0
server: sffe
etag: "1373 / 83 of 1000 / last-modified: 1666609596"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Oct 2022 13:28:12 GMT

GET
H2 200 segments Show response
d30qdagvt44524.cloudfront.net/production/ 15 B
360 B 360ms
278ms Script
text/javascript 2600:9000:2250:3400:19:bcbe:a700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=1496f8f8-e37d-43f3-a498-6bc7cd89c029
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3400:19:bcbe:a700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
via: 1.1 2a6277094357eb47f8dbeacb06ed96c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amzn-trace-id: Root=1-635692ec-0a5e52c959d4335f1f631729;Sampled=0
x-amzn-requestid: e14f7ec3-ff4c-4ffa-aab2-c1828e99e632
x-cache: Miss from cloudfront
content-type: text/javascript
x-amz-apigw-id: agvlBELzIAMFYmw=
content-length: 15
x-amz-cf-id: yb8kage9rkijFCm-R7WxmHeO74xj1dfAx5LMbW8vNDgjSbiVGJLKNQ==

GET
H2 200 184003-52190608802424.js Show response
js-sec.indexww.com/ht/p/ 39 KB
13 KB 120ms
54ms Script
text/javascript 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5800f312944709b8d8e2e638a4c64704be610892c2fd06e962ac74b222615e19

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 24 Oct 2022 13:26:40 GMT
server: cloudflare
age: 55
etag: W/"da22bd-9a4c-5ebc7bde17a9e"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 75f30de6f9f5b873-AMS
expires: Mon, 24 Oct 2022 17:28:12 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 177 KB
44 KB 325ms
40ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: karma.mdpcdn.com
URL: https://karma.mdpcdn.com/service/js-min/karma_ddm.ew.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:04:47 GMT
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 16:04:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1406
x-amz-server-side-encryption: AES256
etag: W/"325ba14a3555ca64958500cbd00f9a35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: x6VsdQox7Z1bv7TYwQwRZ4XZ6huzTyY3NuiGkr1S5VBV5yGj6U5PLA==

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
462 B 156ms
42ms Image
image/gif 2600:9000:2134:bc00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-1&v=l1.0.21&type=karma&globalTI_SID=1496f8f8-e37d-43f3-a498-6bc7cd89c029&request_id=8f0638fa-ea0d-46a3-9686-8b49004d06fd&url=https%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3D.net%2520B.V%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3DNL%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff&host=ew.com&ua=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F106.0.5249.119%20safari%2F537.36&muuid_origin=ew.com
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:bc00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 23:31:21 GMT
via: 1.1 f9ae7a7192e585fdba11578d564e8642.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 50212
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 0_1PPpUDbiNbsQcTEdN469c929aeUmM4JCSb0Rm3p-59sEgLg-NjBg==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 57 B
296 B 95ms
43ms XHR
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcc92858efa2f711fda0524cd2370285ade0c8fbdd848e72884ae7641f45e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 75f30de6e84cb8a8-AMS
access-control-allow-headers: Content-Type

GET
H2 200 _puzzle.js Show response
api-secure.solvemedia.com/papi/ 71 KB
22 KB 117ms
117ms Script
text/javascript 18.118.94.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-secure.solvemedia.com/papi/_puzzle.js
Requested by: Host: api-secure.solvemedia.com
URL: https://api-secure.solvemedia.com/papi/challenge.ajax
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.118.94.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-118-94-142.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3 /
Resource Hash: 9a465a0d8fee48c7dd5e411da67dce647f0d7eddba77446afd18a0c9ef0797ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 10:41:02 GMT
server: Apache/2.4.46 () mod_apreq2-20090110/2.8.0 mod_perl/2.0.11 Perl/v5.16.3
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-ac-origin: aws-us-east-2-prod-57
cache-control: public,max-age=86400
expires: Tue, 25 Oct 2022 13:28:12 GMT

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 34ms
33ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:12:15 GMT
x-amz-version-id: _YN065FwCKbOto8fr1.lkwWj0CeZKJYu
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 562558
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 16 Oct 2022 16:45:31 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 5IljhXAgzOzG8IevldBWrqI_twi-yQYhSgBs84ArM39_Ch1lVZs0KQ==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 34ms
34ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:12:31 GMT
x-amz-version-id: 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4605342
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:47:48 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 6vWSxgoFdxhW05STIHCikNdv8jM7A6JbGVxsKaUMVO98TMORkmDh7w==

GET
H2 200 / Show response
ew.com/hermes/ 0
807 B 63ms
62ms XHR
text/plain 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ew.com/hermes/?keys=globalTI_SID,muuid_date,last_request_id,visit_ts,previous_ts,first_request_id,pageview_count,hid,muuid_origin&domains=all
Requested by: Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
vary: Origin
access-control-allow-methods: GET,HEAD
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
content-length: 0
x-amz-cf-id: Yh0kQ0L2HFZzP38xJ4qwga4pUCE4X8UbQW8HG8z50Vn75IXeV-SA_Q==

GET
H2 200 202-4d550aac1780ed64c404-hash.js Show response
ew.com/dist/ 16 KB
6 KB 32ms
32ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/202-4d550aac1780ed64c404-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

fc763923d8c7edb99b36e4d6659e9bf564a9b56e4192d40539e503d60646b846

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 07:16:28 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4860704
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: K7PhWJMk_eot_uMqW3rFqw1cx9HYnJV2FA6s_PWkG5CLcdUpiORagw==

GET
H2 200 8945-5f1737a00ddfe4408eba-hash.js Show response
ew.com/dist/ 6 KB
3 KB 33ms
32ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/8945-5f1737a00ddfe4408eba-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

1e77a69610c8f78d88dab562ce5f657d71c733275b0a9af2e3b657c0bd213659

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 00:41:50 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5575582
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: 6_lpd_fsJwPkxKFT_W94WfAI4NiGVZFFAxoyKIHQWtO8-bKmeV65UA==

GET
H2 200 8965-a48a552f8f98a538671d-hash.js Show response
ew.com/dist/ 10 KB
4 KB 36ms
34ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/8965-a48a552f8f98a538671d-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

114306c66758a3ca534c75eaee5210d1edd376c076137891d0b8ddfd71684a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 06:51:16 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 2356616
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: P8qHilaOzeNBm1XzAF32ytz0OWLCx1ZZ-GbzIhbGZWVxTcqHxpo7Rw==

GET
H2 200 1544-de618d8d004f3c470030-hash.js Show response
ew.com/dist/ 6 KB
3 KB 40ms
38ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/1544-de618d8d004f3c470030-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

75d34a1f8409b546b7ab67c18bbe05e161f9e5c022b1b8390d445e39863b6239

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:18:07 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5645405
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: idiXyGjoGr0lZW7sLhTWpJQn-1IgYDTF8z0eXNScw4IYIxs19Dxtdg==

GET
H2 200 7730-217120899c31c350f4e2-hash.js Show response
ew.com/dist/ 10 KB
4 KB 37ms
36ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/7730-217120899c31c350f4e2-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

08f258a4d50a437e6ffbe0fa9e42422e207379212d3a5b29698f0e69f4714371

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 04:34:35 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 3920017
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: xUGymNMzGMmk_IlNbAFSXBYxiZ3bfrRptZ8bdtHZIYmG0bqzWQBDWw==

GET
H2 200 6604-cb77cdcd60cc54e3c9ec-hash.js Show response
ew.com/dist/ 9 KB
4 KB 38ms
36ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/6604-cb77cdcd60cc54e3c9ec-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b235f1c6a589e6558664e65060bd99de7195bae81b0808f79527e9703f7485d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 02:39:19 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4186133
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: jFexqCMTmv_VT7TMvvDO3Kl_414a41amRVHlpBw_PtReWQZdxPkkXQ==

GET
H2 200 9663-fd62c9986066d6e9e14d-hash.js Show response
ew.com/dist/ 16 KB
5 KB 38ms
37ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/9663-fd62c9986066d6e9e14d-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b3289ad96fd9491e2deb99e555cb76d8d520a25478eefde9c2d94e34b1cb36cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:59:01 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4786151
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: hkacLsliOkmFdwSNBvXAD5VbtLcQP6L-cI7QCfxNK4ij_wrraUH39Q==

GET
H2 200 2186-bc59d161efd2fc04dafe-hash.js Show response
ew.com/dist/ 13 KB
5 KB 36ms
35ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/2186-bc59d161efd2fc04dafe-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

