ew.com Open in urlscan Pro
151.101.130.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119
Submission: On December 12 via api (December 12th 2024, 11:30:47 am UTC) from UA — Scanned from PL

Summary HTTP 32 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 32 HTTP transactions. The main IP is 151.101.130.137, located in San Francisco, United States and belongs to FASTLY, US. The main domain is ew.com. The Cisco Umbrella rank of the primary domain is 38334.
TLS certificate: Issued by R10 on December 4th 2024. Valid for: 3 months.

This is the only time ew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
9	104.18.86.42 104.18.86.42	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.66.147.104 18.66.147.104	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.114 151.101.194.114	54113 (FASTLY) (FASTLY)
1	18.245.78.133 18.245.78.133	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	52.73.147.88 52.73.147.88	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.67.122 18.214.67.122	14618 (AMAZON-AES) (AMAZON-AES)
1	184.72.230.135 184.72.230.135	14618 (AMAZON-AES) (AMAZON-AES)
32	11

10 151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)

ew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.86.42 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.104 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-104.fra60.r.cloudfront.net

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.114 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets-jpcust.jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.78.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-78-133.fra60.r.cloudfront.net

d30qdagvt44524.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

cdn.viafoura.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.147.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-147-88.compute-1.amazonaws.com

api.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.67.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-67-122.compute-1.amazonaws.com

livecomments.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.72.230.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-230-135.compute-1.amazonaws.com

i.viafoura.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	ew.com ew.com — Cisco Umbrella Rank: 38334	323 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	291 KB
3	viafoura.co api.viafoura.co — Cisco Umbrella Rank: 11014 livecomments.viafoura.co — Cisco Umbrella Rank: 11491 i.viafoura.co — Cisco Umbrella Rank: 10906	4 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	209 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	363 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
1	viafoura.net cdn.viafoura.net — Cisco Umbrella Rank: 11081	16 KB
1	cloudfront.net d30qdagvt44524.cloudfront.net	393 B
1	jwpsrv.com assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4601	79 KB
1	jwplayer.com 1 redirects cdn.jwplayer.com — Cisco Umbrella Rank: 2638	444 B
32	10

	Domain	Requested by
10	ew.com
9	cdn.cookielaw.org	ew.com cdn.cookielaw.org
3	securepubads.g.doubleclick.net	securepubads.g.doubleclick.net
3	www.googletagmanager.com	www.googletagmanager.com
1	i.viafoura.co
1	livecomments.viafoura.co	cdn.viafoura.net
1	api.viafoura.co	cdn.viafoura.net
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.viafoura.net	ew.com
1	d30qdagvt44524.cloudfront.net	ew.com
1	assets-jpcust.jwpsrv.com	ew.com
1	cdn.jwplayer.com	1 redirects
32	12

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
www.pinterest.com
www.youtube.com
www.tiktok.com
flipboard.com
forms.dotdashmeredith.com
www.dotdashmeredith.com
www.magazines.com
privacy.truste.com

Subject Issuer	Validity	Valid
ew.com R10	`2024-12-04` - `2025-03-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
cookielaw.org WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
viafoura.com Amazon RSA 2048 M03	`2024-07-09` - `2025-08-07`	a year	crt.sh
viafoura.co Amazon RSA 2048 M03	`2024-10-23` - `2025-11-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119
Frame ID: D00D6B0EE22B563264B937672386AAFC
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cynthia Erivo, Drew Barrymore defend being 'touchy'

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1287 kB
Transfer

4547 kB
Size

11
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/entertainmentweekly

Search URL Search Domain Scan URL

URL: https://www.instagram.com/entertainmentweekly/

Search URL Search Domain Scan URL

URL: https://twitter.com/EW

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ewmagazine/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/entertainmentweekly

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@entertainment_weekly

Search URL Search Domain Scan URL

URL: https://flipboard.com/@ew

Search URL Search Domain Scan URL

URL: https://forms.dotdashmeredith.com/ew-tv-inline-offer
Title: Entertainment Weekly's free daily newsletter

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/brands-termsofservice
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.magazines.com/entertainment-weekly-magazine.html
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/advertising
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/brands-privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/validation?rid=66410a94-db48-4a68-8eae-de35e6397332

Search URL Search Domain Scan URL

URL: https://www.dotdashmeredith.com/
Title: Dotdash Meredith

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://cdn.jwplayer.com/v2/media/YdVCZLcd/thumbnails/IR7dMAOL.jpg HTTP 302
https://assets-jpcust.jwpsrv.com/thumbnails/IR7dMAOL-720.jpg

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119 Show response
ew.com/ 208 KB
49 KB 385ms
266ms Document
text/html 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a39bf6c6ffbd419b85eb21f144dbdf9e1ccad64ac15267cef1770177b2f5daa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=1800, private
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
content-type: text/html;charset=utf-8
date: Thu, 12 Dec 2024 11:30:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
link: <//ew.com/static/2.114.0/cache/eNqlVlF6pCAMvtDyeYi-7iUiRs0WYZbATOf2C4ijVkq1-yJJ-P8kQMA07MCRbCbQTmEjmZtowV_NcYImGFDcFEgcjerQlkATWuoIdEO6w48XIk0B6ZViOq-QG2mmm9GoHTcWSIk7dWgSPEk1fAucM5YCOl5jrZBgbrZTS6Ir4kHdgGEckYbRvY2gB_xN7FCjLRorvgZlWlCBBV0iw3aPzuKObjXcaQhzRjfekSL3FMG0lSvk3tgp7BCClaOIylau8CZkjsfdgo47sVfPJTsvLOW6iueovVeKpUXUib5Xz7lgIwlUoqcaeamlEynz6pxYWyqtqzVgu1OV2iv8oFZhqNcafuM20Yphviq_3hgXTmweKuVXxtWPJWHnI3mJl6iK9DvvlHP0zrgOeBRe0x0t5wMqWisOw8OkzJCHWmB8sEIXc8yUg6WysVfYx9hggz0_plkuVl-G4UN8Rn3tM48ivzx7tVaQFx3UTrK1ASytn1reyj_PfkIHO6Xiqn2GmotL45dc29wFfgEK3o3GCmeMcnSrrco5S62Pe7JTBDmcTvywcoTmRKRdSnNhnc1yiXYn6I23IMLclGY2Fq_rL8jiJL-nPILNzUJAiq31J07Wy1_09J2LcvjjFUjtiPjzCP3PM1TfItRqYilKacIGaTe7yI4-sY_rZWe9dN5i9-KPblLpc42W-rb5WyHOqLihA_VXVpVH0Soj33ntFEs-JgzvXw7V0xDSFBJuseyvLalHmA3xF7KpgJ292mvGxk7EjjMlvKo1Ev_1S9FxgLw_xWw5y_kWrMPEfQbP4v_ezNlSuws_pL_-UuFASHvjWYQGzSh1tNROFmX6J1iUZKUoq6XweYpPMo-RZWilQpGwW6Vv0OnzD3aMFn4.min.css>; rel=preload; as=style; nopush, <//ew.com/static/fonts/CaslonDoric-Regular.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin; nopush, <//ew.com/static/fonts/CaslonDoric-RegularItalic.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin; nopush, <//ew.com/static/fonts/CaslonDoric-Semibold.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin; nopush, <//ew.com/static/fonts/CaslonDoric-SemiboldItalic.woff2>; rel=preload; as=font; type="font/woff2"; crossorigin; nopush, <//www.googletagmanager.com/gtm.js?id=GTM-P3X3VT7>; rel=preload; as=script; nopush, <//www.googletagmanager.com/gtag/js?id=G-K7Z1YZPWW1&l=dataLayer&cx=c>; rel=preload; as=script; nopush, <//securepubads.g.doubleclick.net/tag/js/gpt.js>; rel=preload; as=script; nopush, <//ew.com/static/2.114.0/cache/eNqNU1FuwyAMvdAYd9g09WtSNeUChDjEDYEIm1Tt6edEVZt2JJoECPyeHT_b0cSG0erBBPagbRzGGCAwaW8uMbM-kSxlO7D9m34mn2bS9UJ4BWHE0KJ7pdxeHmt6pmNgSASWMYZS3GgaaAqAjbFHoAKSGT1yGWuD2oObOOzinIztMbhd0gShiUlzlyKLqcAY5KLqBKYfo-h_BBEMztvBV02xlNrlKIQfc025LgCf38eHNTbZw9KMn-pj3lvQIlouXxOsc13JMZcaSt6HYzXvEsQmOeC5lGRa8EhcYpFVpqESkkCyyVDdGnKnrEoknjPTjVyqkXGgJoTzTo0dD8ukebS94tcvbQw2vecwAfpO5vNv5qvoCV3HKhn0i5776_8-KD9aQAb1MCvJSpSlX614boU.min.js>; rel=preload; as=script; nopush; group=top, <//ew.com/static/2.114.0/cache/eNqNVFtyqzAM3VBdT9fQ325CBgFKhJ3aMoSu_gqT3CZp6jLDjCVZR-hxLJsEhBo7ghdGe9GYXLIH_T4zxuXF3jvpRRZiEsJkXCYWM5MM5lfvUQUzgSdmMKmJgfnRqwnjKXj0kix5weiBbYsdxhVfhIhtBQRdpxmBoGHyRxNxjiQbWr1GjA3-5lOJiuctFfraMKUpP4zfAUKbGYsTw9dioJbxTG2Peg5I_SDvA_gePygJek37mbESq-fgtGEDQlvA6_Ho_jBaeHtbTEvAoa8E9jBRr3fBX0a-GDXdyhVwF-KYbEKIzWBW5Vau4EZMCXo0Dvzai3u1gtuquRxlNPsq2_pVCvsW90G7zKyERvQFfq8-48XKfZhh-XF3E99BKs-mYzyTY6zz6K7qHXyTEFjodD1rbyrLEKK5Ag6Plh0_S6HRvEwaIJaSbvVaCyZqMZjDfGJY1ld8Ef7gNKdX1yeUSmJJYm4k6zIxTdBF48XSqOyyOjXdDB_rs3Ph_A4x5ITVNVVg-teeuj_ySqocF0eSajWnz3ztUmM4NEezWWoYrxdTwWzSjpFMBF3IEUzZi_6Z5RlxHWc8Rd3NdTaGLC4C-f9Clbk9hcG0uM62fVD_AXwViOw.min.js>; rel=preload; as=script; nopush; group=bottom, <//cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script; nopush
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
referrer-policy: no-referrer-when-downgrade
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
x-abt-application-version: 2.114.0
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
x-content-type-options: nosniff
x-served-by: cache-iad-kiad7000170-IAD, cache-iad-kiad7000170-IAD, cache-vie6355-VIE
x-timer: S1734003043.267315,VS0,VE168