93c69fc6d85feecb4ea6a895b1b3ae1e5bfab00969a1f85b2a8f6b7cd3e07bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 06:53:18 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 3738894
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: n6jsBdOlL9BerlVjaaLe5NBPbuFLL6EABDTmR02ltvyl6dJ4Hg3N6A==

GET
H2 200 297-05e691da64d2c3e4ee4e-hash.js Show response
ew.com/dist/ 9 KB
3 KB 36ms
36ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/297-05e691da64d2c3e4ee4e-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

69402eeeadfc8fdbc9151101dfa27e96b118a9e5b5398e2124bf59b2f3eca998

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 00:58:56 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5401756
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: GOlwwawrzQErcKDfx0R5EZkNAmCXfuPSIBGXSj24kGxamTmAp-YncA==

GET
H2 200 5142-805e9d3f67bc840c005f-hash.js Show response
ew.com/dist/ 10 KB
3 KB 67ms
67ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/5142-805e9d3f67bc840c005f-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b5105cfe5696fa36289c02eb67838b1f75992d6d8d143596ff0ee3938e3ed351

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 06:51:16 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 2356616
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: hS709lzzfHp6oDuRPAP9Uj1-545PG6YtmWYvIUfyrVsUK7Q3miAP0Q==

GET
H2 200 5952-5c5b60fa1d4a3d3e9372-hash.js Show response
ew.com/dist/ 8 KB
3 KB 62ms
61ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/5952-5c5b60fa1d4a3d3e9372-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

87aa050ee6e245eb1fecf5a935d368fbbdfb82307ecf671843750e11107ab38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 19:54:45 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 149607
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: jmo7jxkcgW3vY3s35JpHvI6hboM5jEAoekRy7K2AD0k9NO3JJsi2Xg==

GET
H2 200 9669-0a8fbc3ac40c747d2b70-hash.js Show response
ew.com/dist/ 20 KB
7 KB 57ms
56ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/9669-0a8fbc3ac40c747d2b70-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

4b89dd9becf14fdc796aa4720eef9413c016f8f756cde4861216e9a68d3914e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:41:03 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5467629
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: lGLymbqdYU9gBontJQIzJVzInyXSrXefbVVA439fbNXAD5Cq5Er9lA==

GET
H2 200 569-d7e258fc211b8a9ef1cb-hash.js Show response
ew.com/dist/ 56 KB
17 KB 57ms
57ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/569-d7e258fc211b8a9ef1cb-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

03c3fbe2422a478e1e82c13f0f7d2f9421f78cee98d09309eb548e7b19989822

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 06:13:31 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 2531681
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: FpBtIUjWzegWdhMHvuuaJbY-bD7zxKipxoocraA9InEisfhSZMel_A==

GET
H2 200 679-25098face528b3c10d90-hash.js Show response
ew.com/dist/ 25 KB
10 KB 58ms
57ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/679-25098face528b3c10d90-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

a1f867ca74476f6df9daecea9e0c3d107500a4e2b1a8f1b3fe5b637fe064d736

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 02:24:57 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4014195
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: iqdW85YNEOYoEZ-ZTfNRcfJtn1JihhdYSwfjt1knPa4m9oaSLOuNew==

GET
H2 200 5164-28c694c8191d62d7b696-hash.js Show response
ew.com/dist/ 10 KB
4 KB 346ms
346ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/5164-28c694c8191d62d7b696-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

29f39d3884535444de589de426ed818ee4b8f714afc379bc1c83a7815890c28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: SFebi_rlLvG1z1sowbC5EorsbifSEZ-7zsgeAPABe8mTCyunFQ9opQ==

GET
H2 200 9367-49f32231d11ccd888b64-hash.js Show response
ew.com/dist/ 60 KB
17 KB 58ms
58ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/9367-49f32231d11ccd888b64-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

d4849e71a62ec779b431dd66d0aff8c11d176632209b1ce638aa24804bda6b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 12:24:39 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5533413
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: zrrBdGWQ9bMQ0nYPSjMPo7nr8pqm2uGcGExxZM04MTFydzqkMs02lw==

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

69ms
33ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H3
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:41:36 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Mon, 24 Oct 2022 13:28:12 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: rva
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 101ms
31ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

576eab8342c172253576e034b20f276b2e4a5f0ba50174da545d8477a28ec92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 13:28:12 GMT
content-md5: 8eOHf2rSCbm+vYnTFNhq7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: p5JejgGsjyAKWHqDFhDursqXBqU0swnQls6Zo0T0kwVKFXznF0/O2bxA5SsI0SjgDv+ZMFFOp48SjjeKzlblrw==
x-fb-trip-id: 2050670934
x-fb-content-md5: f561e8ad7fd52df355570141532316ad
cross-origin-opener-policy: same-origin-allow-popups
etag: "4052eb1b3792715b7e719d056cc3026e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 24 Oct 2022 13:39:02 GMT

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 35ms
35ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:13:51 GMT
x-amz-version-id: Av4L57knpBWVXQ2LY3wI0QazLgotJtGS
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2952862
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 04:11:19 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: PN07Ozgcfrxt8kfsBWm68TAF8FVDpiJ0JWbH0HqH-AEB9wp27NbKpg==

GET
H2 200 generic-image.svg
ew.com/img/icons/ 3 KB
2 KB 32ms
32ms Image
image/svg+xml 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ew.com/img/icons/generic-image.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

cac3fc0dd2d787dd4eb7496d2d0ce7658a075fcb00df6ff96d2919de879242f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:31:39 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 5205393
x-powered-by: Element
x-cache: Hit from cloudfront
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: image/svg+xml
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: wMmz9m0cEIwOz43BH4JQa8ykhDpPm81HqC_bccGDxrcBsucmVvEOfw==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 83 KB
83 KB 168ms
49ms Image
image/webp 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Fstatic.onecms.io%2Fwp-content%2Fuploads%2F2022%2F06%2F27%2F1244x830_EW_10k.jpg&w=640&h=428&c=sc&poi=face&q=60
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-42.fra2.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 8b74956ca7e0a2f410441a1e089501b81001adcec511bbd063726355735d8829

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 12:40:17 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified: Mon, 05 Sep 2022 12:40:17 GMT
server: nginx/1.18.0
x-amz-cf-pop: FRA2-C1
age: 4236475
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-amz-cf-id: u--js1GY5LxLMowRv2wHJlOYDldRJLj0VU9_BdCqLhM_xBA6ktfY1g==

GET
H2 200 image
imagesvc.meredithcorp.io/v3/mm/ 5 KB
6 KB 209ms
90ms Image
image/webp 13.224.189.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesvc.meredithcorp.io/v3/mm/image?url=https%3A%2F%2Few.com%2Fimg%2Fmisc%2F300x250_magazines_and_more.jpg&w=1200&c=sc&poi=face&q=60
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-42.fra2.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 798465a34d0c635ecee8755fc95d01445b36388f348b6500d893bca788f3d76b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 00:13:03 GMT
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 00:13:03 GMT
server: nginx/1.18.0
x-amz-cf-pop: FRA2-C1
age: 4108509
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
x-img-msg: PROCESSED
x-amz-cf-id: XIR58WrwZW3QIMSWaczD_cs5P188KRBN_D9chkFrW8l0ZeUR9ULoCA==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ 334 KB
79 KB 38ms
37ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D263R6OySncrpIc5uRH3nQ==
age: 10925
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 80955
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:24 GMT
server: cloudflare
etag: 0x8DA032EC5D12B02
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5060c5b9-801e-00c4-4dd6-49a720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30de73b7bb903-AMS

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 36ms
34ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:23:42 GMT
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-version-id: i7V8adpJC0v_FV6MGqES_PT759Yi.CDp
x-amz-cf-pop: FRA56-P5
age: 306271
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Res1IllAeiUAgjHZ9VMv1uG41nw872XNXVgkoH-8nAS_GVzDi88O8w==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 35ms
35ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:21:09 GMT
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-version-id: Y4lwW_1LqKmsCq_EX8EGKACwF5NkY9as
x-amz-cf-pop: FRA56-P5
age: 306424
x-cache: Hit from cloudfront
content-length: 1342
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "a1bed0458702cf863f2d24fb1b9d39ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: HhDIfZa5DeMG8O-SUUKBzE6pp6k6YU-I18ffZSNxaZpH-zMzlqyQcA==