GET
H2 200 eNqlVlF6pCAMvtDyeYi-7iUiRs0WYZbATOf2C4ijVkq1-yJJ-P8kQMA07MCRbCbQTmEjmZtowV_NcYImGFDcFEgcjerQlkATWuoIdEO6w48XIk0B6ZViOq-QG2mmm9GoHTcWSIk7dWgSPEk1fAucM5YCOl5jrZBgbrZTS6Ir4kHdgGEckYbRvY2gB_xN7FCjLRorv...
ew.com/static/2.114.0/cache/ 324 KB
33 KB 104ms
101ms Stylesheet
text/css 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/2.114.0/cache/eNqlVlF6pCAMvtDyeYi-7iUiRs0WYZbATOf2C4ijVkq1-yJJ-P8kQMA07MCRbCbQTmEjmZtowV_NcYImGFDcFEgcjerQlkATWuoIdEO6w48XIk0B6ZViOq-QG2mmm9GoHTcWSIk7dWgSPEk1fAucM5YCOl5jrZBgbrZTS6Ir4kHdgGEckYbRvY2gB_xN7FCjLRorvgZlWlCBBV0iw3aPzuKObjXcaQhzRjfekSL3FMG0lSvk3tgp7BCClaOIylau8CZkjsfdgo47sVfPJTsvLOW6iueovVeKpUXUib5Xz7lgIwlUoqcaeamlEynz6pxYWyqtqzVgu1OV2iv8oFZhqNcafuM20Yphviq_3hgXTmweKuVXxtWPJWHnI3mJl6iK9DvvlHP0zrgOeBRe0x0t5wMqWisOw8OkzJCHWmB8sEIXc8yUg6WysVfYx9hggz0_plkuVl-G4UN8Rn3tM48ivzx7tVaQFx3UTrK1ASytn1reyj_PfkIHO6Xiqn2GmotL45dc29wFfgEK3o3GCmeMcnSrrco5S62Pe7JTBDmcTvywcoTmRKRdSnNhnc1yiXYn6I23IMLclGY2Fq_rL8jiJL-nPILNzUJAiq31J07Wy1_09J2LcvjjFUjtiPjzCP3PM1TfItRqYilKacIGaTe7yI4-sY_rZWe9dN5i9-KPblLpc42W-rb5WyHOqLihA_VXVpVH0Soj33ntFEs-JgzvXw7V0xDSFBJuseyvLalHmA3xF7KpgJ292mvGxk7EjjMlvKo1Ev_1S9FxgLw_xWw5y_kWrMPEfQbP4v_ezNlSuws_pL_-UuFASHvjWYQGzSh1tNROFmX6J1iUZKUoq6XweYpPMo-RZWilQpGwW6Vv0OnzD3aMFn4.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7bd434ab241cc2bc07dbc508bede8ad585c70da497111d28aa5da41ce2027b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: gzip
age: 54884
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: text/css;charset=utf-8
x-served-by: cache-iad-kjyo7100062-IAD, cache-iad-kjyo7100062-IAD, cache-vie6355-VIE
x-cache-hits: 55, 0
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.509963,VS0,VE2
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 33822
x-abt-application-version: 2.114.0

GET
H2 200 CaslonDoric-Regular.woff2
ew.com/static/fonts/ 34 KB
35 KB 71ms
69ms Font
application/font-woff2 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/fonts/CaslonDoric-Regular.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3446d1cde9b1d2d1b8d2b5b6d86fa421d19f37512b34b920b7fa72335798a400

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ew.com
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

age: 735909
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/font-woff2;charset=utf-8
x-served-by: cache-iad-kiad7000162-IAD, cache-iad-kiad7000162-IAD, cache-vie6355-VIE
x-cache-hits: 119, 25
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.510128,VS0,VE1
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35265
x-abt-application-version: 2.108.0

GET
H2 200 CaslonDoric-RegularItalic.woff2
ew.com/static/fonts/ 27 KB
27 KB 60ms
57ms Font
application/font-woff2 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/fonts/CaslonDoric-RegularItalic.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d77a6327538371e08017fe335fc1494453745868c7e19541df2d3dad5f62e869

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ew.com
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

age: 3475622
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/font-woff2;charset=utf-8
x-served-by: cache-iad-kiad7000129-IAD, cache-iad-kiad7000129-IAD, cache-vie6355-VIE
x-cache-hits: 14442, 22
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.509745,VS0,VE1
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27645
x-abt-application-version: 2.98.0

GET
H2 200 CaslonDoric-Semibold.woff2
ew.com/static/fonts/ 37 KB
38 KB 87ms
85ms Font
application/font-woff2 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/fonts/CaslonDoric-Semibold.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1453b1f12cb154b64bdc2a952b93e39b4490a76cbaafa9de09f2291ce1338b0e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ew.com
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

age: 2925548
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/font-woff2;charset=utf-8
x-served-by: cache-iad-kiad7000115-IAD, cache-iad-kiad7000121-IAD, cache-vie6355-VIE
x-cache-hits: 276, 24
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.509732,VS0,VE2
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38185
x-abt-application-version: 2.101.0

GET
H2 200 CaslonDoric-SemiboldItalic.woff2
ew.com/static/fonts/ 29 KB
29 KB 76ms
74ms Font
application/font-woff2 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/fonts/CaslonDoric-SemiboldItalic.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b29f93242c1e80ab764711ee6775921072d608f0f4ea53ca9f426dc89b7bf817

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ew.com
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

age: 1393705
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/font-woff2;charset=utf-8
x-served-by: cache-iad-kcgs7200157-IAD, cache-iad-kcgs7200157-IAD, cache-vie6355-VIE
x-cache-hits: 5658, 25
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.510216,VS0,VE1
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30053
x-abt-application-version: 2.108.0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
114 KB 229ms
126ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3X3VT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2fd33a65c5c61b608b67cb4aeef2a313f915c5c5f4813bee940c6f270d7bac5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 12 Dec 2024 11:30:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 115866
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 379 KB
125 KB 189ms
86ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K7Z1YZPWW1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

83462967126205646a464b3b24c21fb45ddc1fc970af0ed618188241906d9c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 11:30:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 127484
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 168ms
66ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3d07ba48b66a584ac26200af0b3881f23e63ecb3aedff874efaabef9bb97cbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: br
etag: 874 / 20069 / 31089396 / config-hash: 1604243570834711707
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 11:30:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34083
x-xss-protection: 0
server: cafe

GET
H2 200 eNqNU1FuwyAMvdAYd9g09WtSNeUChDjEDYEIm1Tt6edEVZt2JJoECPyeHT_b0cSG0erBBPagbRzGGCAwaW8uMbM-kSxlO7D9m34mn2bS9UJ4BWHE0KJ7pdxeHmt6pmNgSASWMYZS3GgaaAqAjbFHoAKSGT1yGWuD2oObOOzinIztMbhd0gShiUlzlyKLqcAY5KLqB... Show response
ew.com/static/2.114.0/cache/ 156 KB
48 KB 115ms
113ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/2.114.0/cache/eNqNU1FuwyAMvdAYd9g09WtSNeUChDjEDYEIm1Tt6edEVZt2JJoECPyeHT_b0cSG0erBBPagbRzGGCAwaW8uMbM-kSxlO7D9m34mn2bS9UJ4BWHE0KJ7pdxeHmt6pmNgSASWMYZS3GgaaAqAjbFHoAKSGT1yGWuD2oObOOzinIztMbhd0gShiUlzlyKLqcAY5KLqBKYfo-h_BBEMztvBV02xlNrlKIQfc025LgCf38eHNTbZw9KMn-pj3lvQIlouXxOsc13JMZcaSt6HYzXvEsQmOeC5lGRa8EhcYpFVpqESkkCyyVDdGnKnrEoknjPTjVyqkXGgJoTzTo0dD8ukebS94tcvbQw2vecwAfpO5vNv5qvoCV3HKhn0i5776_8-KD9aQAb1MCvJSpSlX614boU.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7b0880bea75932eb4fb144ae8b87a675f47032e31a03ba31029d45b069ea3737

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: gzip
age: 54771
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/javascript;charset=utf-8
x-served-by: cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-vie6355-VIE
x-cache-hits: 9, 1
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.509601,VS0,VE3
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 48448
x-abt-application-version: 2.114.0

GET
H2 200 eNqNVFtyqzAM3VBdT9fQ325CBgFKhJ3aMoSu_gqT3CZp6jLDjCVZR-hxLJsEhBo7ghdGe9GYXLIH_T4zxuXF3jvpRRZiEsJkXCYWM5MM5lfvUQUzgSdmMKmJgfnRqwnjKXj0kix5weiBbYsdxhVfhIhtBQRdpxmBoGHyRxNxjiQbWr1GjA3-5lOJiuctFfraMKUpP... Show response
ew.com/static/2.114.0/cache/ 189 KB
60 KB 122ms
121ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/static/2.114.0/cache/eNqNVFtyqzAM3VBdT9fQ325CBgFKhJ3aMoSu_gqT3CZp6jLDjCVZR-hxLJsEhBo7ghdGe9GYXLIH_T4zxuXF3jvpRRZiEsJkXCYWM5MM5lfvUQUzgSdmMKmJgfnRqwnjKXj0kix5weiBbYsdxhVfhIhtBQRdpxmBoGHyRxNxjiQbWr1GjA3-5lOJiuctFfraMKUpP4zfAUKbGYsTw9dioJbxTG2Peg5I_SDvA_gePygJek37mbESq-fgtGEDQlvA6_Ho_jBaeHtbTEvAoa8E9jBRr3fBX0a-GDXdyhVwF-KYbEKIzWBW5Vau4EZMCXo0Dvzai3u1gtuquRxlNPsq2_pVCvsW90G7zKyERvQFfq8-48XKfZhh-XF3E99BKs-mYzyTY6zz6K7qHXyTEFjodD1rbyrLEKK5Ag6Plh0_S6HRvEwaIJaSbvVaCyZqMZjDfGJY1ld8Ef7gNKdX1yeUSmJJYm4k6zIxTdBF48XSqOyyOjXdDB_rs3Ph_A4x5ITVNVVg-teeuj_ySqocF0eSajWnz3ztUmM4NEezWWoYrxdTwWzSjpFMBF3IEUzZi_6Z5RlxHWc8Rd3NdTaGLC4C-f9Clbk9hcG0uM62fVD_AXwViOw.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

858d977679523d5a7f56845a7065f347888399d36691e65552cab60ff421a18d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: gzip
age: 54884
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/javascript;charset=utf-8
x-served-by: cache-iad-kiad7000171-IAD, cache-iad-kiad7000171-IAD, cache-vie6355-VIE
x-cache-hits: 40, 1
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=31556926
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.541147,VS0,VE2
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 60860
x-abt-application-version: 2.114.0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 122ms
44ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1A2106D903F4
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 17476
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 20:18:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: cf91a70e-c01e-0092-0347-4c043c000000
cf-ray: 8f0d624e6adcbbae-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
601 B 46ms
46ms Image
image/svg+xml 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Host: ew.com
URL: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/

Response headers

content-md5: pcXWFGpuVeSg/jVnYCseRg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 29536
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: image/svg+xml
last-modified: Wed, 11 Dec 2024 20:18:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: e3aba466-601e-0017-4636-4c53e9000000
cf-ray: 8f0d624efbf5bbae-WAW
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2

200

IR7dMAOL-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain

https://cdn.jwplayer.com/v2/media/YdVCZLcd/thumbnails/IR7dMAOL.jpg
https://assets-jpcust.jwpsrv.com/thumbnails/IR7dMAOL-720.jpg

80 KB
79 KB

319ms
192ms

Image
image/jpeg

151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-jpcust.jwpsrv.com/thumbnails/IR7dMAOL-720.jpg
Requested by: Host: ew.com
URL: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119
Protocol: H2
Server: 151.101.194.114 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0092aa436d237cef1ed71e72221ac84710238b9a02a79dbef405106a52f57ca1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: gzip
etag: "db823879b9c93ef0ac7fe3d26803e1dc"
age: 45
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:44 GMT
last-modified: Thu, 21 Nov 2024 00:08:11 GMT
content-type: image/jpeg
x-served-by: cache-iad-kjyo7100026-IAD, cache-vie6333-VIE
x-cache-hits: 26202, 0
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language
vary: Accept-Encoding
cache-control: max-age=900
x-timer: S1734003044.184206,VS0,VE105
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 80897
server: nginx
x-amz-server-side-encryption: AES256