GET
H2 404 sitewide-alert Show response
ew.com/element-api/content-proxy/ 38 B
739 B 175ms
175ms XHR
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/element-api/content-proxy/sitewide-alert

Requested by

Host: ew.com
URL: https://ew.com/dist/9669-0a8fbc3ac40c747d2b70-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b880bdfc7942ffe0e1546034cae16173a713d476c2fcb79cba3ca24c107da3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
x-cache: Error from cloudfront
content-length: 38
server: nginx
etag: W/"26-ELlU8zCQImGVufNufBwxhxLCesI"
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: application/json; charset=utf-8
cache-control: max-age=30
x-amz-cf-id: 9TQWvqn6D0eFX5MEkLsgMr0GgoXrlt-aefVkRiktqda2T5EsBDzPjw==

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
160 B 337ms
123ms XHR
application/json 34.202.126.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=MEREDITH&sv_domain=ew.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.126.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-126-101.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://ew.com
date: Mon, 24 Oct 2022 13:28:12 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
353 B 89ms
32ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ew.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
383 B 132ms
41ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=184003
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 0b2183f02f84c6281e1e2896a63c493f6a3aaa4866ff0025b5d8586d2e969248

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ew.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 23 Nov 2022 13:28:12 GMT

GET
H2 200 pubads_impl_2022101801.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
128 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130840
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 08:35:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 24 Oct 2023 12:26:11 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 158 B
129 B 102ms
38ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2649c2a5ef42a8cc56ff03a5f17d3d642388660ef8d7a6c79834f206f96b3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
expires: Mon, 24 Oct 2022 13:28:12 GMT

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 36ms
36ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:22:27 GMT
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-version-id: Z.cz1sApkVz0CAwS1aXBsP5bZXvNz24o
x-amz-cf-pop: FRA56-P5
age: 306345
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 19 Sep 2022 21:38:18 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: Y-n2xS5jMs-1bO0n-WahQn_D1DJfnsDgghHgH8MbGZbMRuITkGSKWQ==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/ 147 KB
25 KB 30ms
29ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

230422a2e2eef83e45145ccbc9e05c1e7cdd17e82996f0f4e53221aa507a8c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0xDjMQEsPXSzY73qWaIkGQ==
age: 12018
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 25619
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jun 2022 12:31:24 GMT
server: cloudflare
etag: 0x8DA43CAA483D742
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49965116-401e-00f0-31b3-750888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30de7c887b8e4-AMS
expires: Mon, 24 Oct 2022 17:28:12 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 300 KB
85 KB 70ms
33ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4659b8f3fd3ffd50136481ebab1a6f01

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78cab04412f03b24b3f1ad530dd87de65a933811fb2655501c75b56f5027aa61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ew.com/
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 13:28:12 GMT
content-md5: ZLMEDtG+aYa51PWFg3S5zw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86930
x-fb-rlafr: 0
x-fb-debug: Q7VtWlPIDZHK4wCzavdB0MO2GWLoySl6uMHxYA7/xVXR8Nevo0UcRWkqLaJUCiREsYvcjdbrwpCb3fmJkyiyiA==
x-fb-content-md5: 2a3ad8b3e513baa923738f2dd5fd66aa
cross-origin-opener-policy: same-origin-allow-popups
etag: "b02d4d2b4c64bc88cd0bba61d086532d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Oct 2023 12:47:38 GMT

GET
H2 200 bLayout-en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/ 14 KB
3 KB 48ms
47ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/bLayout-en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9ec2b98112ac47caa74a7621bbd86d9762e56db69cf101ccc9a61d335619c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 673
content-length: 2877
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jun 2022 12:31:28 GMT
server: cloudflare
etag: 0x8DA43CAA6BB4F17
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6d522e79-801e-0148-3db3-75ac2e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30de82946b8e4-AMS
expires: Mon, 24 Oct 2022 17:28:12 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 58 KB
14 KB 46ms
46ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e02bee0e07e55b5375ce1666aedda58acaa6adc8d86dcefbe8e7c491bf0e7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bHuEGwmXEYacCHzgWFGP/Q==
age: 673
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC0130DE3
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4f2bba04-601e-0020-500c-49b42a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30de82948b8e4-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ 21 KB
4 KB 45ms
45ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2HSefDmVwJneRQMu6SXIPw==
age: 1831
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e15f8e89-f01e-00cb-1e0c-494ad6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 75f30de8294ab8e4-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 436 KB
128 KB 201ms
63ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WRQQSDX&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f7ff6bdf4c7d06881fe8feb6e2779ddd87a168380ea85416841e8951961be10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130298
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Oct 2022 13:28:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 104ms
30ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 13:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1574
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 24 Oct 2022 15:01:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 216ms
56ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
58ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ew.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
578 B 360ms
359ms XHR
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4200954722390873&correlator=1003778636655443&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&npa=1&iu_parts=3865%2Cddm.ew.com%2Ctier1%2Cother%2Csweepstakes&enc_prev_ius=0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4%2C0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%2C1x1%2C1x1&ifi=1&adks=3845887823%2C767605316%2C3898551325&sfv=1-0-38&ists=3&prev_scp=slot%3Dleaderboard-flex-1%26refreshType%3Dhard%7Cslot%3Dinterstitial%26refreshType%3Dhard%7Cslot%3Dwallpaper%26refreshType%3Dhard&eri=1&cust_params=path%3Dsweepstakes%252Centry%252Csplash-into-cash-10000-sweepstakes%252C29636431%26channel%3Dsweepstakes%26ctype%3DsweepEntry%26type%3Dother%26tags%3D%26id%3Dc26e04cf-e808-4fd7-8438-fbb453e1d353%26abTest%3Dmdextest%26concepts%3D%26taxons%3D%26mtax%3D%26pv%3D1%26otabc%3D0%26npa%3D1%26otgeo%3D1%26muid%3D1496f8f8-e37d-43f3-a498-6bc7cd89c029%26mrid%3D8f0638fa-ea0d-46a3-9686-8b49004d06fd%26dockedleaderboard%3Dfalse%26dockedrail%3Dtrue&ppid=1496f8f8-e37d-43f3-a498-6bc7cd89c029&sc=1&cookie_enabled=1&abxe=1&dt=1666618092898&lmt=1666618092&dlt=1666618092183&idt=650&adxs=436%2C0%2C0&adys=16%2C1725%2C1725&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3D.net%2520B.V%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3DNL%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff&frm=20&vis=1&psz=1600x106%7C1600x1724%7C1600x1724&msz=1600x90%7C1600x0%7C1600x0&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=1227075284.1666618093&ga_sid=1666618093&ga_hid=1156108048&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d08f2566d66843fc4933a46a7b4e479befb4a8f81dc4a40e0e27c5c3ae914220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 548
x-xss-protection: 0
google-lineitem-id: -2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1D5C 6 KB
4 KB 130ms
42ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 13:28:13 GMT
expires: Tue, 24 Oct 2023 13:28:13 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
167 B 516ms
169ms Fetch
application/json 44.241.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.21.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-21-8.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ew.com
date: Mon, 24 Oct 2022 13:28:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
166 B 512ms
170ms Fetch
application/json 44.241.21.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/t

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.21.8 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-21-8.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ew.com
date: Mon, 24 Oct 2022 13:28:13 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gpc.min.js Show response
ddrvjrfwnij7n.cloudfront.net/js/gpc/ 6 KB
6 KB 125ms
32ms Script
application/javascript 13.224.189.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by: Host: ew.com
URL: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 24 Oct 2022 08:03:01 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Sep 2021 17:12:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 19514
ETag: "0595aed5727019b05fd2c207a5b462bf"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
X-Amz-Cf-Id: N21WQ16nC0sinqQ7Z8NtqueKkW43tjVLmMkjbNC2LNs53e5A38RZ6A==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 35ms
35ms XHR
text/plain 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3446&u=https%3A%2F%2Few.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 11:18:51 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 7762
x-cache: Hit from cloudfront
access-control-allow-origin: https://ew.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 38a9U6OIIxgqrMmXWC-8GdPszepNDGx13G1cPXt9KDgyWdDR4Sxt4Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 92ms
30ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: GByBGE9Pk5QvO6waz.2OH5fe1oGEkMED
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date: Sun, 23 Oct 2022 19:58:39 GMT
x-amz-cf-pop: FRA2-C1
age: 62975
x-cache: Hit from cloudfront
last-modified: Fri, 21 Oct 2022 19:58:26 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: sd9FegqiXv7vzYeM7zQLoid_wJNFBEsQpoSt7Q_enTb1GECjaPpIsg==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
525 B 118ms
38ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3447a2bf760509a1118868e2eeda668f002a58b1cddceb4ad168931cbce1afb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ew.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