Redirect headers

x-robots-tag: noindex, indexifembedded
cache-control: max-age=180, max-stale=180
location: https://assets-jpcust.jwpsrv.com/thumbnails/IR7dMAOL-720.jpg
access-control-allow-methods: GET
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: pFl0NMCKQyLs9ivZcoU9d0Reo5acOjvk2OxkRs7MOvELNdkPybMtZQ==
date: Thu, 12 Dec 2024 11:30:43 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P4
server: openresty
access-control-allow-headers: accept-encoding, cache-control, origin, dnt, accept-language

GET
H2 200 segments Show response
d30qdagvt44524.cloudfront.net/production/ 15 B
393 B 413ms
287ms Script
text/javascript 18.245.78.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d30qdagvt44524.cloudfront.net/production/segments?muid=1cf4917e-f36a-4379-9509-cceb7bee5ffe
Requested by: Host: ew.com
URL: https://ew.com/static/2.114.0/cache/eNqNU1FuwyAMvdAYd9g09WtSNeUChDjEDYEIm1Tt6edEVZt2JJoECPyeHT_b0cSG0erBBPagbRzGGCAwaW8uMbM-kSxlO7D9m34mn2bS9UJ4BWHE0KJ7pdxeHmt6pmNgSASWMYZS3GgaaAqAjbFHoAKSGT1yGWuD2oObOOzinIztMbhd0gShiUlzlyKLqcAY5KLqBKYfo-h_BBEMztvBV02xlNrlKIQfc025LgCf38eHNTbZw9KMn-pj3lvQIlouXxOsc13JMZcaSt6HYzXvEsQmOeC5lGRa8EhcYpFVpqESkkCyyVDdGnKnrEoknjPTjVyqkXGgJoTzTo0dD8ukebS94tcvbQw2vecwAfpO5vNv5qvoCV3HKhn0i5776_8-KD9aQAb1MCvJSpSlX614boU.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.78.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-78-133.fra60.r.cloudfront.net
Software: /
Resource Hash: 727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

x-amz-apigw-id: CrRnyEl2IAMENBQ=
x-amzn-trace-id: Root=1-675ac964-05dc637d1e7ca965390e0a0e;Parent=554f1acac1f0c878;Sampled=0;Lineage=1:abd734a0:0
x-amzn-requestid: 8a3ae8cc-683c-44d2-b0df-d7565ae00ba1
via: 1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 15
x-amz-cf-id: KuaN-IL4FKSSgM9KgQNC4hzSdYsCVVylUMk2Mmuc7AwoTIzhQxPusg==
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: text/javascript
x-amz-cf-pop: FRA60-P6

GET
H2 200 index.js Show response
cdn.viafoura.net/entry/ 45 KB
16 KB 223ms
90ms Script
text/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viafoura.net/entry/index.js
Requested by: Host: ew.com
URL: https://ew.com/static/2.114.0/cache/eNqNU1FuwyAMvdAYd9g09WtSNeUChDjEDYEIm1Tt6edEVZt2JJoECPyeHT_b0cSG0erBBPagbRzGGCAwaW8uMbM-kSxlO7D9m34mn2bS9UJ4BWHE0KJ7pdxeHmt6pmNgSASWMYZS3GgaaAqAjbFHoAKSGT1yGWuD2oObOOzinIztMbhd0gShiUlzlyKLqcAY5KLqBKYfo-h_BBEMztvBV02xlNrlKIQfc025LgCf38eHNTbZw9KMn-pj3lvQIlouXxOsc13JMZcaSt6HYzXvEsQmOeC5lGRa8EhcYpFVpqESkkCyyVDdGnKnrEoknjPTjVyqkXGgJoTzTo0dD8ukebS94tcvbQw2vecwAfpO5vNv5qvoCV3HKhn0i5776_8-KD9aQAb1MCvJSpSlX614boU.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cae0d7af664d2011f78a01feb7026f84947a1850bac4f9fd804b405d32f75977

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: br
x-amz-version-id: h.BSVl1..Hb3rDbbqtn5t67veTXTGa3c
etag: W/"f66d84a2aaca911b749a3e673a515e3e"
age: 503
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: vqRCK3Z6pWHBCMHV9WiK4qy43YUJjGJCQoyPp7aX2HJUijBMMQlP4Q==
date: Thu, 12 Dec 2024 11:22:21 GMT
content-type: text/javascript
vary: accept-encoding, Origin
last-modified: Tue, 03 Dec 2024 19:34:42 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=600,s-max-age=60
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/ 5 KB
2 KB 122ms
48ms XHR
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5715d10f82bbfbea745b5a0157fde799e38c29f9605aa120736cce6c44842f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: nL5TC8gYy+XkYZCwSOIw4Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD035A73C1F766
age: 26002
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 13 Dec 2024 11:30:44 GMT
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/json
last-modified: Tue, 12 Nov 2024 20:41:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 8aab1490-501e-00fa-2843-355a6d000000
cf-ray: 8f0d62540812ef8d-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1840
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090201/ 492 KB
153 KB 49ms
49ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090201/pubads_impl.js?cb=31089396

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

dc219b8244c92bbb28e5660d7345f550e7e39cf78750596eba83acccc61e7231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: br
etag: 4965289961284073677
age: 44337
x-content-type-options: nosniff
expires: Thu, 11 Dec 2025 23:11:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 11 Dec 2024 23:11:47 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 156858
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 379 KB
125 KB 66ms
66ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K7Z1YZPWW1&l=dataLayer&cx=c&gtm=45He4cb0v862680616za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3X3VT7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

92c778c2524e5f1096b75a9a00792bf4c992d72de737c8351c0de16761c8d01e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 11:30:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 127556
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 favicon.ico
ew.com/ 4 KB
5 KB 81ms
80ms Other
image/x-icon 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a42c5ca68de2325b34153a52a7b9a07dfe57f925700e20e2d8071363b0fc487a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

age: 67332
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: image/x-icon;charset=utf-8
x-served-by: cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100025-IAD, cache-vie6355-VIE
x-cache-hits: 7, 22
strict-transport-security: max-age=15552000
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=86400
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.450356,VS0,VE1
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 4286
x-abt-application-version: 2.113.0

GET
H3 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
22 KB 54ms
54ms Other
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 34066
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 02:02:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 12 Dec 2024 02:02:58 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 favicon.ico
ew.com/ 4 KB
0 0ms
0ms Other
image/x-icon 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://ew.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a42c5ca68de2325b34153a52a7b9a07dfe57f925700e20e2d8071363b0fc487a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

age: 67332
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://r.3gl.net/hawklogserver/7820/re.p"}]}
x-content-type-options: nosniff
x-cache: HIT, HIT
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: image/x-icon;charset=utf-8
x-served-by: cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100025-IAD, cache-vie6355-VIE
x-cache-hits: 7, 22
content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
cache-control: max-age=86400
nel: {"report_to":"network-errors","max_age":2592000,"success_fraction":0,"failure_fraction":1.0, "include_subdomains": true}
x-timer: S1734003044.450356,VS0,VE1
x-content-security-policy: frame-ancestors 'self' *.specless.io *.specless.tech http://*.seo.aws.about.com https://*.seo.aws.about.com http://*.dotdash.com https://*.dotdash.com *.ew.com
referrer-policy: no-referrer-when-downgrade
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 4286
x-abt-application-version: 2.113.0

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 451 KB
110 KB 48ms
48ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: 7I5y/rp4ODu7ul89ty+epQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56F667161
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 24639
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:20:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 5bc25b51-101e-0031-4bd5-2cc85d000000
cf-ray: 8f0d62546cc9bbae-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 112027
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 142ms
48ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K7Z1YZPWW1&gtm=45je4cb0v9117497963z8862680616za200zb862680616&_p=1734003044390&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tcfd=10001&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1975582779.1734003045&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&uid=&sid=1734003044&sct=1&seg=0&dl=https%3A%2F%2Few.com%2Fdrew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119&dt=Cynthia%20Erivo%2C%20Drew%20Barrymore%20defend%20being%20%27touchy%27&en=proctor&_fv=1&_nsi=1&_ss=1&ep.ddm_ids=%7B%22tmog%22%3A%22n11dbf93a6ede4227b944cdee55fa5a6b11%22%7D&ep.environment=%7B%7D&ep.ab_commerce=&ep.ab_proctor=55%7C99-0%7C99-1%7C99-2%7C99-3%7C99-4%7C99-5%7C99-6%7C99-7%7C99-8%7C99-9%7C99-10%7C99-11%7C99-12%7C99-13%7C99-14%7C99-16%7C99-17&ep.ab_performance_marketing=&ep.proctor_data=%7B%22application%22%3A%22ab-proctor%22%2C%22proctor_ids%22%3A%2255%7C99-0%7C99-1%7C99-2%7C99-3%7C99-4%7C99-5%7C99-6%7C99-7%7C99-8%7C99-9%7C99-10%7C99-11%7C99-12%7C99-13%7C99-14%7C99-16%7C99-17%22%7D&tfd=1497
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K7Z1YZPWW1&l=dataLayer&cx=c&gtm=45He4cb0v862680616za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ew.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 v2 Show response
api.viafoura.co/v2/ew.com/bootstrap/ 8 KB
3 KB 563ms
270ms Fetch
application/json 52.73.147.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viafoura.co/v2/ew.com/bootstrap/v2?session=false
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.147.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-147-88.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fdd84ee1a69779cad24c0c6b21213b515fb448137a28a8185d98b52cad5ec0ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

access-control-max-age: 86400
cache-control: max-age=0
content-encoding: gzip
pragma: no-cache
x-instance-id: i-0c7b61b19425dd7a7
access-control-allow-credentials: true
expires: Thu, 12 Dec 2024 11:30:45 GMT
access-control-allow-origin: https://ew.com
date: Thu, 12 Dec 2024 11:30:45 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/0192d96f-7618-7ea7-bcc4-1e8fd3c4f26e/ 375 KB
56 KB 102ms
101ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6a8c29a6-a4f7-4e30-b10e-b91e52b259ae/0192d96f-7618-7ea7-bcc4-1e8fd3c4f26e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3f5bf47ac3c912dd4a61e02d81256a807c7206d455732148e8f8882185383bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: Zu1FOGg8bst+7cnXgitHnA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DD035A7EABAC25
age: 52164
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 13 Dec 2024 11:30:44 GMT
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/json
last-modified: Tue, 12 Nov 2024 20:42:16 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 94f5c696-101e-00d4-3743-35daaa000000
cf-ray: 8f0d62551c18ef8d-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56722
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 iab2V2Data.json Show response
cdn.cookielaw.org/vendorlist/ 602 KB
78 KB 46ms
45ms Fetch
application/json 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2V2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4505550854eab5a5cf80e3acf390856c67d349f7858da1cb38e71845b28bffe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: YfdC8hBNPbvfoAVYW9TlPg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1A6B033C29FD
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 13770
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 11:30:44 GMT
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/json
last-modified: Thu, 12 Dec 2024 05:08:27 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 3bf657fa-f01e-0019-4453-4cbfe2000000
cf-ray: 8f0d62551c1bef8d-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79167
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 60 KB
17 KB 38ms
38ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: w7rriz6IwW2xtS9bVJshOg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCA5E56E73A9D1
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 9850
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:19:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: d59425b0-301e-0087-5eeb-30c6a5000000
cf-ray: 8f0d62551e56bbae-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17104
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otGPP.js Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/ 81 KB
17 KB 40ms
40ms Script
application/javascript 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/otGPP.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8126da8bb4af8f970a2acb8640a3c3d7a38bafc2dcbc41fde93fd55473a5de66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: zMjDHhMNQgqbyypFtxjSzA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 21914
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: application/javascript
last-modified: Tue, 16 Jul 2024 22:20:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b449c1c5-801e-007b-1334-3bf83a000000
cf-ray: 8f0d6255df62bbae-WAW
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 24 KB
4 KB 42ms
42ms Fetch
text/css 104.18.86.42
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 45713
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 11:30:44 GMT
content-type: text/css
last-modified: Tue, 16 Jul 2024 22:20:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ff2df51e-201e-007d-4d0c-410f42000000
cf-ray: 8f0d625699daef8d-WAW
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 id Show response
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-fdccfeac250b/contentcontainer/ 1 KB
511 B 597ms
303ms Fetch
application/json 18.214.67.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-fdccfeac250b/contentcontainer/id?container_id=8759119
Requested by: Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/entry/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.67.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-67-122.compute-1.amazonaws.com
Software: /
Resource Hash: d018d760ee3e4f6e1a27c3c25f45df176c26e39a69db6bf486f44cdb3265da51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