GET
H2 200 quick-signup Show response
ew.com/account/ Frame 387C 59 KB
16 KB 320ms
320ms Document
text/html 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

22074ac2a162ea1f54279ee8b9a587eea38d8c7d8f6dabee136003b61f897a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%20B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=30
content-encoding: gzip
content-security-policy-report-only: default-src 'self' https: wss: data: blob: none: gsa: 'unsafe-inline' 'unsafe-eval'; report-uri https://csp-endpoint.timeinc.net/
content-type: text/html; charset=utf-8
date: Mon, 24 Oct 2022 13:28:13 GMT
etag: W/"ecec-KfviA2SyACn+zCXvfmrcl8HYTg8"
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
server: nginx
strict-transport-security: max-age=86400; preload
vary: Accept-Encoding
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-id: YSYwxipzdLish4Pp54xjZ3oeB0nowBhedomdgyg7pr-vi_nHzXMOOg==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-powered-by: Element

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
212 B 251ms
62ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=830104&u=https%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3D.net%2520B.V%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3DNL%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/184003-52190608802424.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 13:28:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: https://ew.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 75f30deaba48b902-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.nl/v1/ 3 B
454 B 155ms
39ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.nl/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ew.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 102ms
40ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1156108048&t=pageview&_s=1&dl=https%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3d.net%2520b.v%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3Dnl%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff&dp=%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F&ul=en-us&de=UTF-8&dt=splash%20into%20cash%20%2410%2C000%20sweepstakes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAhAAEABAAQCgCgCIAB~&jid=524260687&gjid=1996182976&cid=1227075284.1666618093&tid=UA-97981691-4&_gid=439852477.1666618093&_r=1&_slc=1&cd7=own&cd8=sweepstakes-entry-page&cd9=front%20end&cd10=ew.com&cd12=daily&cd25=29636431&cd36=splash%20into%20cash%20%2410%2C000%20sweepstakes&cd44=0&cd74=sweepstakes&cd75=false&cd90=8f0638fa-ea0d-46a3-9686-8b49004d06fd&cd92=1666618092605&cd93=cms%2Fonecms_posts_ew_29636431&cd99=c26e04cf-e808-4fd7-8438-fbb453e1d353&cd100=freestuff&cd67=1496f8f8-e37d-43f3-a498-6bc7cd89c029&z=1861592982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 13:28:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style-bbc5513b2fb4e876c869-hash.css
ew.com/dist/ Frame 387C 1 MB
159 KB 35ms
34ms Stylesheet
text/css 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Requested by

Host: ew.com
URL: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

3ff8cb6382d944a439a78047f144e671c607f77da36a63837d028557df63848f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 07:34:01 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 2440452
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: mP6oeE7ZhQWvTWW0XlKZCFogPhi-2IJj_nJletGaafd5OJGHiDVL8A==

GET
H2 200 main-d80180da1df05d3951bb-hash.js Show response
ew.com/dist/ Frame 387C 345 KB
108 KB 35ms
34ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

692384c5caa953b20c55670f00cf72474607c3e6543b9e6d4a45a4428ed3dac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:31:20 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4604213
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: gmJ_e4WhH5XaRNp47gh2auk0rPmqHzpbhChV9xhptOet2ypfoihpYA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 120ms
35ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97981691-4&cid=1227075284.1666618093&jid=524260687&gjid=1996182976&_gid=439852477.1666618093&_u=aAhAAEAAAAQCgCgCIAB~&z=1733148700

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Oct 2022 13:28:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ Frame 387C 21 KB
7 KB 47ms
47ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: e0VkrpV+7zqDAjQ/RMXPsw==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 7151
x-ms-lease-status: unlocked
last-modified: Thu, 20 Oct 2022 18:24:26 GMT
server: cloudflare
etag: 0x8DAB2C851B5BAE7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 14e3730f-b01e-0162-12bc-e4d96b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30dec2c93b903-AMS

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/ Frame 387C 96 KB
26 KB 37ms
37ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Requested by: Host: ew.com
URL: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 853e3e3165665581b0eaad91625d68bcc1dfa6211679931488cc958ed6f95845

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: gtUcc.11Uglwgyjs2zSKhOkAa0a3oJGT
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 13:27:59 GMT
x-amz-cf-pop: FRA56-P5
age: 40
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Oct 2022 16:19:44 GMT
server: AmazonS3
etag: W/"810268d8816043ece02c2344fec078ae"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: 8RrHw0v6vsqlw_ujEsqNRgC0cZkuxCrd3aRTQ1SOUDJU8DdlaPThtQ==

GET
H2 200 CaslonDoric-Semibold.woff2
ew.com/font/ Frame 387C 34 KB
34 KB 44ms
43ms Font
font/woff2 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/CaslonDoric-Semibold.woff2?397-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

4f90198e0054450e2f21f7ad14ee10874ef81a3bdb3685426ea131d2cd5244a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 22:24:11 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 5756642
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 34708
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: JUhpcb4nQihQeF3b8TM_W-plsRugNlfPrR8ZmufYxGKc56z5Dw1zbw==

GET
H2 200 CaslonDoric-Regular.woff2
ew.com/font/ Frame 387C 48 KB
48 KB 38ms
37ms Font
font/woff2 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/CaslonDoric-Regular.woff2?397-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

5db23c1f4bb294496df9184dffd00fe2921b4e01934dbe523f771b56d1a1ec03

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 23:26:08 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 3938524
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 49028
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: wBtcg3Umk3azb7pfwnhhnU3ZkW6kkmyheZgjpYa2pz83CnXjjsQ8eA==

GET
H2 200 OriginalSans-Three.woff2
ew.com/font/ Frame 387C 41 KB
42 KB 45ms
45ms Font
font/woff2 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/font/OriginalSans-Three.woff2?397-hash

Requested by

Host: ew.com
URL: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

d5238399eec84b85c1eec58f82de8e989eed128839d4ada23bd908eb554c2bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

Referer: https://ew.com/dist/style-bbc5513b2fb4e876c869-hash.css
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 18 Aug 2022 22:24:11 GMT
strict-transport-security: max-age=86400; preload
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-amz-cf-pop: FRA2-C2
age: 5756642
x-powered-by: Element
x-cache: Hit from cloudfront
content-length: 41968
last-modified: Wed, 17 Aug 2022 17:16:35 GMT
server: nginx
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
content-type: font/woff2
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: qLKJZ5A-0dNoHey-B3zfSquwszFqkrbBJn2v87LLzLyE7AjJFTtSPw==

GET
H2 200 202-4d550aac1780ed64c404-hash.js Show response
ew.com/dist/ Frame 387C 16 KB
6 KB 44ms
39ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/202-4d550aac1780ed64c404-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

fc763923d8c7edb99b36e4d6659e9bf564a9b56e4192d40539e503d60646b846

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 07:16:28 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4860705
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: TAa2Doo3y3OtSuZosA5e3D_h2fUPrCJckOuVi01ZYe-NuSXxY3c2KA==

GET
H2 200 8945-5f1737a00ddfe4408eba-hash.js Show response
ew.com/dist/ Frame 387C 6 KB
3 KB 42ms
37ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/8945-5f1737a00ddfe4408eba-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

1e77a69610c8f78d88dab562ce5f657d71c733275b0a9af2e3b657c0bd213659

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 00:41:50 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5575583
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: bj1VNfbvXFvAtvD0VE0MXpXYnDlsPWwaRGp74pDbhHi8aM0G5aFO4A==

GET
H2 200 8965-a48a552f8f98a538671d-hash.js Show response
ew.com/dist/ Frame 387C 10 KB
4 KB 44ms
40ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/8965-a48a552f8f98a538671d-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

114306c66758a3ca534c75eaee5210d1edd376c076137891d0b8ddfd71684a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 06:51:16 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 2356617
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: f90oT708kHL7H7CbTCkf25pKhSHKr83ni8h1lmAq5xQCMTS-Dm2KYA==

GET
H2 200 1544-de618d8d004f3c470030-hash.js Show response
ew.com/dist/ Frame 387C 6 KB
3 KB 43ms
39ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/1544-de618d8d004f3c470030-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