access-control-allow-origin: https://ew.com
content-length: 352
content-encoding: gzip
date: Thu, 12 Dec 2024 11:30:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

GET
H2 200 ingest
i.viafoura.co/v3/ew.com/ 67 B
200 B 518ms
234ms Image
image/png 184.72.230.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.viafoura.co/v3/ew.com/ingest?t=%7B%22view%22%3A%7B%22domain%22%3A%22ew.com%22%2C%22siteUuid%22%3A%2200000000-0000-4000-8000-fdccfeac250b%22%2C%22pageViews%22%3A1%2C%22outgoing%22%3A10%2C%22sessionStart%22%3A1734003045%2C%22isRecirculation%22%3Afalse%2C%22uniqueId%22%3A%22892ed310-5edf-4a5a-a7d8-56d0375bc5a4%22%2C%22firstVisit%22%3A1734003045%2C%22previousVisit%22%3A1734003045%2C%22currentVisit%22%3A1734003045%2C%22visitCount%22%3A1%2C%22referrerStart%22%3A1734003045%2C%22refVisitCount%22%3A1%2C%22ref%22%3A%7B%22medium%22%3A%22direct%22%2C%22source%22%3A%22%22%2C%22sharer_uuid%22%3A%22%22%2C%22terms%22%3A%22%22%7D%7D%2C%22meta%22%3A%7B%22domain%22%3A%22ew.com%22%2C%22site%22%3A%2200000000-0000-4000-8000-fdccfeac250b%22%2C%22section%22%3A%2200000000-0000-4000-8000-fdccfeac250b%22%2C%22pageImage%22%3A%22https%3A%2F%2Few.com%2Fthmb%2FBMkyC6DCpeOQOVDJnZ6m-8uzOy0%3D%2F1500x0%2Ffilters%3Ano_upscale()%3Amax_bytes(150000)%3Astrip_icc()%2FDrew-Barrymore-Show-Cynthia-Erivo-Tout-121024-4f46a04af8ae4a50adbdc659919f959c.jpg%22%2C%22ref%22%3A%7B%7D%2C%22vf%22%3Afalse%2C%22url%22%3A%22https%3A%2F%2Few.com%2Fdrew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119%22%2C%22path%22%3A%22%2Fdrew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119%22%2C%22title%22%3A%22Drew%20Barrymore%20tells%20Cynthia%20Erivo%20she%27s%20been%20%27warned%27%20to%20%27back%20off%27%20being%20%27touchy%27%20with%20guests%20on%20her%20show%22%2C%22privilege%22%3A%22guest%22%2C%22page_type%22%3A%22article%22%2C%22page_description%22%3A%22Drew%20Barrymore%20tells%20Cynthia%20Erivo%2C%20while%20hand-in-hand%2C%20she%27s%20been%20told%20to%20%27back%20off%27%20of%20being%20%27touchy%27%20with%20her%20guests%3A%20%27It%27s%20how%20we%20need%20to%20communicate%27%22%2C%22topics%22%3A%5B%5D%2C%22amp%22%3Afalse%2C%22thirdparty_enabled%22%3Afalse%2C%22container_id%22%3A%22%22%7D%2C%22ua%22%3A%7B%22nl%22%3A%22pl-PL%22%2C%22nu%22%3A%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%2C%22sd%22%3A24%2C%22vp%22%3A%221600x1200%22%2C%22dt%22%3A%22Cynthia%20Erivo%2C%20Drew%20Barrymore%20defend%20being%20%27touchy%27%22%2C%22de%22%3A%22UTF-8%22%2C%22dl%22%3A%22en%22%7D%2C%22rq%22%3A%22a08e0a1c-f828-4470-955d-1d55a2eba21d%22%2C%22w%22%3A%5B%22vf-conversations%22%2C%22vf-conversations-count%22%2C%22vf-tray%22%5D%2C%22event_type%22%3A%22analytics.view_lite%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 184.72.230.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-230-135.compute-1.amazonaws.com
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ew.com/drew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 67
date: Thu, 12 Dec 2024 11:30:45 GMT
content-type: image/png