75d34a1f8409b546b7ab67c18bbe05e161f9e5c022b1b8390d445e39863b6239

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:18:07 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 5645406
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: 7yAjw5WdtF6O8UyhxiSUJo_7KDj0t5kNFjJgGX-eCqXBKzAPxygP5A==

GET
H2 200 7730-217120899c31c350f4e2-hash.js Show response
ew.com/dist/ Frame 387C 10 KB
4 KB 44ms
40ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/7730-217120899c31c350f4e2-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

08f258a4d50a437e6ffbe0fa9e42422e207379212d3a5b29698f0e69f4714371

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 04:34:35 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 3920018
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: JyW0i5MiSqhVfJe1og4HIj5v_TrWb1fupu-VYLrWOdQK59zwsBhpmw==

GET
H2 200 6604-cb77cdcd60cc54e3c9ec-hash.js Show response
ew.com/dist/ Frame 387C 9 KB
4 KB 45ms
41ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/6604-cb77cdcd60cc54e3c9ec-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b235f1c6a589e6558664e65060bd99de7195bae81b0808f79527e9703f7485d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 02:39:19 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4186134
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: am8rWyZBHoHGg_gm3rbVOZjwPWY1zUKM9sBYw9A3DJCYFiumEWEDLw==

GET
H2 200 9663-fd62c9986066d6e9e14d-hash.js Show response
ew.com/dist/ Frame 387C 16 KB
5 KB 42ms
38ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/9663-fd62c9986066d6e9e14d-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

b3289ad96fd9491e2deb99e555cb76d8d520a25478eefde9c2d94e34b1cb36cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:59:01 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 4786152
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: _D60LxaVa9O9SGfica32c9rDVAgeSuq6mnkSou5VIuQSiwdwcO0KsA==

GET
H2 200 2186-bc59d161efd2fc04dafe-hash.js Show response
ew.com/dist/ Frame 387C 13 KB
5 KB 47ms
43ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/2186-bc59d161efd2fc04dafe-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

93c69fc6d85feecb4ea6a895b1b3ae1e5bfab00969a1f85b2a8f6b7cd3e07bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 06:53:18 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 3738895
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: Y2HVGKKX0064W5JEKP5-wlF4RJd0qS1lc3bu6CuQBonlD3eK9V_k0g==

GET
H2 200 5952-5c5b60fa1d4a3d3e9372-hash.js Show response
ew.com/dist/ Frame 387C 8 KB
3 KB 47ms
44ms Script
application/javascript 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/dist/5952-5c5b60fa1d4a3d3e9372-hash.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-93.fra2.r.cloudfront.net

Software

nginx / Element

Resource Hash

87aa050ee6e245eb1fecf5a935d368fbbdfb82307ecf671843750e11107ab38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 19:54:45 GMT
strict-transport-security: max-age=86400; preload
content-encoding: gzip
last-modified: Wed, 17 Aug 2022 17:52:48 GMT
server: nginx
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-powered-by: Element
age: 149608
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=32140800
accept-ranges: bytes
x-amz-cf-id: 88jB6s37r4hYomCR2g2cMiAk40r9obUbgrPKnpNrkauzDdd7un3rXg==

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/ Frame 387C
Redirect Chain

https://platform.instagram.com/en_US/embeds.js
https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

33ms
33ms

Script
text/javascript

2a03:2880:f22d:e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: ew.com
URL: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
Protocol: H3
Server: 2a03:2880:f22d:e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:41:36 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Mon, 24 Oct 2022 13:28:13 GMT
x-ig-origin-region: rva
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 387C 3 KB
2 KB 72ms
31ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ew.com
URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

576eab8342c172253576e034b20f276b2e4a5f0ba50174da545d8477a28ec92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 13:28:13 GMT
content-md5: 8eOHf2rSCbm+vYnTFNhq7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: p5JejgGsjyAKWHqDFhDursqXBqU0swnQls6Zo0T0kwVKFXznF0/O2bxA5SsI0SjgDv+ZMFFOp48SjjeKzlblrw==
x-fb-content-md5: f561e8ad7fd52df355570141532316ad
cross-origin-opener-policy: same-origin-allow-popups
etag: "4052eb1b3792715b7e719d056cc3026e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
priority: u=3,i
expires: Mon, 24 Oct 2022 13:39:02 GMT

GET
H2 200 6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/ Frame 387C 4 KB
2 KB 33ms
33ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8797fae4fe40837339673d3b4ebd78433d1e7e2fda741d645fe6193e3737eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /7aDFH2gMekXrtURasWeUA==
age: 1109
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1580
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jun 2022 12:31:18 GMT
server: cloudflare
etag: 0x8DA43CAA0AA5BD0
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 26eb9873-e01e-0135-1fb3-7530e6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30decb9cbb8e4-AMS
expires: Mon, 24 Oct 2022 17:28:13 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/BON3FBilt68aKr0pgANaJJW6i49R33qn/ Frame 387C 11 KB
3 KB 33ms
32ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/BON3FBilt68aKr0pgANaJJW6i49R33qn/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63223cca51e225179d3ee1c0baa03fdbfa8b4d0c936adf08d2a46bf3121ea2b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: MNRmlDCErxCItpy_CNSP4FGzNkzzH_Oc
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
date: Mon, 24 Oct 2022 12:58:19 GMT
x-amz-cf-pop: FRA56-P5
age: 10073
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 23 Jun 2022 07:40:05 GMT
server: AmazonS3
etag: W/"1594be347427d11f6c425292a7aae610"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: beKo5ivBQG8w7jF_zMsLUFeAyb_QoxhY8tvooMLFA-QJB9QRgXLEYQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 123ms
54ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97981691-4&cid=1227075284.1666618093&jid=524260687&_u=aAhAAEAAAAQCgCgCIAB~&z=722994549

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 13:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
501 B 140ms
71ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97981691-4&cid=1227075284.1666618093&jid=524260687&_u=aAhAAEAAAAQCgCgCIAB~&z=722994549

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 13:28:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ Frame 387C 57 B
153 B 51ms
51ms XHR
application/json 2606:4700:4400::6812:2962
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2962 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcc92858efa2f711fda0524cd2370285ade0c8fbdd848e72884ae7641f45e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 75f30decffedb8a8-AMS
access-control-allow-headers: Content-Type

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ Frame 387C 17 KB
5 KB 34ms
34ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 01:12:15 GMT
x-amz-version-id: _YN065FwCKbOto8fr1.lkwWj0CeZKJYu
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 562559
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sun, 16 Oct 2022 16:45:31 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: M-hCQ2XbTTGab8Uy8iP21Fsxsd_AZIxRl0YnDNMB5fTEyUTcizBj5g==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ Frame 387C 10 KB
4 KB 35ms
35ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:12:31 GMT
x-amz-version-id: 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4605343
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:47:48 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 7cxUlMzKLgvpGyA3q-A8wbbEws2W61R-Rvxin-r-SxwJdpYVNkKDVQ==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame 387C 300 KB
85 KB 33ms
33ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4659b8f3fd3ffd50136481ebab1a6f01

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78cab04412f03b24b3f1ad530dd87de65a933811fb2655501c75b56f5027aa61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ew.com/
Origin: https://ew.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 13:28:13 GMT
content-md5: ZLMEDtG+aYa51PWFg3S5zw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86930
x-fb-rlafr: 0
x-fb-debug: Q7VtWlPIDZHK4wCzavdB0MO2GWLoySl6uMHxYA7/xVXR8Nevo0UcRWkqLaJUCiREsYvcjdbrwpCb3fmJkyiyiA==
x-fb-content-md5: 2a3ad8b3e513baa923738f2dd5fd66aa
cross-origin-opener-policy: same-origin-allow-popups
etag: "b02d4d2b4c64bc88cd0bba61d086532d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Oct 2023 12:47:38 GMT

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ Frame 387C 2 KB
1 KB 33ms
32ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:13:51 GMT
x-amz-version-id: Av4L57knpBWVXQ2LY3wI0QazLgotJtGS
content-encoding: br
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2952863
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 04:11:19 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: YPxjta-MGJtdEW9omBmL5A5iEpTZYMBqSVXqPLtSDAKPj-uXn17HFw==

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.31.0/ Frame 387C 334 KB
79 KB 48ms
48ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: D263R6OySncrpIc5uRH3nQ==
age: 10926
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 80955
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:24 GMT
server: cloudflare
etag: 0x8DA032EC5D12B02
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5060c5b9-801e-00c4-4dd6-49a720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30ded4e73b903-AMS

GET
H2 200 google-analytics.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/ Frame 387C 16 KB
5 KB 34ms
33ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:23:42 GMT
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-version-id: i7V8adpJC0v_FV6MGqES_PT759Yi.CDp
x-amz-cf-pop: FRA56-P5
age: 306272
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Mon, 19 Sep 2022 21:38:20 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: DdvvX-RNT-M8drx-C9OdD9GBJBiNoOIv65aooH46qHtJ4-096Ph3kQ==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/ Frame 387C 147 KB
25 KB 37ms
36ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

230422a2e2eef83e45145ccbc9e05c1e7cdd17e82996f0f4e53221aa507a8c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0xDjMQEsPXSzY73qWaIkGQ==
age: 12019
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 25619
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jun 2022 12:31:24 GMT
server: cloudflare
etag: 0x8DA43CAA483D742
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49965116-401e-00f0-31b3-750888000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30dedab84b8e4-AMS
expires: Mon, 24 Oct 2022 17:28:13 GMT

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ Frame 387C 73 KB
22 KB 36ms
36ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/BON3FBilt68aKr0pgANaJJW6i49R33qn/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:22:27 GMT
content-encoding: gzip
via: 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-version-id: Z.cz1sApkVz0CAwS1aXBsP5bZXvNz24o
x-amz-cf-pop: FRA56-P5
age: 306346
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Mon, 19 Sep 2022 21:38:18 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: AngUaOwrCVx_T4EDAOZOwFgTyZGNnpkdM593guYCyES3p3_OmmXHBA==

GET
H2 200 bLayout-en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/ Frame 387C 14 KB
3 KB 43ms
42ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/8bd97341-64ce-41bf-a03d-aedd57de3b46/bLayout-en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9ec2b98112ac47caa74a7621bbd86d9762e56db69cf101ccc9a61d335619c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 674
content-length: 2877
x-ms-lease-status: unlocked
last-modified: Wed, 01 Jun 2022 12:31:28 GMT
server: cloudflare
etag: 0x8DA43CAA6BB4F17
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6d522e79-801e-0148-3db3-75ac2e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30dee0c15b8e4-AMS
expires: Mon, 24 Oct 2022 17:28:13 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ Frame 387C 58 KB
14 KB 42ms
41ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e02bee0e07e55b5375ce1666aedda58acaa6adc8d86dcefbe8e7c491bf0e7ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bHuEGwmXEYacCHzgWFGP/Q==
age: 674
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14247
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:15 GMT
server: cloudflare
etag: 0x8DA032EC0130DE3
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4f2bba04-601e-0020-500c-49b42a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 75f30dee0c16b8e4-AMS

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.31.0/assets/ Frame 387C 21 KB
4 KB 46ms
46ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.31.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.31.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Oct 2022 13:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: 2HSefDmVwJneRQMu6SXIPw==
age: 1832
x-ms-lease-status: unlocked
last-modified: Fri, 11 Mar 2022 07:14:31 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: e15f8e89-f01e-00cb-1e0c-494ad6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 75f30dee0c18b8e4-AMS

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 387C 49 KB
20 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Oct 2022 13:01:58 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1575
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 24 Oct 2022 15:01:58 GMT

GET
DATA 200
OK truncated
/ Frame 387C 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK gpc.min.js Show response
ddrvjrfwnij7n.cloudfront.net/js/gpc/ Frame 387C 6 KB
6 KB 33ms
32ms Script
application/javascript 13.224.189.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ddrvjrfwnij7n.cloudfront.net/js/gpc/gpc.min.js
Requested by: Host: ew.com
URL: https://ew.com/account/quick-signup?modal=true&type=quick-signup&regsource=oetvvk&frameclass=embed-quiz%20modalessEmbed&originatingSourceId=29636431&originatingSource=sweepstakes
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Mon, 24 Oct 2022 08:03:01 GMT
Via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 Sep 2021 17:12:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C1
Age: 19514
ETag: "0595aed5727019b05fd2c207a5b462bf"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
X-Amz-Cf-Id: lwPtvX4y-do7WzQejeTZELgqmdW6mfYBllN1B_srXhgX7io6zsLPPg==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 120ms
45ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c02a26b3b615cd6a081166458f8e0f7e0f0853dbc2798a85995b45ab87e25e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11338
x-xss-protection: 0

GET
H2 200 M Show response
g.3gl.net/jp/7820/v3.3.0/ Frame 5ED8 31 KB
10 KB 128ms
24ms Script
text/javascript 93.184.220.120
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g.3gl.net/jp/7820/v3.3.0/M
Requested by: Host: 637267.directfvtfwr.com
URL: http://637267.directfvtfwr.com/bdvfrd.dbm?gto=https%3A%2F%2Flogisticstcompany.info%2Flivesrchdashboard%3Fu%3D58966f5b9e9c1eaf6f36c35da242b329%26t%3Dgmail%252Cgmail%252Cgmail%2520app%252Cgmail%2520inbox%252Cgmail%2520login%252Cgmail%2520email%252Cgmail%2520google%252Cgmail%2520login%2520mail%26i%3D-%26s%3DUS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.120 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: d0feb930c9ebf9534850325eb3f984caf5436df06bad09bf6bf05c32b15e9803

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:14 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 13:07:36 GMT
server: ECS (amb/6BA2)
age: 1238
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public
timing-allow-origin: *
content-length: 9861
expires: Mon, 24 Oct 2022 14:28:07 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 32ms
31ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1156108048&t=adtiming&_s=2&dl=https%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3D.net%2520B.V%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3DNL%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff&dp=%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F&ul=en-us&de=UTF-8&dt=splash%20into%20cash%20%2410%2C000%20sweepstakes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2502&pdt=8&dns=9&rrt=536&srt=204&tcp=63&dit=1197&clt=1222&_gst=1443&_gbt=1627&_u=aAhAAEABAAQCgCgCIAB~&jid=&gjid=&cid=1227075284.1666618093&tid=UA-97981691-4&_gid=439852477.1666618093&z=332919582

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Oct 2022 04:46:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 31303
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 211ms
71ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Oct 2022 13:28:14 GMT

POST
H2 200 r.p
r.3gl.net/hawklogserver/ 0
338 B 102ms
31ms Ping
application/octet-stream 136.144.49.190
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://r.3gl.net/hawklogserver/r.p

Requested by

Host: g.3gl.net
URL: https://g.3gl.net/jp/7820/v3.3.0/M

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

136.144.49.190 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

fra-eqx-gli-02

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 Oct 2022 13:28:13 GMT
x-content-type-options: nosniff
access-control-allow-methods: POST
content-type: application/octet-stream
access-control-allow-origin: https://ew.com
x-cp-r: 1
cache-control: no-cache
content-length: 0
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9793 13 KB
5 KB 177ms
57ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 13:23:06 GMT
expires: Tue, 24 Oct 2023 13:23:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EAE 783 B
536 B 107ms
43ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