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ew.com/	1970-01-21 11:16:03	Name: TMog Value: n11dbf93a6ede4227b944cdee55fa5a6b11
.ew.com/	1970-01-21 11:16:03	Name: globalTI_SID Value: 1cf4917e-f36a-4379-9509-cceb7bee5ffe
.ew.com/	1970-01-21 01:40:04	Name: Mint Value: n11dbf93a6ede4227b944cdee55fa5a6b11
.ew.com/	1969-12-31 23:59:59	Name: lb_ld Value: search
.ew.com/	1970-01-21 11:16:03	Name: _ga Value: GA1.1.1975582779.1734003045
.ew.com/	1970-01-21 11:16:03	Name: _ga_K7Z1YZPWW1 Value: GS1.1.1734003044.1.1.1734003044.0.0.0
.ew.com/	1970-01-21 10:25:39	Name: OTGPPConsent Value: DBABMA~CQJhYsAQJhYsAAcABBENBTFgAAAAAEPgAAYgAAAVGgcAALAAqABcADgAIAAZAA0AB4AD8AIgARwAmABiADQAHoAPwAhABHACcAFaAO6Ag4CEAEWAI4ATQAn4BnwDXgHEAOoAg8BDoCJwFNgKlAXQAvMBggDLAH9gSzAm8BOUCdIE9IKKAotBRkFHIKPAo-BSGCkgKSwUuBS8CmQFNQKeAVAAqMAA.YAAACHwAAAAA
.ew.com/	1970-01-21 10:25:39	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+12+2024+12%3A30%3A44+GMT%2B0100+(czas+%C5%9Brodkowoeuropejski+standardowy)&version=202406.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=326a62f3-cafe-42d7-a14c-e15cc99c464f&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Few.com%2Fdrew-barrymore-tells-cynthia-erivo-told-to-back-off-touchy-8759119&GPPCookiesCount=1&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.ew.com/	1970-01-21 10:25:39	Name: _vfa Value: ew%2Ecom.00000000-0000-4000-8000-fdccfeac250b.892ed310-5edf-4a5a-a7d8-56d0375bc5a4.1734003045.1734003045.1734003045.1
.ew.com/	1970-01-21 01:40:03	Name: _vfz Value: ew%2Ecom.00000000-0000-4000-8000-fdccfeac250b.1734003045.1.medium=direct\|source=\|sharer_uuid=\|terms=
.ew.com/	1970-01-21 01:40:04	Name: _vfb Value: ew%2Ecom.00000000-0000-4000-8000-fdccfeac250b.2.10.1734003045....

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	frame-ancestors 'self' .specless.io .specless.tech http://.seo.aws.about.com https://.seo.aws.about.com http://.dotdash.com https://.dotdash.com *.ew.com
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.viafoura.co
assets-jpcust.jwpsrv.com
cdn.cookielaw.org
cdn.jwplayer.com
cdn.viafoura.net
d30qdagvt44524.cloudfront.net
ew.com
i.viafoura.co
livecomments.viafoura.co
region1.google-analytics.com
securepubads.g.doubleclick.net
www.googletagmanager.com
104.18.86.42
142.250.186.34
142.250.186.72
151.101.130.137
151.101.194.114
18.214.67.122
18.245.78.133
18.66.102.53
18.66.147.104
184.72.230.135
216.239.34.36
52.73.147.88
0092aa436d237cef1ed71e72221ac84710238b9a02a79dbef405106a52f57ca1
1453b1f12cb154b64bdc2a952b93e39b4490a76cbaafa9de09f2291ce1338b0e
2fd33a65c5c61b608b67cb4aeef2a313f915c5c5f4813bee940c6f270d7bac5d
3446d1cde9b1d2d1b8d2b5b6d86fa421d19f37512b34b920b7fa72335798a400
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3d07ba48b66a584ac26200af0b3881f23e63ecb3aedff874efaabef9bb97cbcf
4505550854eab5a5cf80e3acf390856c67d349f7858da1cb38e71845b28bffe2
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
5715d10f82bbfbea745b5a0157fde799e38c29f9605aa120736cce6c44842f18
727b3ff0c716fa8e38788e3dab83691b06edf37ca523b826f9ef67700021516b
7b0880bea75932eb4fb144ae8b87a675f47032e31a03ba31029d45b069ea3737
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
8126da8bb4af8f970a2acb8640a3c3d7a38bafc2dcbc41fde93fd55473a5de66
83462967126205646a464b3b24c21fb45ddc1fc970af0ed618188241906d9c92
858d977679523d5a7f56845a7065f347888399d36691e65552cab60ff421a18d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92c778c2524e5f1096b75a9a00792bf4c992d72de737c8351c0de16761c8d01e
9a39bf6c6ffbd419b85eb21f144dbdf9e1ccad64ac15267cef1770177b2f5daa
a3f5bf47ac3c912dd4a61e02d81256a807c7206d455732148e8f8882185383bc
a42c5ca68de2325b34153a52a7b9a07dfe57f925700e20e2d8071363b0fc487a
b29f93242c1e80ab764711ee6775921072d608f0f4ea53ca9f426dc89b7bf817
cae0d7af664d2011f78a01feb7026f84947a1850bac4f9fd804b405d32f75977
d018d760ee3e4f6e1a27c3c25f45df176c26e39a69db6bf486f44cdb3265da51
d77a6327538371e08017fe335fc1494453745868c7e19541df2d3dad5f62e869
d7bd434ab241cc2bc07dbc508bede8ad585c70da497111d28aa5da41ce2027b9
dc219b8244c92bbb28e5660d7345f550e7e39cf78750596eba83acccc61e7231
e40e7b46b99c06e47841ff53e4417b6c887631d383aac28114e4ab83ccddc6f7
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
fdd84ee1a69779cad24c0c6b21213b515fb448137a28a8185d98b52cad5ec0ca

ew.com Open in urlscan Pro 151.101.130.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

97 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

11 IPs

2 Countries

1287 kBTransfer

4547 kBSize

11 Cookies

15 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ew.com Open in urlscan Pro
151.101.130.137 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

1287 kB
Transfer

4547 kB
Size

11
Cookies

32 HTTP transactions
0 data transactions