550c3c863ae34e79151f8ebfba56f0ee631c00e7767eafe8e00581d6a469b05a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yJyZ_U-3JfbmHKLAh4V0bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-yJyZ_U-3JfbmHKLAh4V0bQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Oct 2022 13:28:14 GMT
expires: Mon, 24 Oct 2022 13:28:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EAE 0
0 135ms
69ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101801&jk=4200954722390873&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9793 36 KB
16 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 12:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15944
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 15:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Oct 2023 12:42:05 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9793 0
10 B 58ms
57ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c5q8xg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 13:28:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
67ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101801&jk=4200954722390873&bg=!NzSlNHDNAAaaxvStusY7ACkAdvg8Wsf9HjTlv7z3g7BG855IJKmdISZZ3BUPZGzo14dTVu5faMN3GAIAAABqUgAAAAxoAQcKAID1pdUZVw7lQNr3DOTekvMV4Fi9ZZAZQu-nFdD-QpPDrFmiCnbrh2-_HSi-CyCzWrxDwkIxwLMELvP8zZ0s7Pk0_nyy-Do-_OE87EqDPKPDds2Ap24VjobPw6bzQ4LZ-rumjIkL4B4kh8ARdH6XtWYjUXaJ0cedFlHDrWSYq2kZ2ZkCo3Xs7akWdQApmvnktuKtP0Ei6POLJ62I0KBDe_zIV9lIQHiOX4xqTWXf_Gbsr-nmSflqaDIFn-8o7tmqhxIw-Xr3GuonIJQBp2RY0D9_Lo_8SP3jbaxWcuKl-u6KGhj1LaF_nL4JCML0D-BDBeG4Xek0rQmVTEzx1vlCrAlEUDhBMbQLJJLFKhjM2byIhlYRAZkL25jKolb8XLzRYb8MXYUcPPti9O-6ruGSHXOFCACpbdOEALPMNt_koKUV3OmPUZ6PQCFgBHZI80ta8uYOpX0ZjHrww9J68Q439Y8uyf1Aq6yKCH0fsM97VxGJXz1oyz0JuStIzl6oQ6Xv26e5TjQmcvkSp3olxs6Mk42cPfQLuhKvBRktktLMn_3H3GJnzMIpivQru7UCcpnKBje4QQKkxVThS_s1a_j3coWTGHhJJeloChqUeC8X9x67tl1mjXw0qQrmwengK1QFybHun1h_g_4Fy-lemHG2JnJiUKsL8AW1mZcYbTWj1bM8BfvCSFrblzo0ksu4WVNtk4oggPD_nmAdz_QHUsPXmi285l7FNxrmgCUz94S0y1n8o0_XEkibtk_B75WzBsyqbrJTzdRm0haFCbXjuRIoIq21xGFnoYanRaT6vqc_93gJnnGhYuAlRHyD40_ZbtMLY5q3uROeJ--6pSO1JLwpIu2IXC8Oqp6t0Oy1qcJeIrqoJuyA4rwZXgkwgyCR3feasAVek5TxhumXfTWiIt5lp_EU1rmgw417t33roWKkODHeXvkEgA9xRxZ2PCku4DCyyHqVeEzu8J0sgEXqv5NgQOIwHMQWjyy0PnZa85OAFWppCtMSP08Edelq0ngOGnRqaz2ywhnXQmPf2sU6teU0dfRjD7PB1k10Clxi07mnu5SSfi7KbR0bmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 x.gif
d9jj3mjthpub.cloudfront.net/ 35 B
352 B 42ms
42ms Image
image/gif 2600:9000:2134:bc00:11:e0c9:84c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9jj3mjthpub.cloudfront.net/x.gif?pulse=-2&v=1.0.1&browser=chrome&utime=1666618093100&url=https%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3d.net%2520b.v%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3Dnl%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff&globalTI_SID=1496f8f8-e37d-43f3-a498-6bc7cd89c029&request_id=da69ba64-7105-4ffb-b76f-be86094b1d0d&optanon_consent=isIABGlobal%3Dfalse%26datestamp%3DMon%2BOct%2B24%2B2022%2B13%3A28%3A12%2BGMT%2B0000%2B(GMT)%26version%3D6.31.0%26hosts%3D%26consentId%3Dd196ee8e-6c41-4769-a341-dfbf7b04c554%26interactionCount%3D0%26landingPath%3Dhttps%3A%2F%2Few.com%2Fsweepstakes%2Fentry%2Fsplash-into-cash-10000-sweepstakes%2F29636431%2F%3Fgclid%3Da1b96g6nt1z614%26city%3D%26isp%3Di3D.net%2520B.V%26ip%3D2a00%3A1630%3A2%3A602%3A%3A9%26geo%3DNL%26uclick%3Dg6nt1z%26uclickhash%3Dg6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff%26groups%3D1%3A1%2C2%3A0%2C3%3A0%2C4%3A0&gpc_enabled=no&compliance=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0&opt_in=no&gpc_utc_millis=1666618092000&gpc_iab_global=no&domain=ew
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2134:bc00:11:e0c9:84c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 02:31:51 GMT
via: 1.1 f9ae7a7192e585fdba11578d564e8642.cloudfront.net (CloudFront)
last-modified: Sun, 24 Feb 2019 04:40:26 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 39386
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 7IAZ4r6EPUtkrgxIenrklKXHmTKOSfwQW4P8AJthPh8ERUrDqLHgcw==

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
logisticstcompany.info/	1970-01-20 06:58:24	Name: uclick Value: g6nt1z
logisticstcompany.info/	1970-01-20 06:58:24	Name: uclickhash Value: g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
ew.com/	1970-01-20 16:32:58	Name: muuid_origin Value: ew.com
ew.com/	1970-01-20 16:32:58	Name: muuid_date Value: 1666618092551
ew.com/	1970-01-20 16:32:58	Name: first_request_id Value: 8f0638fa-ea0d-46a3-9686-8b49004d06fd
ew.com/	1970-01-20 16:32:58	Name: globalTI_SID Value: 1496f8f8-e37d-43f3-a498-6bc7cd89c029
.ew.com/	1970-01-20 16:32:58	Name: globalTI_SID Value: 1496f8f8-e37d-43f3-a498-6bc7cd89c029
.ew.com/	1970-01-20 16:32:58	Name: muuid_date Value: 1666618092551
.ew.com/	1970-01-20 16:32:58	Name: last_request_id Value:
.ew.com/	1970-01-20 16:32:58	Name: visit_ts Value: 1666618092605
.ew.com/	1970-01-20 16:32:58	Name: previous_ts Value:
.ew.com/	1970-01-20 16:32:58	Name: first_request_id Value: 8f0638fa-ea0d-46a3-9686-8b49004d06fd
.ew.com/	1970-01-20 16:32:58	Name: pageview_count Value: 1
.ew.com/	1970-01-20 16:32:58	Name: muuid_origin Value: ew.com
ew.com/	1970-01-20 16:32:58	Name: muuid_source Value: SERVER
d9jj3mjthpub.cloudfront.net/	1970-01-20 16:32:58	Name: cross_site_muuid Value: 1204bcd4-3d32-5ee8-b3b4-ea19831e7c85
.ew.com/	1970-01-20 15:42:34	Name: ajs_anonymous_id Value: 4b744cb8-7704-4d65-b25f-d342967b6951
ew.com/	1970-01-20 07:40:10	Name: _pbjs_userid_consent_data Value: 3524755945110770
.doubleclick.net/	1970-01-20 06:56:58	Name: test_cookie Value: CheckForPermission
.ew.com/	1970-01-20 16:18:34	Name: __gads Value: ID=0900d6a488f58325-22222f3253ce00d8:T=1666618092:S=ALNI_MY9E9C4LLBHgc166gNrs5VwLbvz4A
.ew.com/	1970-01-20 16:18:34	Name: __gpi Value: UID=00000b78175d0528:T=1666618092:RT=1666618092:S=ALNI_MaqTxZJz3kDypjcjTJOG99eL6kCNA
.ew.com/	1970-01-20 06:57:01	Name: AMP_TOKEN Value: %24NOT_FOUND
.ew.com/	1970-01-20 16:32:58	Name: _ga Value: GA1.2.1227075284.1666618093
.ew.com/	1970-01-20 06:58:24	Name: _gid Value: GA1.2.439852477.1666618093
.ew.com/	1970-01-20 09:06:34	Name: _gac_UA-97981691-4 Value: 1.1666618093.a1b96g6nt1z614
.ew.com/	1970-01-20 06:56:58	Name: _gat Value: 1
ew.com/	1970-01-20 16:32:58	Name: last_request_id Value: 8f0638fa-ea0d-46a3-9686-8b49004d06fd
ew.com/	1970-01-20 16:32:58	Name: request_id Value: eaa24240-9df6-460e-9b87-3021a6527703
ew.com/	1970-01-20 16:32:58	Name: previous_ts Value: 1666618092605
ew.com/	1970-01-20 16:32:58	Name: visit_ts Value: 1666618093505
ew.com/	1970-01-20 16:32:58	Name: pageview_count Value: 2
ew.com/	1970-01-20 06:56:58	Name: initial_referer Value: https://ew.com/sweepstakes/entry/splash-into-cash-10000-sweepstakes/29636431/?gclid=a1b96g6nt1z614&city=&isp=i3D.net%2520B.V&ip=2a00:1630:2:602::9&geo=NL&uclick=g6nt1z&uclickhash=g6nt1z-g6nt1z-wj-0-dz-vc-xo-1a6bff
.ew.com/	1970-01-20 15:42:34	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Oct+24+2022+13%3A28%3A13+GMT%2B0000+(GMT)&version=6.31.0&hosts=&consentId=d196ee8e-6c41-4769-a341-dfbf7b04c554&interactionCount=0&landingPath=NotLandingPage&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0&AwaitingReconsent=false

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://ew.com/dist/main-d80180da1df05d3951bb-hash.js(Line 1) Message: Error: <svg> attribute viewBox: Expected number, "0 0 100 undefined".
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://ew.com/element-api/content-proxy/sitewide-alert Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

020c5edb98b32b7797ffcc21cec4de31.safeframe.googlesyndication.com
637267.directfvtfwr.com
adservice.google.com
adservice.google.nl
ampcid.google.com
ampcid.google.nl
api-secure.solvemedia.com
api.rlcdn.com
api.segment.io
as-sec.casalemedia.com
c.amazon-adsystem.com
cdn.cookielaw.org
cdn.segment.com
connect.facebook.net
d30qdagvt44524.cloudfront.net
d9jj3mjthpub.cloudfront.net
ddrvjrfwnij7n.cloudfront.net
ew.com
g.3gl.net
geolocation.onetrust.com
id.sv.rkdms.com
imagesvc.meredithcorp.io
js-sec.indexww.com
karma.mdpcdn.com
logisticstcompany.info
match.adsrvr.org
pagead2.googlesyndication.com
platform.instagram.com
r.3gl.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.instagram.com
104.18.12.76
104.18.18.126
13.224.189.17
13.224.189.42
13.224.195.78
13.225.78.93
136.144.49.190
18.118.94.142
18.66.115.169
2001:19f0:5001:32cc:5400:4ff:fe1b:542a
2600:9000:2134:bc00:11:e0c9:84c0:21
2600:9000:21f3:3800:d:2820:3bc0:93a1
2600:9000:2250:3400:19:bcbe:a700:21
2606:4700:4400::6812:2962
2606:4700::6810:9440
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c07::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f22d:c4:face:b00c:0:43fe
2a03:2880:f22d:e5:face:b00c:0:4420
2a06:98c1:3120::3
34.120.133.55
34.202.126.101
44.241.21.8
52.223.40.198
93.184.220.120
03c3fbe2422a478e1e82c13f0f7d2f9421f78cee98d09309eb548e7b19989822
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f258a4d50a437e6ffbe0fa9e42422e207379212d3a5b29698f0e69f4714371
0b2183f02f84c6281e1e2896a63c493f6a3aaa4866ff0025b5d8586d2e969248
114306c66758a3ca534c75eaee5210d1edd376c076137891d0b8ddfd71684a87
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
1e77a69610c8f78d88dab562ce5f657d71c733275b0a9af2e3b657c0bd213659
22074ac2a162ea1f54279ee8b9a587eea38d8c7d8f6dabee136003b61f897a6f
230422a2e2eef83e45145ccbc9e05c1e7cdd17e82996f0f4e53221aa507a8c36
29f39d3884535444de589de426ed818ee4b8f714afc379bc1c83a7815890c28c
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2e02bee0e07e55b5375ce1666aedda58acaa6adc8d86dcefbe8e7c491bf0e7ed
3447a2bf760509a1118868e2eeda668f002a58b1cddceb4ad168931cbce1afb2
3a48ba6d11055a2a6f840befa14e603650d8ca3d752e16daccd828d3869fb791
3ff8cb6382d944a439a78047f144e671c607f77da36a63837d028557df63848f
42da203fcc4325bd58c8c868e9213def8ca9b8d58e79d68e86c0fd8a5744e72d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b89dd9becf14fdc796aa4720eef9413c016f8f756cde4861216e9a68d3914e5
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
4c02a26b3b615cd6a081166458f8e0f7e0f0853dbc2798a85995b45ab87e25e8
4f90198e0054450e2f21f7ad14ee10874ef81a3bdb3685426ea131d2cd5244a4
550c3c863ae34e79151f8ebfba56f0ee631c00e7767eafe8e00581d6a469b05a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576eab8342c172253576e034b20f276b2e4a5f0ba50174da545d8477a28ec92a
5800f312944709b8d8e2e638a4c64704be610892c2fd06e962ac74b222615e19
5db23c1f4bb294496df9184dffd00fe2921b4e01934dbe523f771b56d1a1ec03
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63223cca51e225179d3ee1c0baa03fdbfa8b4d0c936adf08d2a46bf3121ea2b4
692384c5caa953b20c55670f00cf72474607c3e6543b9e6d4a45a4428ed3dac4
69402eeeadfc8fdbc9151101dfa27e96b118a9e5b5398e2124bf59b2f3eca998
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
75d34a1f8409b546b7ab67c18bbe05e161f9e5c022b1b8390d445e39863b6239
78cab04412f03b24b3f1ad530dd87de65a933811fb2655501c75b56f5027aa61
798465a34d0c635ecee8755fc95d01445b36388f348b6500d893bca788f3d76b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853e3e3165665581b0eaad91625d68bcc1dfa6211679931488cc958ed6f95845
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8797fae4fe40837339673d3b4ebd78433d1e7e2fda741d645fe6193e3737eba6
87aa050ee6e245eb1fecf5a935d368fbbdfb82307ecf671843750e11107ab38e
8b74956ca7e0a2f410441a1e089501b81001adcec511bbd063726355735d8829
8f7ff6bdf4c7d06881fe8feb6e2779ddd87a168380ea85416841e8951961be10
8fcc92858efa2f711fda0524cd2370285ade0c8fbdd848e72884ae7641f45e9f
93c69fc6d85feecb4ea6a895b1b3ae1e5bfab00969a1f85b2a8f6b7cd3e07bbe
9a465a0d8fee48c7dd5e411da67dce647f0d7eddba77446afd18a0c9ef0797ae
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9eda50baf50702acd269bd72781f9d7dc8d581ef218e4d4d8418b146f527766c
a1f867ca74476f6df9daecea9e0c3d107500a4e2b1a8f1b3fe5b637fe064d736
a2649c2a5ef42a8cc56ff03a5f17d3d642388660ef8d7a6c79834f206f96b3d7
a3c094f715a9c193a30aad95c8eb496fa0bd758b2fb192527f202f96d44b5dd3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752ea20296d4beeb826b29be8e0bc967422defba3b1fb18ef910422270830c7
a779828b280bc1f567aba8d7659bf391ea3762a169df747aea46ec972d493ff2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b235f1c6a589e6558664e65060bd99de7195bae81b0808f79527e9703f7485d5
b3289ad96fd9491e2deb99e555cb76d8d520a25478eefde9c2d94e34b1cb36cc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5105cfe5696fa36289c02eb67838b1f75992d6d8d143596ff0ee3938e3ed351
b880bdfc7942ffe0e1546034cae16173a713d476c2fcb79cba3ca24c107da3fa
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac3fc0dd2d787dd4eb7496d2d0ce7658a075fcb00df6ff96d2919de879242f5
d08f2566d66843fc4933a46a7b4e479befb4a8f81dc4a40e0e27c5c3ae914220
d0feb930c9ebf9534850325eb3f984caf5436df06bad09bf6bf05c32b15e9803
d4849e71a62ec779b431dd66d0aff8c11d176632209b1ce638aa24804bda6b24
d5238399eec84b85c1eec58f82de8e989eed128839d4ada23bd908eb554c2bcc
d9ec2b98112ac47caa74a7621bbd86d9762e56db69cf101ccc9a61d335619c56
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dec7f0e8d1ed8dfa109b43fddbba69bfcc2a4bb15d084e399b47a6309daf2c91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e775ba70a052bd4b7c633816a031dbf4311646957b5616ad5e08f8bfbfe0e69b
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db
ef07dc65a90a8558761ee70479656ac99bad0f98db9dac7d75257ccdca544318
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f643f4801d0360ee16a3cd307fc0c88c8f4eae62e54fa84d942094990344723d
fc763923d8c7edb99b36e4d6659e9bf564a9b56e4192d40539e503d60646b846
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb
fe4946db1f133c18e59bde7de4f6e87a50d288f85ec8440451b998e0f3f17e66

ew.com Open in urlscan Pro 13.225.78.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

98 %HTTPS

62 %IPv6

26 Domains

37 Subdomains

36 IPs

6 Countries

2234 kBTransfer

8272 kBSize

33 Cookies

21 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ew.com Open in urlscan Pro
13.225.78.93 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

62 %
IPv6

26
Domains

37
Subdomains

36
IPs

6
Countries

2234 kB
Transfer

8272 kB
Size

33
Cookies

125 HTTP transactions
4 data transactions